| #
1f877b0f |
| 18-Jul-2024 |
Orgad Shaneh |
md4: fix compilation with OpenSSL 1.x with md4 disabled
If OpenSSL 1.x is used, and it is configured with md4 disabled,
OPENSSL_NO_MD4 is defined in opensslconf.h, but this header was no
md4: fix compilation with OpenSSL 1.x with md4 disabled
If OpenSSL 1.x is used, and it is configured with md4 disabled,
OPENSSL_NO_MD4 is defined in opensslconf.h, but this header was not
included before checking for this define.
Later in md4.c, openssl/md4.h is included, and it includes that header
indirectly, leading to inconsistency within md4.c.
Since the md4.h branch was taken, wincrypt.h (or others) is not
included, and later below the USE_WIN32_CRYPTO branch is taken, but the
types are not defined.
Closes #14218
show more ...
|
| #
c074ba64 |
| 01-Jul-2024 |
Daniel Stenberg |
code: language cleanup in comments
Based on the standards and guidelines we use for our documentation.
- expand contractions (they're => they are etc)
- host name = > hostname
code: language cleanup in comments
Based on the standards and guidelines we use for our documentation.
- expand contractions (they're => they are etc)
- host name = > hostname
- file name => filename
- user name = username
- man page => manpage
- run-time => runtime
- set-up => setup
- back-end => backend
- a HTTP => an HTTP
- Two spaces after a period => one space after period
Closes #14073
show more ...
|
| #
ca8cb245 |
| 21-May-2024 |
Viktor Szakats |
cmake: fix building with both md4 and md5 in unity mode
Macro and static function names were colliding between
`lib/md4.c` and
`lib/md5.c`.
Fix it by namespacing these symbo
cmake: fix building with both md4 and md5 in unity mode
Macro and static function names were colliding between
`lib/md4.c` and
`lib/md5.c`.
Fix it by namespacing these symbols.
Seen with a basic macOS build using these options:
`-DCMAKE_UNITY_BUILD=ON -DCURL_USE_SECTRANSP=ON`
Closes #13737
show more ...
|
| #
3774b8a9 |
| 15-Apr-2024 |
Viktor Szakats |
mbedtls: fix building with v3 in CMake Unity mode
Before this patch the internal feature detection macro
`HAS_MBEDTLS_RESULT_CODE_BASED_FUNCTIONS` was defined in three files,
with an
mbedtls: fix building with v3 in CMake Unity mode
Before this patch the internal feature detection macro
`HAS_MBEDTLS_RESULT_CODE_BASED_FUNCTIONS` was defined in three files,
with an incomplete logic in one of them. In Unity mode that spilled
into another source file and broke the build.
Closes #13377
show more ...
|
| #
5cc2b016 |
| 05-Feb-2024 |
Daniel Stenberg |
md4: include strdup.h for the memdup proto
Reported-by: Erik Schnetter
Fixes #12849
Closes #12863
|
| #
7309b9cb |
| 05-Dec-2023 |
Daniel Stenberg |
lib: strndup/memdup instead of malloc, memcpy and null-terminate
- bufref: use strndup
- cookie: use strndup
- formdata: use strndup
- ftp: use strndup
- gtls: use aprin
lib: strndup/memdup instead of malloc, memcpy and null-terminate
- bufref: use strndup
- cookie: use strndup
- formdata: use strndup
- ftp: use strndup
- gtls: use aprintf instead of malloc + strcpy * 2
- http: use strndup
- mbedtls: use strndup
- md4: use memdup
- ntlm: use memdup
- ntlm_sspi: use strndup
- pingpong: use memdup
- rtsp: use strndup instead of malloc, memcpy and null-terminate
- sectransp: use strndup
- socks_gssapi.c: use memdup
- vtls: use dynbuf instead of malloc, snprintf and memcpy
- vtls: use strdup instead of malloc + memcpy
- wolfssh: use strndup
Closes #12453
show more ...
|
| #
9fb6cc54 |
| 08-Nov-2023 |
Viktor Szakats |
tidy-up: use `OPENSSL_VERSION_NUMBER`
Uniformly use `OPENSSL_VERSION_NUMBER` to check for OpenSSL version.
Before this patch some places used `OPENSSL_VERSION_MAJOR`.
Also fix `
tidy-up: use `OPENSSL_VERSION_NUMBER`
Uniformly use `OPENSSL_VERSION_NUMBER` to check for OpenSSL version.
Before this patch some places used `OPENSSL_VERSION_MAJOR`.
Also fix `lib/md4.c`, which included `opensslconf.h`, but that doesn't
define any version number in these implementations: BoringSSL, AWS-LC,
LibreSSL, wolfSSL. (Only in mainline OpenSSL/quictls). Switch that to
`opensslv.h`. This wasn't causing a deeper problem because the code is
looking for v3, which is only provided by OpenSSL/quictls as of now.
According to https://github.com/openssl/openssl/issues/17517, the macro
`OPENSSL_VERSION_NUMBER` is safe to use and not deprecated.
Reviewed-by: Marcel Raad
Closes #12298
show more ...
|
| #
22eb9893 |
| 10-Mar-2023 |
Daniel Gustafsson |
crypto: ensure crypto initialization works
Make sure that context initialization during hash setup works to avoid
going forward with the risk of a null pointer dereference.
Repo
crypto: ensure crypto initialization works
Make sure that context initialization during hash setup works to avoid
going forward with the risk of a null pointer dereference.
Reported-by: Philippe Antoine on HackerOne
Assisted-by: Jay Satiro
Assisted-by: Daniel Stenberg
Closes #11614
show more ...
|
| #
2a154560 |
| 11-May-2023 |
Marcel Raad |
md(4|5): don't use deprecated iOS functions
They are marked as deprecated in iOS 13.0, which might result in
warnings-as-errors.
Also, use `*_MIN_REQUIRED` instead of `*_MIN_ALL
md(4|5): don't use deprecated iOS functions
They are marked as deprecated in iOS 13.0, which might result in
warnings-as-errors.
Also, use `*_MIN_REQUIRED` instead of `*_MIN_ALLOWED`, which seems to
be what's currently used.
Bug: https://github.com/curl/curl/issues/11098
Closes https://github.com/curl/curl/pull/11102
show more ...
|
| #
e5875985 |
| 11-May-2023 |
Marcel Raad |
md4: only build when used
Its only usage in curl_ntlm_core.c is guarded by `USE_CURL_NTLM_CORE`,
so let's use this here too.
Ref: https://github.com/curl/curl/issues/11098
C
md4: only build when used
Its only usage in curl_ntlm_core.c is guarded by `USE_CURL_NTLM_CORE`,
so let's use this here too.
Ref: https://github.com/curl/curl/issues/11098
Closes https://github.com/curl/curl/pull/11102
show more ...
|
| #
2bc1d775 |
| 02-Jan-2023 |
Daniel Stenberg |
copyright: update all copyright lines and remove year ranges
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- save
copyright: update all copyright lines and remove year ranges
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING
checksrc is updated to allow non-year using copyright statements
Closes #10205
show more ...
|
| #
aef4dc89 |
| 22-Dec-2022 |
Daniel Stenberg |
md4: fix build with GnuTLS + OpenSSL v1
Reported-by: Esdras de Morais da Silva
Fixes #10110
Closes #10142
|
| #
279834dd |
| 24-Oct-2022 |
Daniel Stenberg |
misc: remove duplicated include files
Closes #9796
|
| #
e1acfafa |
| 07-Aug-2022 |
Futaura |
amissl: make AmiSSL v5 a minimum requirement
AmiSSL v5 is the latest version, featuring a port of OpenSSL 3.0.
Support for previous OpenSSL 1.1.x versions has been dropped, so
makes
amissl: make AmiSSL v5 a minimum requirement
AmiSSL v5 is the latest version, featuring a port of OpenSSL 3.0.
Support for previous OpenSSL 1.1.x versions has been dropped, so
makes sense to enforce v5 as the minimum requirement. This also
allows all the AmiSSL stub workarounds to be removed as they are
now provided in a link library in the AmiSSL SDK.
Closes #9267
show more ...
|
| #
ad9bc597 |
| 17-May-2022 |
max.mehl |
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.
This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.
Closes #8869
show more ...
|
| #
835a2053 |
| 17-May-2022 |
Elms |
wolfSSL: explicitly use compatibility layer
This change removes adding an include `$prefix/wolfssl` or similar to
allow for openssl include aliasing. Include paths of `wolfssl/openssl/`
wolfSSL: explicitly use compatibility layer
This change removes adding an include `$prefix/wolfssl` or similar to
allow for openssl include aliasing. Include paths of `wolfssl/openssl/`
are used to explicitly use wolfSSL includes. This fixes cmake builds as
well as avoiding potentially using openSSL headers since include path
order is not guaranteed.
Closes #8864
show more ...
|
| #
21248e05 |
| 25-Dec-2021 |
Daniel Stenberg |
checksrc: detect more kinds of NULL comparisons we avoid
Co-authored-by: Jay Satiro
Closes #8180
|
| #
e12dc2dd |
| 01-Oct-2021 |
Hayden Roche |
wolfssl: use for SHA256, MD4, MD5, and setting DES odd parity
Prior to this commit, OpenSSL could be used for all these functions, but
not wolfSSL. This commit makes it so wolfSSL will b
wolfssl: use for SHA256, MD4, MD5, and setting DES odd parity
Prior to this commit, OpenSSL could be used for all these functions, but
not wolfSSL. This commit makes it so wolfSSL will be used if USE_WOLFSSL
is defined.
Closes #7806
show more ...
|
| #
3f126138 |
| 30-Jul-2021 |
Benau |
mbedTLS: initial 3.0.0 support
Closes #7428
|
| #
063d3f3b |
| 19-Apr-2021 |
Daniel Stenberg |
tidy-up: make conditional checks more consistent
... remove '== NULL' and '!= 0'
Closes #6912
|
|
Revision tags: curl-7_76_1, curl-7_76_0 |
|
| #
e06fa746 |
| 18-Feb-2021 |
Daniel Stenberg |
gnutls: assume nettle crypto support
nettle has been the default crypto library with GnuTLS since 2010. By
dropping support for the previous libcrypto, we simplify code.
Closes
gnutls: assume nettle crypto support
nettle has been the default crypto library with GnuTLS since 2010. By
dropping support for the previous libcrypto, we simplify code.
Closes #6625
show more ...
|
|
Revision tags: curl-7_75_0, curl-7_74_0 |
|
| #
4d2f8006 |
| 04-Nov-2020 |
Daniel Stenberg |
curl.se: new home
Closes #6172
|
|
Revision tags: curl-7_73_0, tiny-curl-7_72_0, curl-7_72_0 |
|
| #
29987498 |
| 16-Jul-2020 |
Marcel Raad |
md(4|5): don't use deprecated macOS functions
They are marked as deprecated for -mmacosx-version-min >= 10.15,
which might result in warnings-as-errors.
Closes https://github.co
md(4|5): don't use deprecated macOS functions
They are marked as deprecated for -mmacosx-version-min >= 10.15,
which might result in warnings-as-errors.
Closes https://github.com/curl/curl/pull/5695
show more ...
|
|
Revision tags: curl-7_71_1, curl-7_71_0 |
|
| #
8df45547 |
| 13-May-2020 |
Daniel Stenberg |
source cleanup: remove all custom typedef structs
- Stick to a single unified way to use structs
- Make checksrc complain on 'typedef struct {'
- Allow them in tests, public heade
source cleanup: remove all custom typedef structs
- Stick to a single unified way to use structs
- Make checksrc complain on 'typedef struct {'
- Allow them in tests, public headers and examples
- Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually
typedef different types/structs depending on build conditions.
Closes #5338
show more ...
|
|
Revision tags: curl-7_70_0 |
|
| #
02174e41 |
| 23-Mar-2020 |
Daniel Stenberg |
openssl: adapt to functions marked as deprecated since version 3
OpenSSL 3 deprecates SSL_CTX_load_verify_locations and the MD4, DES
functions we use.
Fix the MD4 and SSL_CTX_lo
openssl: adapt to functions marked as deprecated since version 3
OpenSSL 3 deprecates SSL_CTX_load_verify_locations and the MD4, DES
functions we use.
Fix the MD4 and SSL_CTX_load_verify_locations warnings.
In configure, detect OpenSSL v3 and if so, inhibit the deprecation
warnings. OpenSSL v3 deprecates the DES functions we use for NTLM and
until we rewrite the code to use non-deprecated functions we better
ignore these warnings as they don't help us.
Closes #5139
show more ...
|
