]> granicus.if.org Git - curl/log
curl
9 years agontlm_core: Use own odd parity function when crypto engine doesn't have one
Steve Holme [Wed, 28 Jan 2015 20:59:27 +0000 (20:59 +0000)]
ntlm_core: Use own odd parity function when crypto engine doesn't have one

9 years agontlm_core: Prefer sizeof(key) rather than hard coded sizes
Steve Holme [Wed, 28 Jan 2015 20:55:06 +0000 (20:55 +0000)]
ntlm_core: Prefer sizeof(key) rather than hard coded sizes

9 years agontlm_core: Added consistent comments to DES functions
Steve Holme [Wed, 28 Jan 2015 20:53:40 +0000 (20:53 +0000)]
ntlm_core: Added consistent comments to DES functions

9 years agodes: Added Curl_des_set_odd_parity()
Steve Holme [Wed, 28 Jan 2015 20:43:32 +0000 (20:43 +0000)]
des: Added Curl_des_set_odd_parity()

Added Curl_des_set_odd_parity() for use when cryptography engines
don't include this functionality.

9 years agotests: Grouped SMTP SASL EXTERNAL tests with other SMTP tests
Steve Holme [Wed, 28 Jan 2015 19:45:54 +0000 (19:45 +0000)]
tests: Grouped SMTP SASL EXTERNAL tests with other SMTP tests

9 years agotests: Grouped POP3 SASL EXTERNAL tests with other POP3 tests
Steve Holme [Wed, 28 Jan 2015 19:40:03 +0000 (19:40 +0000)]
tests: Grouped POP3 SASL EXTERNAL tests with other POP3 tests

9 years agotests: Grouped IMAP SASL EXTERNAL tests with other IMAP tests
Steve Holme [Wed, 28 Jan 2015 19:35:35 +0000 (19:35 +0000)]
tests: Grouped IMAP SASL EXTERNAL tests with other IMAP tests

9 years agosasl: Minor code policing and grammar corrections
Steve Holme [Wed, 28 Jan 2015 19:11:19 +0000 (19:11 +0000)]
sasl: Minor code policing and grammar corrections

9 years agoldap: build with BoringSSL
Gisle Vanem [Wed, 28 Jan 2015 13:22:11 +0000 (14:22 +0100)]
ldap: build with BoringSSL

9 years agosecurity: avoid compiler warning
Daniel Stenberg [Wed, 28 Jan 2015 09:09:56 +0000 (10:09 +0100)]
security: avoid compiler warning

Possible access to uninitialised memory '&nread' at line 140 of
lib/security.c in function 'ftp_send_command'.

Reported-by: Rich Burridge
9 years agoruntests: identify BoringSSL and libressl
Daniel Stenberg [Fri, 23 Jan 2015 13:24:19 +0000 (14:24 +0100)]
runtests: identify BoringSSL and libressl

9 years agodocs: cite SASL external authentication.
Patrick Monnerat [Tue, 27 Jan 2015 18:10:18 +0000 (19:10 +0100)]
docs: cite SASL external authentication.

9 years agosasl: remove XOAUTH2 from default enabled authentication mechanism.
Patrick Monnerat [Tue, 27 Jan 2015 17:08:18 +0000 (18:08 +0100)]
sasl: remove XOAUTH2 from default enabled authentication mechanism.

9 years agotest: add test cases for sasl external authentication (imap/pop3/smtp).
Patrick Monnerat [Tue, 27 Jan 2015 17:03:56 +0000 (18:03 +0100)]
test: add test cases for sasl external authentication (imap/pop3/smtp).

9 years agoimap: remove automatic password setting: it breaks external sasl authentication
Patrick Monnerat [Tue, 27 Jan 2015 16:34:40 +0000 (17:34 +0100)]
imap: remove automatic password setting: it breaks external sasl authentication

9 years agosasl: implement EXTERNAL authentication mechanism.
Patrick Monnerat [Tue, 27 Jan 2015 16:24:55 +0000 (17:24 +0100)]
sasl: implement EXTERNAL authentication mechanism.
  Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and
by not setting the password.

9 years agoopenssl: Fixed Curl_ossl_cert_status_request() not returning FALSE
Steve Holme [Tue, 27 Jan 2015 11:55:19 +0000 (11:55 +0000)]
openssl: Fixed Curl_ossl_cert_status_request() not returning FALSE

Modified the Curl_ossl_cert_status_request() function to return FALSE
when built with BoringSSL or when OpenSSL is missing the necessary TLS
extensions.

9 years agoopenssl: Fixed compilation errors when OpenSSL built with 'no-tlsext'
Steve Holme [Tue, 27 Jan 2015 11:52:14 +0000 (11:52 +0000)]
openssl: Fixed compilation errors when OpenSSL built with 'no-tlsext'

Fixed the build of openssl.c when OpenSSL is built without the necessary
TLS extensions for OCSP stapling.

Reported-by: John E. Malmberg
9 years agocurl_setup: Disable SMB/CIFS support when HTTP only
Brad Spencer [Mon, 26 Jan 2015 16:15:32 +0000 (12:15 -0400)]
curl_setup: Disable SMB/CIFS support when HTTP only

9 years agoRELEASE-NOTES: Synced with 37824498a3
Steve Holme [Fri, 23 Jan 2015 07:57:09 +0000 (07:57 +0000)]
RELEASE-NOTES: Synced with 37824498a3

9 years agoconfigure: remove detection of the old yassl emulation API
Daniel Stenberg [Thu, 22 Jan 2015 22:53:52 +0000 (23:53 +0100)]
configure: remove detection of the old yassl emulation API

... as that is ancient history and not used.

9 years agoOCSP stapling: disabled when build with BoringSSL
Daniel Stenberg [Thu, 22 Jan 2015 22:34:43 +0000 (23:34 +0100)]
OCSP stapling: disabled when build with BoringSSL

9 years agoopenssl: add support for the Certificate Status Request TLS extension
Alessandro Ghedini [Mon, 16 Jun 2014 13:05:17 +0000 (15:05 +0200)]
openssl: add support for the Certificate Status Request TLS extension

Also known as "status_request" or OCSP stapling, defined in RFC6066
section 8.

Thanks-to: Joe Mason
- for the work-around for the OpenSSL bug.

9 years agoBoringSSL: fix build for non-configure builds
Daniel Stenberg [Thu, 22 Jan 2015 22:04:10 +0000 (23:04 +0100)]
BoringSSL: fix build for non-configure builds

HAVE_BORINGSSL gets defined now by configure and should be defined by
other build systems in case a BoringSSL build is desired.

9 years agoconfigure: fix BoringSSL detection and detect libresssl
Daniel Stenberg [Thu, 22 Jan 2015 21:51:17 +0000 (22:51 +0100)]
configure: fix BoringSSL detection and detect libresssl

9 years agocurl_sasl: Reinstate the sasl_ prefix for locally scoped functions
Steve Holme [Thu, 22 Jan 2015 20:58:15 +0000 (20:58 +0000)]
curl_sasl: Reinstate the sasl_ prefix for locally scoped functions

Commit 7a8b2885e2 made some functions static and removed the public
Curl_ prefix. Unfortunately, it also removed the sasl_ prefix, which
is the naming convention we use in this source file.

9 years agocurl_sasl: Minor code policing following recent commits
Steve Holme [Thu, 22 Jan 2015 20:47:38 +0000 (20:47 +0000)]
curl_sasl: Minor code policing following recent commits

9 years agoopenvms: Handle openssl/0.8.9zb version parsing
John Malmberg [Fri, 16 Jan 2015 03:28:34 +0000 (21:28 -0600)]
openvms: Handle openssl/0.8.9zb version parsing

packages/vms/gnv_link_curl.com was assuming only a single letter suffix
in the openssl version.  That assumption has been fixed for 7.40.

9 years agoBoringSSL: detected by configure, switches off NTLM
Daniel Stenberg [Thu, 22 Jan 2015 15:34:18 +0000 (16:34 +0100)]
BoringSSL: detected by configure, switches off NTLM

9 years agoBoringSSL: no PKCS12 support nor ERR_remove_state
Daniel Stenberg [Thu, 22 Jan 2015 15:20:26 +0000 (16:20 +0100)]
BoringSSL: no PKCS12 support nor ERR_remove_state

9 years agoBoringSSL: fix build
Leith Bade [Thu, 22 Jan 2015 11:42:50 +0000 (22:42 +1100)]
BoringSSL: fix build

9 years agocurl_sasl.c: chlglen is not used when cryptography is disabled
Steve Holme [Tue, 20 Jan 2015 19:28:54 +0000 (19:28 +0000)]
curl_sasl.c: chlglen is not used when cryptography is disabled

9 years agocurl_sasl.c: Fixed compilation warning when cyptography is disabled
Steve Holme [Tue, 20 Jan 2015 19:25:43 +0000 (19:25 +0000)]
curl_sasl.c: Fixed compilation warning when cyptography is disabled

curl_sasl.c:1453: warning C4101: 'serverdata' : unreferenced local
                  variable

9 years agocurl_sasl.c: Fixed compilation error when USE_WINDOWS_SSPI defined
Steve Holme [Tue, 20 Jan 2015 19:21:56 +0000 (19:21 +0000)]
curl_sasl.c: Fixed compilation error when USE_WINDOWS_SSPI defined

curl_sasl.c:1221: error C2065: 'mechtable' : undeclared identifier

This error could also happen for non-SSPI builds when cryptography is
disabled (CURL_DISABLE_CRYPTO_AUTH is defined).

9 years agoSASL: make some procedures local-scoped
Patrick Monnerat [Tue, 20 Jan 2015 17:17:55 +0000 (18:17 +0100)]
SASL: make some procedures local-scoped

9 years agoSASL: common state engine for imap/pop3/smtp
Patrick Monnerat [Tue, 20 Jan 2015 16:33:05 +0000 (17:33 +0100)]
SASL: common state engine for imap/pop3/smtp

9 years agoSASL: common URL option and auth capabilities decoders for all protocols
Patrick Monnerat [Tue, 20 Jan 2015 14:27:25 +0000 (15:27 +0100)]
SASL: common URL option and auth capabilities decoders for all protocols

9 years agoIMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters.
Patrick Monnerat [Tue, 20 Jan 2015 13:14:26 +0000 (14:14 +0100)]
IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters.

9 years agoipv6: enclose AF_INET6 uses with proper #ifdefs for ipv6
Daniel Stenberg [Tue, 20 Jan 2015 08:03:55 +0000 (09:03 +0100)]
ipv6: enclose AF_INET6 uses with proper #ifdefs for ipv6

Reported-by: Chris Young
9 years agotimeval: typecast for better type (on Amiga)
Chris Young [Tue, 20 Jan 2015 07:53:14 +0000 (08:53 +0100)]
timeval: typecast for better type (on Amiga)

There is an issue with conflicting "struct timeval" definitions with
certain AmigaOS releases and C libraries, depending on what gets
included when.  It's a minor difference - the OS one is unsigned,
whereas the common structure has signed elements.  If the OS one ends up
getting defined, this causes a timing calculation error in curl.

It's easy enough to resolve this at the curl end, by casting the
potentially errorneous calculation to a signed long.

9 years agoopenssl: do public key pinning check independently
Daniel Stenberg [Mon, 19 Jan 2015 22:18:58 +0000 (23:18 +0100)]
openssl: do public key pinning check independently

... of the other cert verification checks so that you can set verifyhost
and verifypeer to FALSE and still check the public key.

Bug: http://curl.haxx.se/bug/view.cgi?id=1471
Reported-by: Kyle J. McKay
9 years agoOS400: CURLOPT_SSL_VERIFYSTATUS for ILE/RPG too.
Patrick Monnerat [Mon, 19 Jan 2015 12:52:40 +0000 (13:52 +0100)]
OS400: CURLOPT_SSL_VERIFYSTATUS for ILE/RPG too.

9 years agoldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP
Steve Holme [Sun, 18 Jan 2015 20:25:37 +0000 (20:25 +0000)]
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP

For consistency with other USE_WIN32_ defines as well as the
USE_OPENLDAP define.

9 years agohttp_negotiate: Use dynamic buffer for SPN generation
Steve Holme [Sun, 18 Jan 2015 17:36:59 +0000 (17:36 +0000)]
http_negotiate: Use dynamic buffer for SPN generation

Use a dynamicly allocated buffer for the temporary SPN variable similar
to how the SASL GSS-API code does, rather than using a fixed buffer of
2048 characters.

9 years agosasl_gssapi: Make Curl_sasl_build_gssapi_spn() public
Steve Holme [Sun, 18 Jan 2015 17:12:28 +0000 (17:12 +0000)]
sasl_gssapi: Make Curl_sasl_build_gssapi_spn() public

9 years agosasl_gssapi: Fixed memory leak with local SPN variable
Steve Holme [Sun, 18 Jan 2015 17:02:55 +0000 (17:02 +0000)]
sasl_gssapi: Fixed memory leak with local SPN variable

9 years agohttp_negotiate.c: unused variable 'ret'
Daniel Stenberg [Sat, 17 Jan 2015 22:14:40 +0000 (23:14 +0100)]
http_negotiate.c: unused variable 'ret'

9 years agogskit.h: Code policing of function pointer arguments
Steve Holme [Sat, 17 Jan 2015 16:49:39 +0000 (16:49 +0000)]
gskit.h: Code policing of function pointer arguments

9 years agovtls: Removed unimplemented overrides of curlssl_close_all()
Steve Holme [Sat, 17 Jan 2015 16:41:03 +0000 (16:41 +0000)]
vtls: Removed unimplemented overrides of curlssl_close_all()

Carrying on from commit 037cd0d991, removed the following unimplemented
instances of curlssl_close_all():

Curl_axtls_close_all()
Curl_darwinssl_close_all()
Curl_cyassl_close_all()
Curl_gskit_close_all()
Curl_gtls_close_all()
Curl_nss_close_all()
Curl_polarssl_close_all()

9 years agovtls: Separate the SSL backend definition from the API setup
Steve Holme [Sat, 17 Jan 2015 16:03:49 +0000 (16:03 +0000)]
vtls: Separate the SSL backend definition from the API setup

Slight code cleanup as the SSL backend #define is mixed up with the API
function setup.

9 years agovtls: Fixed compilation errors when SSL not used
Steve Holme [Sat, 17 Jan 2015 15:13:29 +0000 (15:13 +0000)]
vtls: Fixed compilation errors when SSL not used

Fixed the following warning and error from commit 3af90a6e19 when SSL
is not being used:

url.c:2004: warning C4013: 'Curl_ssl_cert_status_request' undefined;
            assuming extern returning int

error LNK2019: unresolved external symbol Curl_ssl_cert_status_request
               referenced in function Curl_setopt

9 years agohttp_negotiate: Added empty decoded challenge message info text
Steve Holme [Sat, 17 Jan 2015 11:59:44 +0000 (11:59 +0000)]
http_negotiate: Added empty decoded challenge message info text

9 years agohttp_negotiate: Return CURLcode in Curl_input_negotiate() instead of int
Steve Holme [Sat, 17 Jan 2015 11:56:27 +0000 (11:56 +0000)]
http_negotiate: Return CURLcode in Curl_input_negotiate() instead of int

9 years agohttp_negotiate_sspi: Prefer use of 'attrs' for context attributes
Steve Holme [Sat, 17 Jan 2015 11:27:36 +0000 (11:27 +0000)]
http_negotiate_sspi: Prefer use of 'attrs' for context attributes

Use the same variable name as other areas of SSPI code.

9 years agohttp_negotiate_sspi: Use correct return type for QuerySecurityPackageInfo()
Steve Holme [Sat, 17 Jan 2015 11:24:06 +0000 (11:24 +0000)]
http_negotiate_sspi: Use correct return type for QuerySecurityPackageInfo()

Use the SECURITY_STATUS typedef rather than a unsigned long for the
QuerySecurityPackageInfo() return and rename the variable as per other
areas of SSPI code.

9 years agohttp_negotiate_sspi: Use 'CURLcode result' for CURL result code
Steve Holme [Sat, 17 Jan 2015 11:20:35 +0000 (11:20 +0000)]
http_negotiate_sspi: Use 'CURLcode result' for CURL result code

9 years agocurl_endian: Fixed build when 64-bit integers are not supported (Part 2)
Steve Holme [Fri, 16 Jan 2015 23:01:27 +0000 (23:01 +0000)]
curl_endian: Fixed build when 64-bit integers are not supported (Part 2)

Missed Curl_read64_be() in commit bb12d44471 :(

9 years agoCURLOPT_SSL_VERIFYSTATUS.3: mention it is added in version 7.41.0
Daniel Stenberg [Fri, 16 Jan 2015 22:41:50 +0000 (23:41 +0100)]
CURLOPT_SSL_VERIFYSTATUS.3: mention it is added in version 7.41.0

9 years agocurlver.h: next release is 7.41.0 due to the changes
Daniel Stenberg [Fri, 16 Jan 2015 22:36:50 +0000 (23:36 +0100)]
curlver.h: next release is 7.41.0 due to the changes

9 years agoRELEASE-NOTES: mention the new OCSP stapling options, bump version
Daniel Stenberg [Fri, 16 Jan 2015 22:36:02 +0000 (23:36 +0100)]
RELEASE-NOTES: mention the new OCSP stapling options, bump version

9 years agoopts: add CURLOPT_SSL_VERIFYSTATUS* to docs/Makefile
Daniel Stenberg [Fri, 16 Jan 2015 22:34:28 +0000 (23:34 +0100)]
opts: add CURLOPT_SSL_VERIFYSTATUS* to docs/Makefile

9 years agohelp: add --cert-status to --help output
Daniel Stenberg [Fri, 16 Jan 2015 22:19:36 +0000 (23:19 +0100)]
help: add --cert-status to --help output

9 years agocopyright years: after OCSP stapling changes
Daniel Stenberg [Fri, 16 Jan 2015 21:33:49 +0000 (22:33 +0100)]
copyright years: after OCSP stapling changes

9 years agocurl: add --cert-status option
Alessandro Ghedini [Mon, 16 Jun 2014 18:47:26 +0000 (20:47 +0200)]
curl: add --cert-status option

This enables the CURLOPT_SSL_VERIFYSTATUS functionality.

9 years agonss: add support for the Certificate Status Request TLS extension
Alessandro Ghedini [Tue, 24 Jun 2014 21:25:59 +0000 (23:25 +0200)]
nss: add support for the Certificate Status Request TLS extension

Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8.

This requires NSS 3.15 or higher.

9 years agogtls: add support for the Certificate Status Request TLS extension
Alessandro Ghedini [Mon, 16 Jun 2014 11:21:02 +0000 (13:21 +0200)]
gtls: add support for the Certificate Status Request TLS extension

Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8.

This requires GnuTLS 3.1.3 or higher to build, however it's recommended to use
at least GnuTLS 3.3.11 since previous versions had a bug that caused the OCSP
response verfication to fail even on valid responses.

9 years agourl: add CURLOPT_SSL_VERIFYSTATUS option
Alessandro Ghedini [Mon, 16 Jun 2014 11:20:47 +0000 (13:20 +0200)]
url: add CURLOPT_SSL_VERIFYSTATUS option

This option can be used to enable/disable certificate status verification using
the "Certificate Status Request" TLS extension defined in RFC6066 section 8.

This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the
certificate status verification fails, and the Curl_ssl_cert_status_request()
function, used to check whether the SSL backend supports the status_request
extension.

9 years agoTheArtOfHttpScripting: skip the date at the top, we have git
Daniel Stenberg [Fri, 16 Jan 2015 13:17:16 +0000 (14:17 +0100)]
TheArtOfHttpScripting: skip the date at the top, we have git

9 years agoTheArtOfHttpScripting: phrase it TLS lib agnostic
Daniel Stenberg [Fri, 16 Jan 2015 13:16:31 +0000 (14:16 +0100)]
TheArtOfHttpScripting: phrase it TLS lib agnostic

9 years agoTODO: Added some SMB ideas
Steve Holme [Fri, 16 Jan 2015 21:59:20 +0000 (21:59 +0000)]
TODO: Added some SMB ideas

9 years agoRELEASE-NOTES: Synced with 5f09947d28
Steve Holme [Fri, 16 Jan 2015 21:52:21 +0000 (21:52 +0000)]
RELEASE-NOTES: Synced with 5f09947d28

9 years agobuild-openssl.bat: Added check for Perl installation
Steve Holme [Fri, 16 Jan 2015 20:57:36 +0000 (20:57 +0000)]
build-openssl.bat: Added check for Perl installation

9 years agochecksrc.bat: Better detection of Perl installation
Steve Holme [Fri, 16 Jan 2015 20:44:32 +0000 (20:44 +0000)]
checksrc.bat: Better detection of Perl installation

9 years agocurl_endian: Fixed build when 64-bit integers are not supported
Steve Holme [Fri, 16 Jan 2015 12:31:24 +0000 (12:31 +0000)]
curl_endian: Fixed build when 64-bit integers are not supported

Bug: http://curl.haxx.se/mail/lib-2015-01/0094.html
Reported-by: John E. Malmberg
9 years agocurl.h: remove extra space
Yun SangHo [Thu, 15 Jan 2015 17:40:47 +0000 (02:40 +0900)]
curl.h: remove extra space

9 years agoCurl_pretransfer: reset expected transfer sizes
Daniel Stenberg [Wed, 14 Jan 2015 22:31:57 +0000 (23:31 +0100)]
Curl_pretransfer: reset expected transfer sizes

Reported-by: Mohammad AlSaleh
Bug: http://curl.haxx.se/mail/lib-2015-01/0065.html

9 years agocurl_schannel.c: mark session as removed from cache if not freed
Marc Hoersken [Sat, 10 Jan 2015 16:46:02 +0000 (17:46 +0100)]
curl_schannel.c: mark session as removed from cache if not freed

If the session is still used by active SSL/TLS connections, it
cannot be closed yet. Thus we mark the session as not being cached
any longer so that the reference counting mechanism in
Curl_schannel_shutdown is used to close and free the session.

Reported-by: Jean-Francois Durand
10 years agoRELEASE-NOTES: Synced with d21b66835f
Steve Holme [Fri, 9 Jan 2015 21:09:23 +0000 (21:09 +0000)]
RELEASE-NOTES: Synced with d21b66835f

10 years agoMerge pull request #134 from vszakats/mingw-m64
Guenter Knauf [Fri, 9 Jan 2015 21:03:12 +0000 (22:03 +0100)]
Merge pull request #134 from vszakats/mingw-m64

add -m64 CFLAGS when targeting mingw64, add -m32/-m64 to LDFLAGS

10 years agoMerge pull request #136 from vszakats/mingw-allow-custom-cflags
Guenter Knauf [Fri, 9 Jan 2015 21:02:23 +0000 (22:02 +0100)]
Merge pull request #136 from vszakats/mingw-allow-custom-cflags

mingw build: allow to pass custom CFLAGS

10 years agoNSS: fix compiler error when built http2-enabled
Daniel Stenberg [Fri, 9 Jan 2015 20:55:31 +0000 (21:55 +0100)]
NSS: fix compiler error when built http2-enabled

10 years agogssapi: Remove need for duplicated GSS_C_NT_HOSTBASED_SERVICE definitions
Steve Holme [Fri, 9 Jan 2015 20:29:26 +0000 (20:29 +0000)]
gssapi: Remove need for duplicated GSS_C_NT_HOSTBASED_SERVICE definitions

Better code reuse and consistency in calls to gss_import_name().

10 years agomingw build: allow to pass custom CFLAGS
Viktor Szakats [Fri, 9 Jan 2015 03:36:02 +0000 (04:36 +0100)]
mingw build: allow to pass custom CFLAGS

10 years agoFTP: if EPSV fails on IPV6 connections, bail out
Daniel Stenberg [Thu, 8 Jan 2015 19:43:32 +0000 (20:43 +0100)]
FTP: if EPSV fails on IPV6 connections, bail out

... instead of trying PASV, since PASV can't work with IPv6.

Reported-by: Vojtěch Král
10 years agoFTP: fix IPv6 host using link-local address
Daniel Stenberg [Thu, 8 Jan 2015 17:30:01 +0000 (18:30 +0100)]
FTP: fix IPv6 host using link-local address

... and make sure we can connect the data connection to a host name that
is longer than 48 bytes.

Also simplifies the code somewhat by re-using the original host name
more, as it is likely still in the DNS cache.

Original-Patch-by: Vojtěch Král
Bug: http://curl.haxx.se/bug/view.cgi?id=1468

10 years agowinbuild: Added option to build with c-ares
Sam Schanken [Mon, 29 Dec 2014 18:57:21 +0000 (10:57 -0800)]
winbuild: Added option to build with c-ares

Added support for a WITH_CARES option to be used when invoking nmake
via Makefile.vc. This option enables linking against both the DLL and
static versions of the c-ares libraries, as well as the debug and
release varients, depending on the value of DEBUG. The USE_ARES
preprocessor symbol is also defined.

10 years agoNetWare build: added TLS-SRP enabled build.
Guenter Knauf [Thu, 8 Jan 2015 20:40:35 +0000 (21:40 +0100)]
NetWare build: added TLS-SRP enabled build.

10 years agosasl_gssapi: Fixed build on NetBSD with built-in GSS-API
Steve Holme [Thu, 8 Jan 2015 19:23:53 +0000 (19:23 +0000)]
sasl_gssapi: Fixed build on NetBSD with built-in GSS-API

Bug: http://curl.haxx.se/bug/view.cgi?id=1469
Reported-by: Thomas Klausner
10 years agoadd -m64 clags when targeting mingw64, add -m32/-m64 to LDFLAGS
Viktor Szakats [Thu, 8 Jan 2015 17:19:03 +0000 (18:19 +0100)]
add -m64 clags when targeting mingw64, add -m32/-m64 to LDFLAGS

10 years agobump: start working towards 7.40.1
Daniel Stenberg [Thu, 8 Jan 2015 09:00:28 +0000 (10:00 +0100)]
bump: start working towards 7.40.1

10 years agoTHANKS: 14 new contributors from the 7.40.0 release notes
Daniel Stenberg [Thu, 8 Jan 2015 08:57:19 +0000 (09:57 +0100)]
THANKS: 14 new contributors from the 7.40.0 release notes

10 years agoRELEASE-NOTES: version 7.40.0 curl-7_40_0
Daniel Stenberg [Wed, 7 Jan 2015 22:08:53 +0000 (23:08 +0100)]
RELEASE-NOTES: version 7.40.0

10 years agodarwinssl: fix session ID keys to only reuse identical sessions
Daniel Stenberg [Fri, 19 Dec 2014 07:50:00 +0000 (08:50 +0100)]
darwinssl: fix session ID keys to only reuse identical sessions

...to avoid a session ID getting cached without certificate checking and
then after a subsequent _enabling_ of the check libcurl could still
re-use the session done without cert checks.

Bug: http://curl.haxx.se/docs/adv_20150108A.html
Reported-by: Marc Hesse
10 years agotests: make sure CRLFs can't be used in URLs passed to proxy
Daniel Stenberg [Thu, 25 Dec 2014 22:51:43 +0000 (23:51 +0100)]
tests: make sure CRLFs can't be used in URLs passed to proxy

Bug: http://curl.haxx.se/docs/adv_20150108B.html

10 years agourl-parsing: reject CRLFs within URLs
Daniel Stenberg [Thu, 25 Dec 2014 22:55:03 +0000 (23:55 +0100)]
url-parsing: reject CRLFs within URLs

Bug: http://curl.haxx.se/docs/adv_20150108B.html
Reported-by: Andrey Labunets
10 years agoldap: Convert attribute output to UTF-8 when Unicode
Steve Holme [Wed, 7 Jan 2015 19:45:24 +0000 (19:45 +0000)]
ldap: Convert attribute output to UTF-8 when Unicode

10 years agoldap: Convert DN output to UTF-8 when Unicode
Steve Holme [Wed, 7 Jan 2015 19:19:20 +0000 (19:19 +0000)]
ldap: Convert DN output to UTF-8 when Unicode

10 years agohostip: remove 'stale' argument from Curl_fetch_addr proto
Daniel Stenberg [Tue, 6 Jan 2015 22:01:43 +0000 (22:01 +0000)]
hostip: remove 'stale' argument from Curl_fetch_addr proto

Also, remove the log output of the resolved name is NOT in the cache in
the spirit of only telling when something is actually happening.

10 years agoldap/imap: Fixed spelling mistake in comments and variable names
Steve Holme [Wed, 7 Jan 2015 13:50:56 +0000 (13:50 +0000)]
ldap/imap: Fixed spelling mistake in comments and variable names

Reported-by: Michael Osipov
10 years agoRELEASE-NOTES: updated with ./contributors.sh output
Daniel Stenberg [Wed, 7 Jan 2015 11:41:02 +0000 (12:41 +0100)]
RELEASE-NOTES: updated with ./contributors.sh output