| #
fb823d24 |
| 18-Apr-2016 |
Daniel Stenberg |
configure: remove check for libresolve
'strncasecmp' was once provided by libresolv (no trailing e) for SunOS,
but this check is broken and most likely adds nothing useful. Removing
configure: remove check for libresolve
'strncasecmp' was once provided by libresolv (no trailing e) for SunOS,
but this check is broken and most likely adds nothing useful. Removing
now.
Reported-by: Irfan Adilovic
Discussed in #770
show more ...
|
| #
79216287 |
| 29-Mar-2016 |
Jay Satiro |
wolfssl: Use ECC supported curves extension
https://github.com/wolfSSL/wolfssl/issues/366
|
| #
a43b22e0 |
| 28-Mar-2016 |
Jay Satiro |
wolfssl: Add ALPN support
|
|
Revision tags: curl-7_48_0 |
|
| #
3ae77f07 |
| 25-Feb-2016 |
Jay Satiro |
configure: warn on invalid ca bundle or path
- Warn if --with-ca-bundle file does not exist.
- Warn if --with-ca-path directory does not contain certificates.
- Improve hel
configure: warn on invalid ca bundle or path
- Warn if --with-ca-bundle file does not exist.
- Warn if --with-ca-path directory does not contain certificates.
- Improve help messages for both.
Example configure output:
ca cert bundle: /some/file (warning: certs not found)
ca cert path: /some/dir (warning: certs not found)
Bug: https://github.com/curl/curl/issues/404
Reported-by: Jeffrey Walton
show more ...
|
| #
6b64d735 |
| 09-Feb-2016 |
Daniel Stenberg |
configure: state "BoringSSL" in summary when that was detected
|
| #
39c803cb |
| 09-Feb-2016 |
David Benjamin |
openssl: remove most BoringSSL #ifdefs.
As of https://boringssl-review.googlesource.com/#/c/6980/, almost all of
BoringSSL #ifdefs in cURL should be unnecessary:
- BoringSSL pro
openssl: remove most BoringSSL #ifdefs.
As of https://boringssl-review.googlesource.com/#/c/6980/, almost all of
BoringSSL #ifdefs in cURL should be unnecessary:
- BoringSSL provides no-op stubs for compatibility which replaces most
#ifdefs.
- DES_set_odd_parity has been in BoringSSL for nearly a year now. Remove
the compatibility codepath.
- With a small tweak to an extend_key_56_to_64 call, the NTLM code
builds fine.
- Switch OCSP-related #ifdefs to the more generally useful
OPENSSL_NO_OCSP.
The only #ifdefs which remain are Curl_ossl_version and the #undefs to
work around OpenSSL and wincrypt.h name conflicts. (BoringSSL leaves
that to the consumer. The in-header workaround makes things sensitive to
include order.)
This change errs on the side of removing conditionals despite many of
the restored codepaths being no-ops. (BoringSSL generally adds no-op
compatibility stubs when possible. OPENSSL_VERSION_NUMBER #ifdefs are
bad enough!)
Closes #640
show more ...
|
|
Revision tags: curl-7_47_1, curl-7_47_0, curl-7_46_0, curl-7_45_0, curl-7_44_0, curl-7_43_0, curl-7_42_1, curl-7_42_0 |
|
| #
7b55279d |
| 24-Mar-2015 |
Ludwig Nussel |
configure: --with-ca-fallback: use built-in TLS CA fallback
When trying to verify a peer without having any root CA certificates
set, this makes libcurl use the TLS library's built in de
configure: --with-ca-fallback: use built-in TLS CA fallback
When trying to verify a peer without having any root CA certificates
set, this makes libcurl use the TLS library's built in default as
fallback.
Closes #569
show more ...
|
| #
4af40b36 |
| 02-Feb-2016 |
Daniel Stenberg |
URLs: change all http:// URLs to https://
|
| #
d33dd0b1 |
| 02-Feb-2016 |
Daniel Stenberg |
configure: update the copyright year range in output
|
| #
4bed87f8 |
| 12-Jan-2016 |
Daniel Stenberg |
configure: assume IPv6 works when cross-compiled
The configure test uses AC_TRY_RUN to figure out if an ipv6 socket
works, and testing like that doesn't work for cross-compiles. These da
configure: assume IPv6 works when cross-compiled
The configure test uses AC_TRY_RUN to figure out if an ipv6 socket
works, and testing like that doesn't work for cross-compiles. These days
IPv6 support is widespread so a blind guess is probably more likely to
be 'yes' than 'no' now.
Further: anyone who cross-compiles can use configure's --disable-ipv6 to
explicitly disable IPv6 and that also works for cross-compiles.
Made happen after discussions in issue #594
show more ...
|
| #
c208c783 |
| 17-Sep-2015 |
Johannes Schindelin |
configure: detect IPv6 support on Windows
This patch was "nicked" from the MINGW-packages project by Daniel.
https://github.com/Alexpux/MINGW-packages/commit/9253d0bf58a1486e91f7efb
configure: detect IPv6 support on Windows
This patch was "nicked" from the MINGW-packages project by Daniel.
https://github.com/Alexpux/MINGW-packages/commit/9253d0bf58a1486e91f7efb5316e7fdb48fa4007
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
show more ...
|
| #
151da514 |
| 16-Dec-2015 |
Daniel Stenberg |
cyassl: deal with lack of *get_peer_certificate
The function is only present in wolfssl/cyassl if it was built with
--enable-opensslextra. With these checks added, pinning support is dis
cyassl: deal with lack of *get_peer_certificate
The function is only present in wolfssl/cyassl if it was built with
--enable-opensslextra. With these checks added, pinning support is disabled
unless the TLS lib has that function available.
Also fix the mistake in configure that checks for the wrong lib name.
Closes #566
show more ...
|
| #
1ff3a07b |
| 16-Dec-2015 |
Daniel Stenberg |
wolfssl: handle builds without SSLv3 support
|
| #
be0d4141 |
| 20-Nov-2015 |
Daniel Shahaf |
build: Install zsh completion
Fixes #534
Closes #537
|
| #
72d99f2e |
| 23-Oct-2015 |
Jay Satiro |
build: Fix mingw ssl gdi32 order
- If mingw ssl make sure -lgdi32 comes after ssl libs
- Allow PKG_CONFIG to set pkg-config location and options
Bug: https://github.com/bag
build: Fix mingw ssl gdi32 order
- If mingw ssl make sure -lgdi32 comes after ssl libs
- Allow PKG_CONFIG to set pkg-config location and options
Bug: https://github.com/bagder/curl/pull/501
Reported-by: Kang Lin
show more ...
|
| #
fe7590f7 |
| 19-Oct-2015 |
Jonas Minnberg |
vtls: added support for mbedTLS
closes #496
|
| #
5cf01666 |
| 17-Oct-2015 |
Daniel Stenberg |
configure: add PSL to the list of features
... to make test 1014 work again after e77b5b7453.
|
| #
e77b5b74 |
| 29-Sep-2015 |
Tim Rühsen |
cookies: Add support for Mozilla's Publix Suffix List
Use libpsl to check the domain value of Set-Cookie headers (and cookie
jar entries) for not being a Publix Suffix.
The conf
cookies: Add support for Mozilla's Publix Suffix List
Use libpsl to check the domain value of Set-Cookie headers (and cookie
jar entries) for not being a Publix Suffix.
The configure script checks for "libpsl" by default. Disable the check
with --without-libpsl.
Ref: https://publicsuffix.org/
Ref: https://github.com/publicsuffix/list
Ref: https://github.com/rockdaboot/libpsl
show more ...
|
| #
3771da33 |
| 07-Oct-2015 |
Daniel Stenberg |
configure: build silently by default
'make V=1' will make the build verbose like before
|
| #
6b56901b |
| 21-Sep-2015 |
Mike Crowe |
gnutls: Support CURLOPT_KEYPASSWD
The gnutls vtls back-end was previously ignoring any password set via
CURLOPT_KEYPASSWD. Presumably this was because
gnutls_certificate_set_x509_key
gnutls: Support CURLOPT_KEYPASSWD
The gnutls vtls back-end was previously ignoring any password set via
CURLOPT_KEYPASSWD. Presumably this was because
gnutls_certificate_set_x509_key_file did not support encrypted keys.
gnutls now has a gnutls_certificate_set_x509_key_file2 function that
does support encrypted keys. Let's determine at compile time whether the
available gnutls supports this new function. If it does then use it to
pass the password. If it does not then emit a helpful diagnostic if a
password is set. This is preferable to the previous behaviour of just
failing to read the certificate without giving a reason in that case.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
show more ...
|
| #
eb8283bb |
| 30-Aug-2015 |
Daniel Stenberg |
configure: check for HMAC_Update in openssl
Turns out HMAC_Init is now deprecated in openssl master (and I spelled
HMAC_Init_ex wrong in previous commit)
|
| #
2c12ac8d |
| 21-Aug-2015 |
Daniel Stenberg |
configure: detect latest boringssl
Since boringssl brought back DES_set_odd_parity again, it cannot be used
to differentiate from boringssl. Using the OPENSSL_IS_BORINGSSL define
see
configure: detect latest boringssl
Since boringssl brought back DES_set_odd_parity again, it cannot be used
to differentiate from boringssl. Using the OPENSSL_IS_BORINGSSL define
seems better anyway.
URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/
Original-patch-by: Bertrand Simonnet
Closes #393
show more ...
|
| #
30aa38c8 |
| 21-Aug-2015 |
Daniel Stenberg |
configure: change functions to detect openssl (clones)
... since boringssl moved the former ones and the check started to fail.
URL: https://android.googlesource.com/platform/extern
configure: change functions to detect openssl (clones)
... since boringssl moved the former ones and the check started to fail.
URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/
Original-patch-by: Bertrand Simonnet
show more ...
|
| #
0b8e9c85 |
| 10-Aug-2015 |
Daniel Stenberg |
Revert "configure: disable libidn by default"
This reverts commit e6749055d65398315fd77f5b5b8234c5552ac2d3.
... since libidn has since been fixed.
|
| #
a284b0eb |
| 25-Jul-2015 |
Daniel Stenberg |
configure: check if OpenSSL linking wants -ldl
To make it easier to link with static versions of OpenSSL, the configure
script now checks if -ldl is needed for linking.
Help-by:
configure: check if OpenSSL linking wants -ldl
To make it easier to link with static versions of OpenSSL, the configure
script now checks if -ldl is needed for linking.
Help-by: TJ Saunders
show more ...
|
