#
abff1833 |
| 06-Sep-2018 |
Daniel Stenberg |
setopt: add CURLOPT_DOH_URL Closes #2668
|
Revision tags: curl-7_61_0 |
|
#
8541d02c |
| 28-May-2018 |
Patrick Monnerat |
psl: use latest psl and refresh it periodically The latest psl is cached in the multi or share handle. It is refreshed before use after 72 hours. New share lock CURL_LOCK_DATA_PSL co
psl: use latest psl and refresh it periodically The latest psl is cached in the multi or share handle. It is refreshed before use after 72 hours. New share lock CURL_LOCK_DATA_PSL controls the psl cache sharing. If the latest psl is not available, the builtin psl is used. Reported-by: Yaakov Selkowitz Fixes #2553 Closes #2601
show more ...
|
Revision tags: curl-7_60_0, curl-7_59_0, curl-7_58_0, curl-7_57_0, curl-7_56_1, curl-7_56_0, curl-7_55_1, curl-7_55_0, curl-7_54_1, curl-7_54_0 |
|
#
89963002 |
| 10-Mar-2017 |
Dan McNulty |
schannel: add support for CURLOPT_CAINFO - Move verify_certificate functionality in schannel.c into a new file called schannel_verify.c. Additionally, some structure defintions f
schannel: add support for CURLOPT_CAINFO - Move verify_certificate functionality in schannel.c into a new file called schannel_verify.c. Additionally, some structure defintions from schannel.c have been moved to schannel.h to allow them to be used in schannel_verify.c. - Make verify_certificate functionality for Schannel available on all versions of Windows instead of just Windows CE. verify_certificate will be invoked on Windows CE or when the user specifies CURLOPT_CAINFO and CURLOPT_SSL_VERIFYPEER. - In verify_certificate, create a custom certificate chain engine that exclusively trusts the certificate store backed by the CURLOPT_CAINFO file. - doc updates of --cacert/CAINFO support for schannel - Use CERT_NAME_SEARCH_ALL_NAMES_FLAG when invoking CertGetNameString when available. This implements a TODO in schannel.c to improve handling of multiple SANs in a certificate. In particular, all SANs will now be searched instead of just the first name. - Update tool_operate.c to not search for the curl-ca-bundle.crt file when using Schannel to maintain backward compatibility. Previously, any curl-ca-bundle.crt file found in that search would have been ignored by Schannel. But, with CAINFO support, the file found by that search would have been used as the certificate store and could cause issues for any users that have curl-ca-bundle.crt in the search path. - Update url.c to not set the build time CURL_CA_BUNDLE if the selected SSL backend is Schannel. We allow setting CA location for schannel only when explicitly specified by the user via CURLOPT_CAINFO / --cacert. - Add new test cases 3000 and 3001. These test cases check that the first and last SAN, respectively, matches the connection hostname. New test certificates have been added for these cases. For 3000, the certificate prefix is Server-localhost-firstSAN and for 3001, the certificate prefix is Server-localhost-secondSAN. - Remove TODO 15.2 (Add support for custom server certificate validation), this commit addresses it. Closes https://github.com/curl/curl/pull/1325
show more ...
|
#
e04417d9 |
| 29-Jan-2018 |
Max Dymond |
Curl_range: commonize FTP and FILE range handling Closes #2205
|
#
4272a0b0 |
| 28-Jan-2018 |
Daniel Stenberg |
curl_ctype: private is*() type macros and functions ... since the libc provided one are locale dependent in a way we don't want. Also, the "native" isalnum() (for example) works differen
curl_ctype: private is*() type macros and functions ... since the libc provided one are locale dependent in a way we don't want. Also, the "native" isalnum() (for example) works differently on different platforms which caused test 1307 failures on macos only. Closes #2269
show more ...
|
#
c92d2e14 |
| 23-Oct-2017 |
Nikos Mavrogiannopoulos |
Added support for libssh SSH SCP back-end libssh is an alternative library to libssh2. https://www.libssh.org/ That patch set also introduces support for ECDSA ed25519 keys,
Added support for libssh SSH SCP back-end libssh is an alternative library to libssh2. https://www.libssh.org/ That patch set also introduces support for ECDSA ed25519 keys, as well as gssapi authentication. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
show more ...
|
#
aa7668b9 |
| 10-Nov-2017 |
Daniel Stenberg |
setopt: split out curl_easy_setopt() to its own file ... to make url.c smaller. Closes #1944
|
#
2b5b37cb |
| 30-Sep-2017 |
Florin |
auth: add support for RFC7616 - HTTP Digest access authentication Signed-off-by: Florin <petriuc.florin@gmail.com>
|
#
ce0881ed |
| 02-Sep-2017 |
Patrick Monnerat |
mime: new MIME API. Available in HTTP, SMTP and IMAP. Deprecates the FORM API. See CURLOPT_MIMEPOST. Lib code and associated documentation.
|
Revision tags: curl-7_53_1, curl-7_53_0, curl-7_52_1, curl-7_52_0 |
|
#
f682156a |
| 11-Nov-2016 |
Daniel Stenberg |
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number o
Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
show more ...
|
Revision tags: curl-7_51_0 |
|
#
811a693b |
| 30-Sep-2016 |
Daniel Stenberg |
strcasecompare: all case insensitive string compares ignore locale now We had some confusions on when each function was used. We should not act differently on different locales anyway.
|
#
502acba2 |
| 30-Sep-2016 |
Daniel Stenberg |
strcasecompare: is the new name for strequal() ... to make it less likely that we forget that the function actually does case insentive compares. Also replaced several invokes of the
strcasecompare: is the new name for strequal() ... to make it less likely that we forget that the function actually does case insentive compares. Also replaced several invokes of the function with a plain strcmp when case sensitivity is not an issue (like comparing with "-").
show more ...
|
Revision tags: curl-7_50_3, curl-7_50_2, curl-7_50_1, curl-7_50_0 |
|
#
6df916d7 |
| 29-May-2016 |
Steve Holme |
loadlibrary: Only load system DLLs from the system directory Inspiration provided by: Daniel Stenberg and Ray Satiro Bug: https://curl.haxx.se/docs/adv_20160530.html Ref: W
loadlibrary: Only load system DLLs from the system directory Inspiration provided by: Daniel Stenberg and Ray Satiro Bug: https://curl.haxx.se/docs/adv_20160530.html Ref: Windows DLL hijacking with curl, CVE-2016-4802
show more ...
|
Revision tags: curl-7_49_1, curl-7_49_0 |
|
#
f0bdd72c |
| 27-Mar-2016 |
Steve Holme |
http_ntlm: Renamed from curl_ntlm.[c|h] Renamed the header and source files for this module as they are HTTP specific and as such, they should use the naming convention as other HTTP
http_ntlm: Renamed from curl_ntlm.[c|h] Renamed the header and source files for this module as they are HTTP specific and as such, they should use the naming convention as other HTTP authentication source files do - this revert commit 260ee6b7bf. Note: We could also rename curl_ntlm_wb.[c|h], however, the Winbind code needs separating from the HTTP protocol and migrating into the vauth directory, thus adding support for Winbind to the SASL based protocols such as IMAP, POP3 and SMTP.
show more ...
|
Revision tags: curl-7_48_0 |
|
#
4adee194 |
| 13-Mar-2016 |
Steve Holme |
http_negotiate: Combine GSS-API and SSPI source files As the GSS-API and SSPI based source files are no longer library/API specific, following the extraction of that authentication code
http_negotiate: Combine GSS-API and SSPI source files As the GSS-API and SSPI based source files are no longer library/API specific, following the extraction of that authentication code to the vauth directory, combine these files rather than maintain two separate versions.
show more ...
|
#
6d6f9ca1 |
| 13-Mar-2016 |
Steve Holme |
vauth: Moved the Negotiate authentication code to the new vauth directory Part 2 of 2 - Moved the GSS-API based Negotiate authentication code.
|
#
ad5e9bfd |
| 13-Mar-2016 |
Steve Holme |
vauth: Moved the Negotiate authentication code to the new vauth directory Part 1 of 2 - Moved the SSPI based Negotiate authentication code.
|
#
7d2a5a05 |
| 13-Mar-2016 |
Steve Holme |
vauth: Updated the copyright year after recent changes As most of this work was performed in 2015 but not pushed until 2016 updated the copyright year to reflect the public facing change
vauth: Updated the copyright year after recent changes As most of this work was performed in 2015 but not pushed until 2016 updated the copyright year to reflect the public facing changes.
show more ...
|
Revision tags: curl-7_47_1, curl-7_47_0, curl-7_46_0, curl-7_45_0 |
|
#
70e56939 |
| 12-Sep-2015 |
Steve Holme |
vauth: Moved the OAuth 2.0 authentication code to the new vauth directory
|
#
6012fa5a |
| 12-Sep-2015 |
Steve Holme |
vauth: Moved the NTLM authentication code to the new vauth directory
|
#
e1dca8a1 |
| 12-Sep-2015 |
Steve Holme |
vauth: Moved the Kerberos V5 authentication code to the new vauth directory
|
#
51358a3f |
| 12-Sep-2015 |
Steve Holme |
vauth: Moved the DIGEST authentication code to the new vauth directory
|
#
ec5b8dc6 |
| 12-Sep-2015 |
Steve Holme |
vauth: Moved the CRAM-MD5 authentication code to the new vauth directory
|
#
6101e358 |
| 12-Sep-2015 |
Steve Holme |
vauth: Moved the ClearText authentication code to the new vauth directory
|
#
685fee38 |
| 12-Sep-2015 |
Steve Holme |
vauth: Moved Curl_sasl_build_spn() to create the initial vauth source files
|