#
fb823d24 |
| 18-Apr-2016 |
Daniel Stenberg |
configure: remove check for libresolve 'strncasecmp' was once provided by libresolv (no trailing e) for SunOS, but this check is broken and most likely adds nothing useful. Removing
configure: remove check for libresolve 'strncasecmp' was once provided by libresolv (no trailing e) for SunOS, but this check is broken and most likely adds nothing useful. Removing now. Reported-by: Irfan Adilovic Discussed in #770
show more ...
|
#
79216287 |
| 29-Mar-2016 |
Jay Satiro |
wolfssl: Use ECC supported curves extension https://github.com/wolfSSL/wolfssl/issues/366
|
#
a43b22e0 |
| 28-Mar-2016 |
Jay Satiro |
wolfssl: Add ALPN support
|
Revision tags: curl-7_48_0 |
|
#
3ae77f07 |
| 25-Feb-2016 |
Jay Satiro |
configure: warn on invalid ca bundle or path - Warn if --with-ca-bundle file does not exist. - Warn if --with-ca-path directory does not contain certificates. - Improve hel
configure: warn on invalid ca bundle or path - Warn if --with-ca-bundle file does not exist. - Warn if --with-ca-path directory does not contain certificates. - Improve help messages for both. Example configure output: ca cert bundle: /some/file (warning: certs not found) ca cert path: /some/dir (warning: certs not found) Bug: https://github.com/curl/curl/issues/404 Reported-by: Jeffrey Walton
show more ...
|
#
6b64d735 |
| 09-Feb-2016 |
Daniel Stenberg |
configure: state "BoringSSL" in summary when that was detected
|
#
39c803cb |
| 09-Feb-2016 |
David Benjamin |
openssl: remove most BoringSSL #ifdefs. As of https://boringssl-review.googlesource.com/#/c/6980/, almost all of BoringSSL #ifdefs in cURL should be unnecessary: - BoringSSL pro
openssl: remove most BoringSSL #ifdefs. As of https://boringssl-review.googlesource.com/#/c/6980/, almost all of BoringSSL #ifdefs in cURL should be unnecessary: - BoringSSL provides no-op stubs for compatibility which replaces most #ifdefs. - DES_set_odd_parity has been in BoringSSL for nearly a year now. Remove the compatibility codepath. - With a small tweak to an extend_key_56_to_64 call, the NTLM code builds fine. - Switch OCSP-related #ifdefs to the more generally useful OPENSSL_NO_OCSP. The only #ifdefs which remain are Curl_ossl_version and the #undefs to work around OpenSSL and wincrypt.h name conflicts. (BoringSSL leaves that to the consumer. The in-header workaround makes things sensitive to include order.) This change errs on the side of removing conditionals despite many of the restored codepaths being no-ops. (BoringSSL generally adds no-op compatibility stubs when possible. OPENSSL_VERSION_NUMBER #ifdefs are bad enough!) Closes #640
show more ...
|
Revision tags: curl-7_47_1, curl-7_47_0, curl-7_46_0, curl-7_45_0, curl-7_44_0, curl-7_43_0, curl-7_42_1, curl-7_42_0 |
|
#
7b55279d |
| 24-Mar-2015 |
Ludwig Nussel |
configure: --with-ca-fallback: use built-in TLS CA fallback When trying to verify a peer without having any root CA certificates set, this makes libcurl use the TLS library's built in de
configure: --with-ca-fallback: use built-in TLS CA fallback When trying to verify a peer without having any root CA certificates set, this makes libcurl use the TLS library's built in default as fallback. Closes #569
show more ...
|
#
4af40b36 |
| 02-Feb-2016 |
Daniel Stenberg |
URLs: change all http:// URLs to https://
|
#
d33dd0b1 |
| 02-Feb-2016 |
Daniel Stenberg |
configure: update the copyright year range in output
|
#
4bed87f8 |
| 12-Jan-2016 |
Daniel Stenberg |
configure: assume IPv6 works when cross-compiled The configure test uses AC_TRY_RUN to figure out if an ipv6 socket works, and testing like that doesn't work for cross-compiles. These da
configure: assume IPv6 works when cross-compiled The configure test uses AC_TRY_RUN to figure out if an ipv6 socket works, and testing like that doesn't work for cross-compiles. These days IPv6 support is widespread so a blind guess is probably more likely to be 'yes' than 'no' now. Further: anyone who cross-compiles can use configure's --disable-ipv6 to explicitly disable IPv6 and that also works for cross-compiles. Made happen after discussions in issue #594
show more ...
|
#
c208c783 |
| 17-Sep-2015 |
Johannes Schindelin |
configure: detect IPv6 support on Windows This patch was "nicked" from the MINGW-packages project by Daniel. https://github.com/Alexpux/MINGW-packages/commit/9253d0bf58a1486e91f7efb
configure: detect IPv6 support on Windows This patch was "nicked" from the MINGW-packages project by Daniel. https://github.com/Alexpux/MINGW-packages/commit/9253d0bf58a1486e91f7efb5316e7fdb48fa4007 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
show more ...
|
#
151da514 |
| 16-Dec-2015 |
Daniel Stenberg |
cyassl: deal with lack of *get_peer_certificate The function is only present in wolfssl/cyassl if it was built with --enable-opensslextra. With these checks added, pinning support is dis
cyassl: deal with lack of *get_peer_certificate The function is only present in wolfssl/cyassl if it was built with --enable-opensslextra. With these checks added, pinning support is disabled unless the TLS lib has that function available. Also fix the mistake in configure that checks for the wrong lib name. Closes #566
show more ...
|
#
1ff3a07b |
| 16-Dec-2015 |
Daniel Stenberg |
wolfssl: handle builds without SSLv3 support
|
#
be0d4141 |
| 20-Nov-2015 |
Daniel Shahaf |
build: Install zsh completion Fixes #534 Closes #537
|
#
72d99f2e |
| 23-Oct-2015 |
Jay Satiro |
build: Fix mingw ssl gdi32 order - If mingw ssl make sure -lgdi32 comes after ssl libs - Allow PKG_CONFIG to set pkg-config location and options Bug: https://github.com/bag
build: Fix mingw ssl gdi32 order - If mingw ssl make sure -lgdi32 comes after ssl libs - Allow PKG_CONFIG to set pkg-config location and options Bug: https://github.com/bagder/curl/pull/501 Reported-by: Kang Lin
show more ...
|
#
fe7590f7 |
| 19-Oct-2015 |
Jonas Minnberg |
vtls: added support for mbedTLS closes #496
|
#
5cf01666 |
| 17-Oct-2015 |
Daniel Stenberg |
configure: add PSL to the list of features ... to make test 1014 work again after e77b5b7453.
|
#
e77b5b74 |
| 29-Sep-2015 |
Tim Rühsen |
cookies: Add support for Mozilla's Publix Suffix List Use libpsl to check the domain value of Set-Cookie headers (and cookie jar entries) for not being a Publix Suffix. The conf
cookies: Add support for Mozilla's Publix Suffix List Use libpsl to check the domain value of Set-Cookie headers (and cookie jar entries) for not being a Publix Suffix. The configure script checks for "libpsl" by default. Disable the check with --without-libpsl. Ref: https://publicsuffix.org/ Ref: https://github.com/publicsuffix/list Ref: https://github.com/rockdaboot/libpsl
show more ...
|
#
3771da33 |
| 07-Oct-2015 |
Daniel Stenberg |
configure: build silently by default 'make V=1' will make the build verbose like before
|
#
6b56901b |
| 21-Sep-2015 |
Mike Crowe |
gnutls: Support CURLOPT_KEYPASSWD The gnutls vtls back-end was previously ignoring any password set via CURLOPT_KEYPASSWD. Presumably this was because gnutls_certificate_set_x509_key
gnutls: Support CURLOPT_KEYPASSWD The gnutls vtls back-end was previously ignoring any password set via CURLOPT_KEYPASSWD. Presumably this was because gnutls_certificate_set_x509_key_file did not support encrypted keys. gnutls now has a gnutls_certificate_set_x509_key_file2 function that does support encrypted keys. Let's determine at compile time whether the available gnutls supports this new function. If it does then use it to pass the password. If it does not then emit a helpful diagnostic if a password is set. This is preferable to the previous behaviour of just failing to read the certificate without giving a reason in that case. Signed-off-by: Mike Crowe <mac@mcrowe.com>
show more ...
|
#
eb8283bb |
| 30-Aug-2015 |
Daniel Stenberg |
configure: check for HMAC_Update in openssl Turns out HMAC_Init is now deprecated in openssl master (and I spelled HMAC_Init_ex wrong in previous commit)
|
#
2c12ac8d |
| 21-Aug-2015 |
Daniel Stenberg |
configure: detect latest boringssl Since boringssl brought back DES_set_odd_parity again, it cannot be used to differentiate from boringssl. Using the OPENSSL_IS_BORINGSSL define see
configure: detect latest boringssl Since boringssl brought back DES_set_odd_parity again, it cannot be used to differentiate from boringssl. Using the OPENSSL_IS_BORINGSSL define seems better anyway. URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/ Original-patch-by: Bertrand Simonnet Closes #393
show more ...
|
#
30aa38c8 |
| 21-Aug-2015 |
Daniel Stenberg |
configure: change functions to detect openssl (clones) ... since boringssl moved the former ones and the check started to fail. URL: https://android.googlesource.com/platform/extern
configure: change functions to detect openssl (clones) ... since boringssl moved the former ones and the check started to fail. URL: https://android.googlesource.com/platform/external/curl/+/f551028d5caab29d4b4a4ae8c159c76c3cfd4887%5E!/ Original-patch-by: Bertrand Simonnet
show more ...
|
#
0b8e9c85 |
| 10-Aug-2015 |
Daniel Stenberg |
Revert "configure: disable libidn by default" This reverts commit e6749055d65398315fd77f5b5b8234c5552ac2d3. ... since libidn has since been fixed.
|
#
a284b0eb |
| 25-Jul-2015 |
Daniel Stenberg |
configure: check if OpenSSL linking wants -ldl To make it easier to link with static versions of OpenSSL, the configure script now checks if -ldl is needed for linking. Help-by:
configure: check if OpenSSL linking wants -ldl To make it easier to link with static versions of OpenSSL, the configure script now checks if -ldl is needed for linking. Help-by: TJ Saunders
show more ...
|