Daniel Stenberg
ac2827ac09
openssl: do the OCSP work-around for libressl too
...
I tested with libressl git master now (v2.1.4-27-g34bf96c) and it seems to
still require the work-around for stapling to work.
2015-03-24 23:39:52 +01:00
Daniel Stenberg
bd9ac3cff2
openssl: verifystatus: only use the OCSP work-around <= 1.0.2a
...
URL: http://curl.haxx.se/mail/lib-2015-03/0205.html
Reported-by: Alessandro Ghedini
2015-03-24 23:06:37 +01:00
Daniel Stenberg
7e6ca87a72
openssl: adapt to ASN1/X509 things gone opaque in 1.1
2015-03-24 22:59:33 +01:00
Jay Satiro
9edf28e12d
curl_easy_setopt.3: Fix misspelling in CURLOPT_PATH_AS_IS description
2015-03-24 21:48:15 +01:00
Viktor Szakáts
bbd0dd3fe2
CURLOPT_HTTPHEADER.3: fix typo in recent commit
2015-03-24 21:48:02 +01:00
Viktor Szakáts
e438a9e2f0
CURLOPT_PATH_AS_IS.3: add type 'long' to prototype
2015-03-24 21:46:07 +01:00
Dan Fandrich
56ae66d518
vtls: fix compile with --disable-crypto-auth but with SSL
...
This is a strange combination of options, but is allowed.
2015-03-24 21:41:22 +01:00
Patrick Monnerat
ff4a4dd92e
os400: define new options in ILE/RPG binding.
2015-03-24 12:18:31 +01:00
Daniel Stenberg
ab6e6edb9e
RELEASE-NOTES: synced with f687860936
2015-03-24 11:15:47 +01:00
Daniel Stenberg
f687860936
curl_easy_setopt.3: Add CURLOPT_PATH_AS_IS
2015-03-24 11:06:38 +01:00
Daniel Stenberg
5d23279299
CURLOPT_PATH_AS_IS: added
...
--path-as-is is the command line option
Added docs in curl.1 and CURLOPT_PATH_AS_IS.3
Added test in test 1241
2015-03-24 10:31:58 +01:00
Yamada Yasuharu
ecc4940df2
curl_easy_recv/send: make them work with the multi interface
...
By making sure Curl_getconnectinfo() uses the correct connection cache
to find the last connection.
2015-03-23 22:46:58 +01:00
Daniel Stenberg
4b02b84897
http2: move the init too for when its actually needed
...
... it would otherwise lead to memory leakage if we never actually do
the switch.
2015-03-23 10:26:04 +01:00
Dan Fandrich
145c4692ff
dict: rename byte to avoid compiler shadowed declaration warning
...
This conflicted with a WolfSSL typedef.
2015-03-23 10:16:10 +01:00
Dan Fandrich
430006c5e2
cyassl: include version.h to ensure the version macros are defined
2015-03-23 10:10:03 +01:00
Dan Fandrich
148207e2d7
test1513: eliminated race condition in test run
...
It seems that some systems (e.g. fairly consistently in some recent
Solaris autobuilds) would manage to get to the connect phase before the
progress callback was called, resulting in a CURLE_COULDNT_CONNECT
error. Reworked the test to point at a test server that never returns a
full result so the progress callback always gets a chance to be called
before the transfer can complete in some other way.
2015-03-22 00:03:44 +01:00
Nick Zitzmann
7f5a170442
darwinsssl: add support for TLS False Start
...
TLS False Start support requires iOS 7.0 or later, or OS X 10.9 or later.
2015-03-21 12:22:56 -05:00
Daniel Stenberg
ed429b72d7
gtls: add check of return code
...
Coverity CID 1291167 pointed out that 'rc' was received but never used when
gnutls_credentials_set() was used. Added return code check now.
2015-03-21 16:53:43 +01:00
Daniel Stenberg
fea13a17d8
gtls: dereferencing NULL pointer
...
Coverity CID 1291165 pointed out 'chainp' could be dereferenced when
NULL if gnutls_certificate_get_peers() had previously failed.
2015-03-21 16:53:23 +01:00
Daniel Stenberg
5f6f9e8b59
gtls: avoid uninitialized variable.
...
Coverity CID 1291166 pointed out that we could read this variable
uninitialized.
2015-03-21 16:53:09 +01:00
Dan Fandrich
f9251a5c86
tests/certs: rebuild certificates with modified key usage bits
...
The certificates were missing the digitalSignature and keyAgreement
usage types, of which at least digitalSignature was checked by CyaSSL.
This caused the test server in test 310 (among others) to fail the
startup verification and therefore run (see
http://curl.haxx.se/mail/lib-2014-07/0303.html ).
2015-03-21 16:33:58 +01:00
Dan Fandrich
38c304a58f
tests/certs: added make target to rebuild certificates
...
The certificate generation scripts were also updated to better match the
format of the certificates currently checked in.
2015-03-21 16:33:58 +01:00
Daniel Stenberg
9cd4d6518f
x509asn1: add /* fallthrough */ in switch() case
2015-03-21 16:29:58 +01:00
Daniel Stenberg
e6917d3b77
x509asn1: minor edit to unconfuse Coverity
...
CID 1202732 warns on the previous use, although I cannot fine any
problems with it. I'm doing this change only to make the code use a more
familiar approach to accomplish the same thing.
2015-03-21 16:21:01 +01:00
Dagobert Michelsen
57dc2f7e40
testcurl: Allow '=' in values given on command line
2015-03-21 15:57:08 +01:00
Daniel Stenberg
b734518371
nss: error: unused variable 'connssl'
2015-03-21 15:47:03 +01:00
Dan Fandrich
61ff197a27
test938: added missing closing tags
2015-03-21 01:27:44 +01:00
Dan Fandrich
6779c50e26
cyassl: use new library version macro when available
2015-03-20 23:49:53 +01:00
Alessandro Ghedini
1f651d1d4d
curl: add --false-start option
2015-03-20 20:14:35 +01:00
Alessandro Ghedini
185914fd31
nss: add support for TLS False Start
2015-03-20 20:14:35 +01:00
Alessandro Ghedini
4dcd25e138
url: add CURLOPT_SSL_FALSESTART option
...
This option can be used to enable/disable TLS False Start defined in the RFC
draft-bmoeller-tls-falsestart.
2015-03-20 20:14:33 +01:00
Alessandro Ghedini
a332922a52
gtls: implement CURLOPT_CERTINFO
2015-03-20 19:03:53 +01:00
Alessandro Ghedini
8854f8d45a
openssl: try to avoid accessing OCSP structs when possible
2015-03-20 15:36:05 +01:00
Daniel Stenberg
9e8f9dbdd3
CURLOPT_URL.3: spelling!
...
Reported-by: Frank Gevaerts
2015-03-20 13:49:45 +01:00
Daniel Stenberg
620e0b23c8
CURLOPT_URL.3: Added "SECURITY CONCERNS"
2015-03-20 12:14:40 +01:00
Daniel Stenberg
2b7ac4e710
CURLOPT_HTTPHEADER.3: add a "SECURITY CONCERNS" section
2015-03-20 12:03:09 +01:00
Dan Fandrich
7868dc7103
cyassl: detect the library as renamed wolfssl
...
This change was made in CyaSSL/WolfSSL ver. 3.4.0
2015-03-19 23:51:40 +01:00
Daniel Stenberg
abfab1786e
HTTP: don't switch to HTTP/2 from 1.1 until we get the 101
...
We prematurely changed protocol handler to HTTP/2 which made things very
slow (and wrong).
Reported-by: Stefan Eissing
Bug: https://github.com/bagder/curl/issues/169
2015-03-19 13:44:18 +01:00
Dan Fandrich
9e66d3f4d3
axtls: version 1.5.2 now requires that config.h be manually included
2015-03-19 10:11:17 +01:00
Daniel Stenberg
1977ff811d
metalink: fix resource leak in OOM
...
Coverity CID 1288826
2015-03-19 09:08:08 +01:00
Dan Fandrich
8ecfaad2cc
docs/libcurl: clean up libcurl-symbols.3
2015-03-18 23:54:36 +01:00
Dan Fandrich
431c5261d2
docs/libcurl: check that all options with man pages are referenced
...
If a man page exists in the opts/ directory, it must also be referenced
either in curl_easy_setopt.3 or curl_multi_setopt.3
2015-03-18 23:44:45 +01:00
Dan Fandrich
d260a0aeeb
curl_easy_setopt.3: added a few missing options
2015-03-18 23:20:49 +01:00
Kamil Dudka
e3fbdc7c8a
nss: explicitly tell NSS to disable NPN/ALPN
...
... if disabled at libcurl level. Otherwise, we would allow to
negotiate NPN despite curl was invoked with the --no-npn option.
2015-03-18 19:43:14 +01:00
Jay Satiro
28de58504e
mkhelp: Remove trailing carriage return from every line of input
...
- Get rid of this flood of warnings in Windows mingw build:
warning: missing terminating " character
The warning is due to the carriage return. When msysgit checks out files
from the repo by default it converts the line endings to CRLF. Prior to
this change when mkhelp.pl processed the MANUAL and curl.1 in CRLF
format the trailing carriage returns caused unnecessary CR in the
output.
2015-03-18 13:48:36 +01:00
Daniel Stenberg
7e16aa936f
RELEASE-NOTES: synced with e539f01567
2015-03-18 08:37:54 +01:00
Christian Weisgerber
e539f01567
docs/libcurl: make portability fix
...
Using $< in a non-suffix rule context is a GNU make idiom. This bug was
introduced in 7.41.0.
2015-03-18 08:31:06 +01:00
Dan Fandrich
252e9acd50
checksrc: Fix whitelist on out-of-tree builds
2015-03-17 23:26:48 +01:00
Stefan Bühler
4d6e079dd2
Curl_sh_entry: remove unused 'timestamp'
2015-03-17 16:29:36 +01:00
Daniel Stenberg
ef1c3b4648
HTTP: don't use Expect: headers when on HTTP/2
...
Reported-by: Stefan Eissing
Bug: https://github.com/bagder/curl/issues/169
2015-03-17 15:09:34 +01:00