Steve Holme
930be07067
http_negotiate_sspi: Use correct return type for QuerySecurityPackageInfo()
...
Use the SECURITY_STATUS typedef rather than a unsigned long for the
QuerySecurityPackageInfo() return and rename the variable as per other
areas of SSPI code.
2015-01-17 13:28:03 +00:00
Steve Holme
30eb6bbdc9
http_negotiate_sspi: Use 'CURLcode result' for CURL result code
2015-01-17 13:15:09 +00:00
Steve Holme
a2f8887b79
curl_endian: Fixed build when 64-bit integers are not supported (Part 2)
...
Missed Curl_read64_be() in commit bb12d44471 :(
2015-01-16 23:01:27 +00:00
Daniel Stenberg
b2c01f02d5
CURLOPT_SSL_VERIFYSTATUS.3: mention it is added in version 7.41.0
2015-01-16 23:41:50 +01:00
Daniel Stenberg
c807ce73ed
curlver.h: next release is 7.41.0 due to the changes
2015-01-16 23:36:50 +01:00
Daniel Stenberg
af8928a23b
RELEASE-NOTES: mention the new OCSP stapling options, bump version
2015-01-16 23:36:02 +01:00
Daniel Stenberg
14a6cfaddb
opts: add CURLOPT_SSL_VERIFYSTATUS* to docs/Makefile
2015-01-16 23:34:28 +01:00
Daniel Stenberg
0b1f37e77c
help: add --cert-status to --help output
2015-01-16 23:23:29 +01:00
Daniel Stenberg
a4065ebf1c
copyright years: after OCSP stapling changes
2015-01-16 23:23:29 +01:00
Alessandro Ghedini
bd0c3b3c66
curl: add --cert-status option
...
This enables the CURLOPT_SSL_VERIFYSTATUS functionality.
2015-01-16 23:23:29 +01:00
Alessandro Ghedini
f46c6fbee0
nss: add support for the Certificate Status Request TLS extension
...
Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8.
This requires NSS 3.15 or higher.
2015-01-16 23:23:29 +01:00
Alessandro Ghedini
f13669a375
gtls: add support for the Certificate Status Request TLS extension
...
Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8.
This requires GnuTLS 3.1.3 or higher to build, however it's recommended to use
at least GnuTLS 3.3.11 since previous versions had a bug that caused the OCSP
response verfication to fail even on valid responses.
2015-01-16 23:23:29 +01:00
Alessandro Ghedini
3af90a6e19
url: add CURLOPT_SSL_VERIFYSTATUS option
...
This option can be used to enable/disable certificate status verification using
the "Certificate Status Request" TLS extension defined in RFC6066 section 8.
This also adds the CURLE_SSL_INVALIDCERTSTATUS error, to be used when the
certificate status verification fails, and the Curl_ssl_cert_status_request()
function, used to check whether the SSL backend supports the status_request
extension.
2015-01-16 23:23:29 +01:00
Daniel Stenberg
5e113a18c5
TheArtOfHttpScripting: skip the date at the top, we have git
2015-01-16 23:23:29 +01:00
Daniel Stenberg
5940e06f01
TheArtOfHttpScripting: phrase it TLS lib agnostic
2015-01-16 23:23:29 +01:00
Steve Holme
5c73cdef62
TODO: Added some SMB ideas
2015-01-16 22:22:28 +00:00
Steve Holme
251a349055
RELEASE-NOTES: Synced with 5f09947d28
2015-01-16 21:52:21 +00:00
Steve Holme
5f09947d28
build-openssl.bat: Added check for Perl installation
2015-01-16 21:15:52 +00:00
Steve Holme
224cf1c274
checksrc.bat: Better detection of Perl installation
2015-01-16 21:14:22 +00:00
Steve Holme
bb12d44471
curl_endian: Fixed build when 64-bit integers are not supported
...
Bug: http://curl.haxx.se/mail/lib-2015-01/0094.html
Reported-by: John E. Malmberg
2015-01-16 12:31:24 +00:00
Yun SangHo
bcf07f8a4b
curl.h: remove extra space
2015-01-15 23:41:32 +01:00
Daniel Stenberg
cc28bc472e
Curl_pretransfer: reset expected transfer sizes
...
Reported-by: Mohammad AlSaleh
Bug: http://curl.haxx.se/mail/lib-2015-01/0065.html
2015-01-14 23:31:57 +01:00
Marc Hoersken
e9834808e9
curl_schannel.c: mark session as removed from cache if not freed
...
If the session is still used by active SSL/TLS connections, it
cannot be closed yet. Thus we mark the session as not being cached
any longer so that the reference counting mechanism in
Curl_schannel_shutdown is used to close and free the session.
Reported-by: Jean-Francois Durand
2015-01-12 21:56:05 +01:00
Steve Holme
710c38d7a4
RELEASE-NOTES: Synced with d21b66835f
2015-01-09 22:20:35 +00:00
Guenter Knauf
d21b66835f
Merge pull request #134 from vszakats/mingw-m64
...
add -m64 CFLAGS when targeting mingw64, add -m32/-m64 to LDFLAGS
2015-01-09 22:03:12 +01:00
Guenter Knauf
4e58589b0e
Merge pull request #136 from vszakats/mingw-allow-custom-cflags
...
mingw build: allow to pass custom CFLAGS
2015-01-09 22:02:23 +01:00
Daniel Stenberg
e6b4b4b66d
NSS: fix compiler error when built http2-enabled
2015-01-09 21:55:52 +01:00
Steve Holme
355bf01c82
gssapi: Remove need for duplicated GSS_C_NT_HOSTBASED_SERVICE definitions
...
Better code reuse and consistency in calls to gss_import_name().
2015-01-09 20:37:47 +00:00
Viktor Szakats
b4f13a4952
mingw build: allow to pass custom CFLAGS
2015-01-09 21:03:54 +01:00
Daniel Stenberg
99e71e6a84
FTP: if EPSV fails on IPV6 connections, bail out
...
... instead of trying PASV, since PASV can't work with IPv6.
Reported-by: Vojtěch Král
2015-01-08 22:32:37 +01:00
Daniel Stenberg
9a452ba3a1
FTP: fix IPv6 host using link-local address
...
... and make sure we can connect the data connection to a host name that
is longer than 48 bytes.
Also simplifies the code somewhat by re-using the original host name
more, as it is likely still in the DNS cache.
Original-Patch-by: Vojtěch Král
Bug: http://curl.haxx.se/bug/view.cgi?id=1468
2015-01-08 22:32:37 +01:00
Sam Schanken
659d252b6f
winbuild: Added option to build with c-ares
...
Added support for a WITH_CARES option to be used when invoking nmake
via Makefile.vc. This option enables linking against both the DLL and
static versions of the c-ares libraries, as well as the debug and
release varients, depending on the value of DEBUG. The USE_ARES
preprocessor symbol is also defined.
2015-01-08 21:12:43 +00:00
Guenter Knauf
c712fe01a9
NetWare build: added TLS-SRP enabled build.
2015-01-08 21:40:35 +01:00
Steve Holme
5c0e66d632
sasl_gssapi: Fixed build on NetBSD with built-in GSS-API
...
Bug: http://curl.haxx.se/bug/view.cgi?id=1469
Reported-by: Thomas Klausner
2015-01-08 19:36:58 +00:00
Viktor Szakats
acc8089bc2
add -m64 clags when targeting mingw64, add -m32/-m64 to LDFLAGS
2015-01-08 18:19:03 +01:00
Daniel Stenberg
34636fa47e
bump: start working towards 7.40.1
2015-01-08 10:00:28 +01:00
Daniel Stenberg
003076e17c
THANKS: 14 new contributors from the 7.40.0 release notes
2015-01-08 09:57:19 +01:00
Daniel Stenberg
9ce2d70019
RELEASE-NOTES: version 7.40.0
curl-7_40_0
2015-01-07 23:08:53 +01:00
Daniel Stenberg
4ce22c607b
darwinssl: fix session ID keys to only reuse identical sessions
...
...to avoid a session ID getting cached without certificate checking and
then after a subsequent _enabling_ of the check libcurl could still
re-use the session done without cert checks.
Bug: http://curl.haxx.se/docs/adv_20150108A.html
Reported-by: Marc Hesse
2015-01-07 22:55:56 +01:00
Daniel Stenberg
3df8e78860
tests: make sure CRLFs can't be used in URLs passed to proxy
...
Bug: http://curl.haxx.se/docs/adv_20150108B.html
2015-01-07 22:55:56 +01:00
Daniel Stenberg
178bd7db34
url-parsing: reject CRLFs within URLs
...
Bug: http://curl.haxx.se/docs/adv_20150108B.html
Reported-by: Andrey Labunets
2015-01-07 22:55:56 +01:00
Steve Holme
f7d5ecec9c
ldap: Convert attribute output to UTF-8 when Unicode
2015-01-07 20:01:29 +00:00
Steve Holme
4e420600c1
ldap: Convert DN output to UTF-8 when Unicode
2015-01-07 20:01:27 +00:00
Daniel Stenberg
9547954978
hostip: remove 'stale' argument from Curl_fetch_addr proto
...
Also, remove the log output of the resolved name is NOT in the cache in
the spirit of only telling when something is actually happening.
2015-01-07 14:06:12 +00:00
Steve Holme
4626f31d0e
ldap/imap: Fixed spelling mistake in comments and variable names
...
Reported-by: Michael Osipov
2015-01-07 13:50:56 +00:00
Daniel Stenberg
c07857e063
RELEASE-NOTES: updated with ./contributors.sh output
2015-01-07 12:41:02 +01:00
Dan Fandrich
39217edb12
curl_multibyte.h: Eliminated some trailing whitespace
2015-01-05 10:08:08 +01:00
Steve Holme
241a67f73b
RELEASE-NOTES: Synced with ea93252ef1
2015-01-04 22:58:19 +00:00
Steve Holme
ea93252ef1
ldap: Fixed Unicode usage for all Win32 builds
...
Otherwise, the fixes in the previous commits would only be applicable
to IDN and SSPI based builds and not others such as OpenSSL with LDAP
enabled.
2015-01-04 22:19:30 +00:00
Steve Holme
f6b168de4c
ldap: Fixed memory leak from commit efb64fdf80
2015-01-04 20:33:58 +00:00