Dan Fandrich
447c31ce9d
gnutls: explicitly added SRP to the priority string
...
This seems to have become necessary for SRP support to work starting
with GnuTLS ver. 2.99.0. Since support for SRP was added to GnuTLS
before the function that takes this priority string, there should be no
issue with backward compatibility.
2014-07-12 00:11:44 +02:00
Dan Fandrich
baf8b57b1d
gnutls: ignore invalid certificate dates with VERIFYPEER disabled
...
This makes the behaviour consistent with what happens if a date can
be extracted from the certificate but is expired.
2014-07-11 23:21:31 +02:00
Daniel Stenberg
b99f8e8b4e
gnutls: allow building with nghttp2 but without ALPN support
...
It might not be the most useful combo, but...
2014-05-28 00:30:23 +02:00
Alessandro Ghedini
345bfab518
gnutls: don't use deprecated type names anymore
2014-05-28 00:27:33 +02:00
Daniel Stenberg
386ed2d590
gtls: fix NULL pointer dereference
...
gnutls_x509_crt_import() must not be called with a NULL certificate
Bug: http://curl.haxx.se/mail/lib-2014-04/0145.html
Reported-by: Damian Dixon
2014-04-22 23:24:31 +02:00
Daniel Stenberg
ef813c7097
http2: remove _DRAFT09 from the NPN_HTTP2 enum
...
We're progressing throught drafts so there's no point in having a fixed
one in a symbol that'll survive.
2014-03-31 08:40:24 +02:00
Fabian Frank
8f5a9147be
gtls: honor --[no-]alpn command line switch
...
Disable ALPN if requested by the user.
2014-02-11 22:54:37 +01:00
Fabian Frank
4d8db595ca
gtls: add ALPN support
...
Add ALPN support when using GnuTLS >= 3.2.0. This allows
libcurl to negotiate HTTP/2.0 for https connections when
built with GnuTLS.
See:
http://www.gnutls.org/manual/gnutls.html#Application-Layer-Protocol-Negotiation-_0028ALPN_0029
http://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-04
2014-02-04 09:48:27 +01:00
Fabian Frank
39f7e80a52
disable GnuTLS insecure ciphers
...
Make GnuTLS old and new consistent, specify the desired protocol, cipher
and certificate type in always in both modes. Disable insecure ciphers
as reported by howsmyssl.com. Honor not only --sslv3, but also the
--tlsv1[.N] switches.
Related Bug: http://curl.haxx.se/bug/view.cgi?id=1323
2014-01-20 11:32:55 +01:00
Daniel Stenberg
4f334ba017
gtls: fix compiler warnings on conversions size_t => unsigned int
2014-01-19 23:26:01 +01:00
Steve Holme
f88f9bed00
vtls: Updated comments referencing sslgen.c and ssluse.c
2013-12-26 21:42:22 +00:00
Steve Holme
9aa6e4357a
vtls: Fixed up include of vtls.h
2013-12-26 21:25:51 +00:00
Daniel Stenberg
a47c142a88
vtls: moved all TLS/SSL source and header files into subdir
2013-12-20 17:12:42 +01:00