Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						d314453037 
					 
					
						
						
							
							yassl doesn't have SSL_get_shutdown() in its OpenSSL() layer so we check for  
						
						... 
						
						
						
						it and avoid it, even if this cripples the CCC command 
						
						
					 
					
						2007-03-14 23:40:46 +00:00 
						 
				 
			
				
					
						
							
							
								Gisle Vanem 
							
						 
					 
					
						
						
							
						
						c514a2a89a 
					 
					
						
						
							
							Removed inclusion of <sys/types.h> and <sys/stat.h> in .c-files  
						
						... 
						
						
						
						since they're already included through "setup.h". 
						
						
					 
					
						2007-02-26 04:24:26 +00:00 
						 
				 
			
				
					
						
							
							
								Yang Tse 
							
						 
					 
					
						
						
							
						
						3a634a273a 
					 
					
						
						
							
							curlassert macro replaced with DEBUGASSERT macro defined in setup_once.h  
						
						
						
						
					 
					
						2007-02-21 19:03:20 +00:00 
						 
				 
			
				
					
						
							
							
								Linus Nielsen Feltzing 
							
						 
					 
					
						
						
							
						
						2f5e99ca02 
					 
					
						
						
							
							New FTP CCC functionality - adds passive and active mode to accomodate for different server behaviour  
						
						
						
						
					 
					
						2007-02-20 22:02:11 +00:00 
						 
				 
			
				
					
						
							
							
								Yang Tse 
							
						 
					 
					
						
						
							
						
						a1d5983991 
					 
					
						
						
							
							use macros ERRNO, SET_ERRNO(), SOCKERRNO and SET_SOCKERRNO() for errno handling  
						
						
						
						
					 
					
						2007-02-16 18:19:35 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						91386937ff 
					 
					
						
						
							
							- Michael Wallner provided a patch that adds support for CURLOPT_TIMEOUT_MS  
						
						... 
						
						
						
						and CURLOPT_CONNECTTIMEOUT_MS that, as their names should hint, do the
  timeouts with millisecond resolution instead. The only restriction to that
  is the alarm() (sometimes) used to abort name resolves as that uses full
  seconds. I fixed the FTP response timeout part of the patch.
  Internally we now count and keep the timeouts in milliseconds but it also
  means we multiply set timeouts with 1000. The effect of this is that no
  timeout can be set to more than 2^31 milliseconds (on 32 bit systems), which
  equals 24.86 days.  We probably couldn't before either since the code did
  *1000 on the timeout values on several places already. 
						
						
					 
					
						2007-02-05 22:51:32 +00:00 
						 
				 
			
				
					
						
							
							
								Dan Fandrich 
							
						 
					 
					
						
						
							
						
						9e61c904ac 
					 
					
						
						
							
							Display crypto engine name correctly in debug message.  
						
						
						
						
					 
					
						2007-01-10 21:21:53 +00:00 
						 
				 
			
				
					
						
							
							
								Linus Nielsen Feltzing 
							
						 
					 
					
						
						
							
						
						55123424c8 
					 
					
						
						
							
							Removed unused variable in Curl_ossl_shutdown()  
						
						
						
						
					 
					
						2007-01-08 10:03:19 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						4750e6f3c5 
					 
					
						
						
							
							- Linus Nielsen Feltzing introduced the --ftp-ssl-ccc command line option to  
						
						... 
						
						
						
						curl that uses the new CURLOPT_FTP_SSL_CCC option in libcurl. If enabled, it
  will make libcurl shutdown SSL/TLS after the authentication is done on a
  FTP-SSL operation. 
						
						
					 
					
						2007-01-05 23:11:14 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						be0d17e812 
					 
					
						
						
							
							cleaned up Curl_write() and the sub functions it uses for various protocols.  
						
						... 
						
						
						
						They all now return ssize_t to Curl_write().
Unfortunately, Curl_read() is in a sorrier state but it too would benefit from
a similar cleanup. 
						
						
					 
					
						2006-11-11 21:34:43 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						f830d77307 
					 
					
						
						
							
							Bradford Bruce reported that when setting CURLOPT_DEBUGFUNCTION without  
						
						... 
						
						
						
						CURLOPT_VERBOSE set to non-zero, you still got a few debug messages from the
SSL handshake. This is now stopped. 
						
						
					 
					
						2006-11-08 21:49:14 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						4e717cdb30 
					 
					
						
						
							
							Armel Asselin separated CA cert verification problems from problems with  
						
						... 
						
						
						
						reading the (local) CA cert file to let users easier pinpoint the actual
problem. CURLE_SSL_CACERT_BADFILE (77) is the new libcurl error code. 
						
						
					 
					
						2006-10-21 11:32:05 +00:00 
						 
				 
			
				
					
						
							
							
								Yang Tse 
							
						 
					 
					
						
						
							
						
						ec956b0334 
					 
					
						
						
							
							Explicit typecast for Curl_debug() size argument  
						
						
						
						
					 
					
						2006-10-17 10:04:13 +00:00 
						 
				 
			
				
					
						
							
							
								Yang Tse 
							
						 
					 
					
						
						
							
						
						c30e908034 
					 
					
						
						
							
							Compiler warning fix  
						
						
						
						
					 
					
						2006-09-10 23:37:42 +00:00 
						 
				 
			
				
					
						
							
							
								Yang Tse 
							
						 
					 
					
						
						
							
						
						d157c29269 
					 
					
						
						
							
							Fix compiler warnings  
						
						
						
						
					 
					
						2006-07-19 21:14:02 +00:00 
						 
				 
			
				
					
						
							
							
								Yang Tse 
							
						 
					 
					
						
						
							
						
						483a586d55 
					 
					
						
						
							
							Avoid variable declaration shadowing previously declared one  
						
						
						
						
					 
					
						2006-07-19 18:46:56 +00:00 
						 
				 
			
				
					
						
							
							
								Yang Tse 
							
						 
					 
					
						
						
							
						
						f3c508f6e8 
					 
					
						
						
							
							Update error buffer size used for SSL_strerror()  
						
						
						
						
					 
					
						2006-07-17 05:05:57 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						a3949c7786 
					 
					
						
						
							
							with a very recent yassl, we now can display 'yassl' when the OpenSSL API is  
						
						... 
						
						
						
						in fact provided by yassl instead 
						
						
					 
					
						2006-06-29 07:35:02 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						8df5dcb193 
					 
					
						
						
							
							proper use of newlines  
						
						
						
						
					 
					
						2006-06-09 12:07:34 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						2bd3033f68 
					 
					
						
						
							
							NTLM2 session response support  
						
						
						
						
					 
					
						2006-06-07 14:14:04 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						c9c5ce2365 
					 
					
						
						
							
							David McCreedy provided a fix for CURLINFO_LASTSOCKET that does extended  
						
						... 
						
						
						
						checks on the to-be-returned socket to make sure it truly seems to be alive
and well. For SSL connection it (only) uses OpenSSL functions. 
						
						
					 
					
						2006-05-10 22:17:42 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						1946058e7b 
					 
					
						
						
							
							Robson Braga Araujo fixed two problems in the recently added non-blocking SSL  
						
						... 
						
						
						
						connects. The state machine was not reset properly so that subsequent
connects using the same handle would fail, and there were two memory leaks. 
						
						
					 
					
						2006-05-09 12:43:49 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						9bece2b313 
					 
					
						
						
							
							additional renames of Curl_ourerrno => Curl_sockerrno  
						
						
						
						
					 
					
						2006-05-05 10:24:27 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						e85e30546c 
					 
					
						
						
							
							Roland Blom filed bug report  #1481217  
						
						... 
						
						
						
						(http://curl.haxx.se/bug/view.cgi?id=1481217 ), with follow-ups by Michele Bini
and David Byron. libcurl previously wrongly used GetLastError() on windows to
get error details after socket-related function calls, when it really should
use WSAGetLastError() instead.
When changing to this, the former function Curl_ourerrno() is now instead
called Curl_sockerrno() as it is necessary to only use it to get errno from
socket-related functions as otherwise it won't work as intended on Windows. 
						
						
					 
					
						2006-05-04 22:39:47 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						38898ba4af 
					 
					
						
						
							
							corrected the SSL timeout, as Ates Goral's patch did it and that works (opposed  
						
						... 
						
						
						
						to my previous brain-damaged version) 
						
						
					 
					
						2006-04-18 22:10:19 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						676597e961 
					 
					
						
						
							
							Ates Goral found out that if you specified both CURLOPT_CONNECTTIMEOUT and  
						
						... 
						
						
						
						CURLOPT_TIMEOUT, the _longer_ time would wrongly be used for the SSL
connection time-out! 
						
						
					 
					
						2006-04-10 21:49:55 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						5a4b43848a 
					 
					
						
						
							
							First commit of David McCreedy's EBCDIC and TPF changes.  
						
						
						
						
					 
					
						2006-04-07 21:50:47 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						83367f67de 
					 
					
						
						
							
							Xavier Bouchoux made the SSL connection non-blocking for the multi interface  
						
						... 
						
						
						
						(when using OpenSSL). 
						
						
					 
					
						2006-03-21 21:54:44 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						d494d62953 
					 
					
						
						
							
							David McCreedy found a use of the wrong variable when display the error  
						
						... 
						
						
						
						text from OpenSSL. 
						
						
					 
					
						2006-03-13 23:34:25 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						8bba99ae56 
					 
					
						
						
							
							Lots of users on Windows have reported getting the "SSL: couldn't set  
						
						... 
						
						
						
						callback" error message so I've now made the setting of that callback not be
as critical as before. The function is only used for additional loggging/
trace anyway so a failure just means slightly less data. It should still be
able to proceed and connect fine to the server. 
						
						
					 
					
						2006-03-06 22:35:51 +00:00 
						 
				 
			
				
					
						
							
							
								Dan Fandrich 
							
						 
					 
					
						
						
							
						
						178afd81a9 
					 
					
						
						
							
							Fixed lcc compiler warnings.  
						
						
						
						
					 
					
						2005-12-19 19:47:14 +00:00 
						 
				 
			
				
					
						
							
							
								Dan Fandrich 
							
						 
					 
					
						
						
							
						
						e2df946eee 
					 
					
						
						
							
							Fixed some compiler warnings on lcc.  
						
						
						
						
					 
					
						2005-12-13 18:54:31 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						083c5e17e1 
					 
					
						
						
							
							Yang Tse fixed: Openssl 0.9.9 makes 'const' the SSL_METHOD parameter in  
						
						... 
						
						
						
						SSL_CTX_new and others, and also makes functions SSLv23_client_method,
TLSv1_client_method, etc return a 'const' SSL_METHOD pointer. Previous
versions do not use the 'const' qualifier. 
						
						
					 
					
						2005-12-05 15:14:04 +00:00 
						 
				 
			
				
					
						
							
							
								Gisle Vanem 
							
						 
					 
					
						
						
							
						
						67b4d9b232 
					 
					
						
						
							
							Recent OpenSSL returns a 'const' in '*_client_method()'. So avoid  
						
						... 
						
						
						
						'assignment discards qualifiers from pointer target type' warning. 
						
						
					 
					
						2005-12-04 18:47:36 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						9ace303528 
					 
					
						
						
							
							Yang Tse fixed compiler warnings  
						
						
						
						
					 
					
						2005-11-13 23:53:14 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						20b17d6b04 
					 
					
						
						
							
							the debug callback was called with CURLINFO_TEXT with the data size one  
						
						... 
						
						
						
						too big 
						
						
					 
					
						2005-08-10 22:57:14 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						4e26b2a65b 
					 
					
						
						
							
							fix compiler warning  
						
						
						
						
					 
					
						2005-04-13 06:52:03 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						6e61939382 
					 
					
						
						
							
							GnuTLS support added. There's now a "generic" SSL layer that we use all over  
						
						... 
						
						
						
						internally, with code provided by sslgen.c. All SSL-layer-specific code is
then written in ssluse.c (for OpenSSL) and gtls.c (for GnuTLS).
As far as possible, internals should not need to know what SSL layer that is
in use. Building with GnuTLS currently makes two test cases fail.
TODO.gnutls contains a few known outstanding issues for the GnuTLS support.
GnuTLS support is enabled with configure --with-gnutls 
						
						
					 
					
						2005-04-07 15:27:13 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						ab4086bc24 
					 
					
						
						
							
							Updated the copyright year since changes have been this year.  
						
						
						
						
					 
					
						2005-03-31 07:02:02 +00:00 
						 
				 
			
				
					
						
							
							
								Dan Fandrich 
							
						 
					 
					
						
						
							
						
						b01151e81c 
					 
					
						
						
							
							Reduced the length of data read from the random entropy file.  
						
						
						
						
					 
					
						2005-03-04 22:36:56 +00:00 
						 
				 
			
				
					
						
							
							
								Dan Fandrich 
							
						 
					 
					
						
						
							
						
						67bd6f9ccd 
					 
					
						
						
							
							Don't try to read the whole of the random file because when /dev/urandom is  
						
						... 
						
						
						
						used, it slows initialization too much reading an infinitely long file! 
						
						
					 
					
						2005-03-04 20:10:29 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						446b9467da 
					 
					
						
						
							
							init fix for non-SSL builds  
						
						
						
						
					 
					
						2005-02-10 07:45:08 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						61a1e3cd01 
					 
					
						
						
							
							better error checking and SSL init by David Byron  
						
						
						
						
					 
					
						2005-02-09 23:04:51 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						83bab78bda 
					 
					
						
						
							
							Hzhijun reported a memory leak in the SSL certificate code, that leaked the  
						
						... 
						
						
						
						remote certificate name when it didn't match the used host name. 
						
						
					 
					
						2005-01-10 09:48:39 +00:00 
						 
				 
			
				
					
						
							
							
								Gisle Vanem 
							
						 
					 
					
						
						
							
						
						754d6c3abd 
					 
					
						
						
							
							Remove 'data' initialiser.  
						
						
						
						
					 
					
						2004-12-19 11:39:34 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						3d647b9a98 
					 
					
						
						
							
							if the pkcs12.h header exists, include it already in urldata.h to work around  
						
						... 
						
						
						
						a precedence problem with the zlib header. See CHANGES for details. 
						
						
					 
					
						2004-12-19 09:37:32 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						8ad47a13e5 
					 
					
						
						
							
							Samuel Listopad added support for PKCS12 formatted certificates.  
						
						
						
						
					 
					
						2004-12-18 10:42:48 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Stenberg 
							
						 
					 
					
						
						
							
						
						553082e24a 
					 
					
						
						
							
							prevent compiler warning when built without engine support  
						
						
						
						
					 
					
						2004-12-14 22:06:25 +00:00 
						 
				 
			
				
					
						
							
							
								Dan Fandrich 
							
						 
					 
					
						
						
							
						
						10d6d8b2ae 
					 
					
						
						
							
							Header files are in openssl/ only if USE_OPENSSL is set.  
						
						
						
						
					 
					
						2004-12-14 20:25:23 +00:00 
						 
				 
			
				
					
						
							
							
								Gisle Vanem 
							
						 
					 
					
						
						
							
						
						7d3f5d7ac1 
					 
					
						
						
							
							urldata.h: Removed engine_list.  
						
						... 
						
						
						
						ssluse.*: Added SSL_strerror(). Curl_SSL_engines_list() now returns a slist
which must be freed by caller. 
						
						
					 
					
						2004-12-14 14:20:21 +00:00