|
Revision tags: curl-7_54_1, curl-7_54_0, curl-7_53_1, curl-7_53_0 |
|
| #
807698db |
| 12-Jan-2017 |
Daniel Stenberg |
rand: make it work without TLS backing
Regression introduced in commit f682156a4fc6c4
Reported-by: John Kohl
Bug: https://curl.haxx.se/mail/lib-2017-01/0055.html
|
|
Revision tags: curl-7_52_1, curl-7_52_0 |
|
| #
a4b2f7aa |
| 25-Nov-2016 |
Okhin Vasilij |
curl_version_info: add CURL_VERSION_HTTPS_PROXY
Closes #1142
|
|
Revision tags: curl-7_51_0, curl-7_50_3, curl-7_50_2, curl-7_50_1, curl-7_50_0 |
|
| #
434f8d03 |
| 21-Jun-2016 |
Daniel Stenberg |
internals: rename the SessionHandle struct to Curl_easy
|
|
Revision tags: curl-7_49_1, curl-7_49_0 |
|
| #
283babfa |
| 01-May-2016 |
Daniel Stenberg |
tls: make setting pinnedkey option fail if not supported
to make it obvious to users trying to use the feature with TLS backends
not supporting it.
Discussed in #781
Reporte
tls: make setting pinnedkey option fail if not supported
to make it obvious to users trying to use the feature with TLS backends
not supporting it.
Discussed in #781
Reported-by: Travis Burtrum
show more ...
|
|
Revision tags: curl-7_48_0, curl-7_47_1 |
|
| #
4af40b36 |
| 02-Feb-2016 |
Daniel Stenberg |
URLs: change all http:// URLs to https://
|
|
Revision tags: curl-7_47_0, curl-7_46_0, curl-7_45_0 |
|
| #
82e3e8e3 |
| 17-Sep-2015 |
Daniel Stenberg |
openssl: build with < 0.9.8
... without sha256 support and no define saying so.
Reported-by: Rajkumar Mandal
|
|
Revision tags: curl-7_44_0 |
|
| #
79416fb2 |
| 02-Jul-2015 |
John Malmberg |
openssl: VMS support for SHA256
setup-vms.h: More symbols for SHA256, hacks for older VAX
openssl.h: Use OpenSSL OPENSSL_NO_SHA256 macro to allow building on VAX.
openssl.c
openssl: VMS support for SHA256
setup-vms.h: More symbols for SHA256, hacks for older VAX
openssl.h: Use OpenSSL OPENSSL_NO_SHA256 macro to allow building on VAX.
openssl.c: Use OpenSSL version checks and OPENSSL_NO_SHA256 macro to
allow building on VAX and 64 bit VMS.
show more ...
|
| #
55b78c5a |
| 01-Jul-2015 |
moparisthebest |
SSL: Pinned public key hash support
|
|
Revision tags: curl-7_43_0, curl-7_42_1, curl-7_42_0 |
|
| #
186e46d8 |
| 12-Mar-2015 |
Daniel Stenberg |
openssl: use colons properly in the ciphers list
While the previous string worked, this is the documented format.
Reported-by: Richard Moore
|
| #
0d1060f2 |
| 12-Mar-2015 |
Daniel Stenberg |
openssl: sort the ciphers on strength
This makes curl pick better (stronger) ciphers by default. The strongest
available ciphers are fine according to the HTTP/2 spec so an OpenSSL
b
openssl: sort the ciphers on strength
This makes curl pick better (stronger) ciphers by default. The strongest
available ciphers are fine according to the HTTP/2 spec so an OpenSSL
built curl is no longer rejected by string HTTP/2 servers.
Bug: http://curl.haxx.se/bug/view.cgi?id=1487
show more ...
|
| #
709cf76f |
| 05-Mar-2015 |
Daniel Stenberg |
openssl: remove all uses of USE_SSLEAY
SSLeay was the name of the library that was subsequently turned into
OpenSSL many moons ago (1999). curl does not work with the old SSLeay
libr
openssl: remove all uses of USE_SSLEAY
SSLeay was the name of the library that was subsequently turned into
OpenSSL many moons ago (1999). curl does not work with the old SSLeay
library since years. This is now reflected by only using USE_OPENSSL in
code that depends on OpenSSL.
show more ...
|
|
Revision tags: curl-7_41_0, curl-7_40_0, curl-7_39_0, curl-7_38_0, curl-7_37_1 |
|
| #
d1cf5d57 |
| 16-Jun-2014 |
Alessandro Ghedini |
openssl: add support for the Certificate Status Request TLS extension
Also known as "status_request" or OCSP stapling, defined in RFC6066
section 8.
Thanks-to: Joe Mason
- f
openssl: add support for the Certificate Status Request TLS extension
Also known as "status_request" or OCSP stapling, defined in RFC6066
section 8.
Thanks-to: Joe Mason
- for the work-around for the OpenSSL bug.
show more ...
|
| #
8bb3443a |
| 17-Jan-2015 |
Steve Holme |
vtls: Separate the SSL backend definition from the API setup
Slight code cleanup as the SSL backend #define is mixed up with the API
function setup.
|
| #
037cd0d9 |
| 28-Dec-2014 |
Steve Holme |
vtls: Fixed compilation warning and an ignored return code
curl_schannel.h:123: warning: right-hand operand of comma expression
has no effect
Some instances
vtls: Fixed compilation warning and an ignored return code
curl_schannel.h:123: warning: right-hand operand of comma expression
has no effect
Some instances of the curlssl_close_all() function were declared with a
void return type whilst others as int. The schannel version returned
CURLE_NOT_BUILT_IN and others simply returned zero, but in all cases the
return code was ignored by the calling function Curl_ssl_close_all().
For the time being and to keep the internal API consistent, changed all
declarations to use a void return type.
To reduce code we might want to consider removing the unimplemented
versions and use a void #define like schannel does.
show more ...
|
| #
8fdf832e |
| 13-Oct-2014 |
Patrick Monnerat |
vtls/*: deprecate have_curlssl_md5sum and set-up default md5sum implementation
|
| #
d57d041d |
| 13-Sep-2014 |
Daniel Stenberg |
curlssl: make tls backend symbols use curlssl in the name
|
| #
4c2e40a4 |
| 13-Sep-2014 |
Daniel Stenberg |
url: let the backend decide CURLOPT_SSL_CTX_ support
... to further remove specific TLS backend knowledge from url.c
|
| #
7494f0f4 |
| 13-Sep-2014 |
Daniel Stenberg |
vtls: have the backend tell if it supports CERTINFO
|
| #
8250f93d |
| 13-Sep-2014 |
Daniel Stenberg |
CURLOPT_CAPATH: return failure if set without backend support
|
| #
a439e438 |
| 31-Jul-2014 |
Daniel Stenberg |
ssl: generalize how the ssl backend identifier is set
Each backend now defines CURL_SSL_BACKEND accordingly. Added the *AXTLS
one which was missing previously.
|
| #
8dfd2208 |
| 03-Jun-2014 |
Daniel Stenberg |
vtls: make the random function mandatory in the TLS backend
To force each backend implementation to really attempt to provide proper
random. If a proper random function is missing, then
vtls: make the random function mandatory in the TLS backend
To force each backend implementation to really attempt to provide proper
random. If a proper random function is missing, then we can explicitly
make use of the default one we use when TLS support is missing.
This commit makes sure it works for darwinssl, gnutls, nss and openssl.
show more ...
|
|
Revision tags: curl-7_37_0, curl-7_36_0, curl-7_35_0 |
|
| #
3b5c75ef |
| 10-Jan-2014 |
Daniel Stenberg |
OpenSSL: deselect weak ciphers by default
By default even recent versions of OpenSSL support and accept both
"export strength" ciphers, small-bitsize ciphers as well as downright
dep
OpenSSL: deselect weak ciphers by default
By default even recent versions of OpenSSL support and accept both
"export strength" ciphers, small-bitsize ciphers as well as downright
deprecated ones.
This change sets a default cipher set that avoids the worst ciphers, and
subsequently makes https://www.howsmyssl.com/a/check no longer grade
curl/OpenSSL connects as 'Bad'.
Bug: http://curl.haxx.se/bug/view.cgi?id=1323
Reported-by: Jeff Hodges
show more ...
|
| #
f88f9bed |
| 25-Dec-2013 |
Steve Holme |
vtls: Updated comments referencing sslgen.c and ssluse.c
|
| #
92b9ae5c |
| 17-Dec-2013 |
Daniel Stenberg |
openssl: renamed backend files to openssl.[ch]
|
