winbuild: Added support for VC15

winbuild: fix embedded manifest option

Embedded manifest option didn't work due to incorrect path.

Fixes https://github.com/curl/curl/issues/1832

winbuild: re-enable warning C4127 for curl tool

Disabled in cda19a345f6970e22fe8b7a808aeb8f086a21eac. It only needs to
be disabled for libcurl.

winbuild: build with warning level 4

This is consistent with 7bc64561a2e63ca93e4b0b31d350773ba80955c2, which
changed the warning level from 3 to 4 for the Visual Studio project
files

winbuild: build with warning level 4

This is consistent with 7bc64561a2e63ca93e4b0b31d350773ba80955c2, which
changed the warning level from 3 to 4 for the Visual Studio project
files. But disable the level 4 warning C4127 "conditional expression is
constant", as that one is issued by older versions of the Windows SDK
as well as curl itself under some circumstances.

Closes https://github.com/curl/curl/pull/1667

show more ...

curl_setup: always define WIN32_LEAN_AND_MEAN on Windows

Make sure to always define WIN32_LEAN_AND_MEAN before including any
Windows headers to avoid pulling in unnecessary headers. This

curl_setup: always define WIN32_LEAN_AND_MEAN on Windows

Make sure to always define WIN32_LEAN_AND_MEAN before including any
Windows headers to avoid pulling in unnecessary headers. This avoids
unnecessary macro clashes and compiler warnings.

Ref: https://github.com/curl/curl/issues/1562
Closes https://github.com/curl/curl/pull/1672

show more ...

winbuild: fix boringssl build

Compile with `WIN32_LEAN_AND_MEAN` which prevents `windows.h` from
including too much clutter including `wincrypt.h` which in turn contains
some preproc

winbuild: fix boringssl build

Compile with `WIN32_LEAN_AND_MEAN` which prevents `windows.h` from
including too much clutter including `wincrypt.h` which in turn contains
some preprocessor macros that clash with boringssl symbols.

Detect boringssl by checking the existance of `is_boringssl.h` and set
the corresponding `HAVE_BORINGSSL` for compilation which is used in
`ldap.c` to undefine the evil macros.

Closes #1610

show more ...

winbuild: fix the nghttp2 build

Closes #1321

winbuild: add basic support for OpenSSL 1.1.x

- Auto-detect OpenSSL 1.1 libs

Closes https://github.com/curl/curl/pull/1322

winbuild: add config option ENABLE_NGHTTP2

Closes #1141

winbuild: remove strcase.obj from curl build

Reported-by: Bruce Stephens

Fixes #1098

msvc builds: s/rawstr/strcase

Follow-up to 811a693b

winbuild: Allow changing C compiler via environment variable CC (#952)

This makes it possible to use specific compilers or a cache.

Sample use for clcache:
set CC=clcache.bat

winbuild: Allow changing C compiler via environment variable CC (#952)

This makes it possible to use specific compilers or a cache.

Sample use for clcache:
set CC=clcache.bat
nmake /f Makefile.vc DEBUG=no MODE=static VC=14 GEN_PDB=no

show more ...

winbuild: Free name $(CC) in Makefile (#950)

In the old line number 290, CC and CURL_CC had the same value. After
that, /DCURL_STATICLIB was added to CC but not CURL_CC (intended?).

winbuild: Free name $(CC) in Makefile (#950)

In the old line number 290, CC and CURL_CC had the same value. After
that, /DCURL_STATICLIB was added to CC but not CURL_CC (intended?).

This gets rid of the CC variable entirely. It is a first step to make it
possible to manualyl set a CC variable in order to be able to change the
compiler.

show more ...

winbuild: Avoid setting redundant CFLAGS to compile commands (#949)

$(CURL_CC) is always used with $(CURL_CFLAGS) appended, so before this,
all arguments in CURL_CFLAGS have been added t

winbuild: Avoid setting redundant CFLAGS to compile commands (#949)

$(CURL_CC) is always used with $(CURL_CFLAGS) appended, so before this,
all arguments in CURL_CFLAGS have been added twice.

show more ...

winbuild: fix embedded manifest option

Embedded manifest option didn't work due to typo.

Reported-by: Stefan Kanthak

schannel: add CURLOPT_CERTINFO support

Closes #822

winbuild: add mbedtls support

Add WITH_MBEDTLS option. Make WITH_SSL, WITH_MBEDTLS and ENABLE_WINSSL
options mutual exclusive.

Closes #606

build: Updated all makefiles and project files for the new vauth directory

Updated the makefiles and Visual Studio project files to support moving
the authentication code to the new lib/

build: Updated all makefiles and project files for the new vauth directory

Updated the makefiles and Visual Studio project files to support moving
the authentication code to the new lib/vauth directory that was started
in commit 0d04e859e1.

show more ...

URLs: change all http:// URLs to https://

makefile: Added support for VC14

openssl: remove all uses of USE_SSLEAY

SSLeay was the name of the library that was subsequently turned into
OpenSSL many moons ago (1999). curl does not work with the old SSLeay
libr

openssl: remove all uses of USE_SSLEAY

SSLeay was the name of the library that was subsequently turned into
OpenSSL many moons ago (1999). curl does not work with the old SSLeay
library since years. This is now reflected by only using USE_OPENSSL in
code that depends on OpenSSL.

show more ...

winbuild: Added option to build with c-ares

Added support for a WITH_CARES option to be used when invoking nmake
via Makefile.vc. This option enables linking against both the DLL and

winbuild: Added option to build with c-ares

Added support for a WITH_CARES option to be used when invoking nmake
via Makefile.vc. This option enables linking against both the DLL and
static versions of the c-ares libraries, as well as the debug and
release varients, depending on the value of DEBUG. The USE_ARES
preprocessor symbol is also defined.

show more ...

Remove all traces of FBOpenSSL SPNEGO support

This is just fundamentally broken. SPNEGO (RFC4178) is a protocol which
allows client and server to negotiate the underlying mechanism which

Remove all traces of FBOpenSSL SPNEGO support

This is just fundamentally broken. SPNEGO (RFC4178) is a protocol which
allows client and server to negotiate the underlying mechanism which will
actually be used to authenticate. This is *often* Kerberos, and can also
be NTLM and other things. And to complicate matters, there are various
different OIDs which can be used to specify the Kerberos mechanism too.

A SPNEGO exchange will identify *which* GSSAPI mechanism is being used,
and will exchange GSSAPI tokens which are appropriate for that mechanism.

But this SPNEGO implementation just strips the incoming SPNEGO packet
and extracts the token, if any. And completely discards the information
about *which* mechanism is being used. Then we *assume* it was Kerberos,
and feed the token into gss_init_sec_context() with the default
mechanism (GSS_S_NO_OID for the mech_type argument).

Furthermore... broken as this code is, it was never even *used* for input
tokens anyway, because higher layers of curl would just bail out if the
server actually said anything *back* to us in the negotiation. We assume
that we send a single token to the server, and it accepts it. If the server
wants to continue the exchange (as is required for NTLM and for SPNEGO
to do anything useful), then curl was broken anyway.

So the only bit which actually did anything was the bit in
Curl_output_negotiate(), which always generates an *initial* SPNEGO
token saying "Hey, I support only the Kerberos mechanism and this is its
token".

You could have done that by manually just prefixing the Kerberos token
with the appropriate bytes, if you weren't going to do any proper SPNEGO
handling. There's no need for the FBOpenSSL library at all.

The sane way to do SPNEGO is just to *ask* the GSSAPI library to do
SPNEGO. That's what the 'mech_type' argument to gss_init_sec_context()
is for. And then it should all Just Work™.

That 'sane way' will be added in a subsequent patch, as will bug fixes
for our failure to handle any exchange other than a single outbound
token to the server which results in immediate success.

show more ...

winbuild: Fixed static OpenSSL builds following commit c50ce85918

winbuild: added warnless.c to fix build