generic-library/curl

Go to file

Jay Satiro d58ba66eec mbedtls: Fix pinned key return value on fail

- Switch from verifying a pinned public key in a callback during the
certificate verification to inline after the certificate verification.

The callback method had three problems:

1. If a pinned public key didn't match, CURLE_SSL_PINNEDPUBKEYNOTMATCH
was not returned.

2. If peer certificate verification was disabled the pinned key
verification did not take place as it should.

3. (related to #2) If there was no certificate of depth 0 the callback
would not have checked the pinned public key.

Though all those problems could have been fixed it would have made the
code more complex. Instead we now verify inline after the certificate
verification in mbedtls_connect_step2.

Ref: http://curl.haxx.se/mail/lib-2016-01/0047.html
Ref: https://github.com/bagder/curl/pull/601

2016-01-18 03:48:10 -05:00

CMake

CMake: Put "winsock2.h" before "windows.h" during configure checks

2015-09-23 15:18:38 +02:00

docs

CURLINFO_RESPONSE_CODE.3: add example

2016-01-16 23:05:07 -05:00

include

curlver: the pending release will become 7.47.0

2015-12-15 00:02:20 +01:00

lib

mbedtls: Fix pinned key return value on fail

2016-01-18 03:48:10 -05:00

configure: detect IPv6 support on Windows

2015-12-20 23:48:25 +01:00

packages

os400: define CURL_VERSION_PSL in ILE/RPG binding

2015-12-07 10:09:33 +01:00

projects

projects/Windows/.gitignore: ignore generated files for release

2015-09-03 23:34:53 +02:00

scripts

scripts: don't generate and install zsh completion when cross-compiling

2016-01-11 23:32:30 +01:00

src

Makefile.inc: s/curl_SOURCES/CURL_FILES

2015-12-23 12:07:50 +01:00

tests

tests: Add a test for pinnedpubkey fail even when insecure

2016-01-18 03:10:10 -05:00

winbuild

winbuild: run buildconf.bat if necessary

2015-09-09 02:37:57 -04:00

.dir-locals.el

Add .dir-locals and set c-basic-offset to 2.

2015-12-23 10:16:14 +01:00

.gitattributes

Tell git to not convert configure-related files.

2012-07-17 20:35:23 +02:00

.gitignore

build: Install zsh completion

2015-11-24 22:22:01 +01:00

.travis.yml

travis.yml: Add OS X testbot.

2015-08-21 12:48:52 +02:00

acinclude.m4

acinclude: Remove check for 16-bit curl_off_t

2015-11-09 02:56:40 -05:00

appveyor.yml

CI: Added AppVeyor-CI for curl

2015-09-26 23:57:36 +02:00

buildconf

configure: remove missing and make it autogenerate

2015-04-30 18:40:35 +02:00

buildconf.bat

buildconf.bat: fix syntax error

2015-09-09 02:46:48 -04:00

CHANGES

CHANGES: refer to the online changelog

2015-08-06 15:28:27 +02:00

CHANGES.0

code/docs: Use correct case for IPv4 and IPv6

2014-12-27 11:31:55 +00:00

CMakeLists.txt

cmake: Fix for add_subdirectory(curl) use-case

2015-10-19 12:49:56 -04:00

configure.ac

configure: assume IPv6 works when cross-compiled

2016-01-12 10:30:54 +01:00

CONTRIBUTING.md

CONTRIBUTING.md: remove the sourceforge mention

2015-04-30 18:35:43 +02:00

COPYING

COPYING: update general copyright year range

2016-01-07 00:11:16 +01:00

CTestConfig.cmake

ENH: move dashboard location

2009-07-15 19:40:46 +00:00

curl-config.in

curl-config.in: eliminate double quotes around CURL_CA_BUNDLE

2015-02-25 10:23:07 +01:00

GIT-INFO

curl tool: renaming hugehelp files to tool_hugehelp

2012-12-26 23:30:54 +01:00

libcurl.pc.in

build: prevent global LIBS from influencing src and lib build targets

2012-12-03 22:41:18 +01:00

MacOSX-Framework

MacOSX-Framework: sdk regex fix for sdk 10.10 and later

2015-10-25 12:35:49 +01:00

Makefile.am

build: Install zsh completion

2015-11-24 22:22:01 +01:00

Makefile.dist

makefile: Added support for VC14

2015-07-21 18:52:43 +01:00

maketgz

maketgz: Fixed some VC makefiles missing from the release tarball

2015-07-30 06:34:03 +01:00

README

README: use secure protocol for Git repository

2015-06-15 23:45:34 +02:00

RELEASE-NOTES

ssh: make CURLOPT_SSH_PUBLIC_KEYFILE treat "" as NULL

2016-01-15 10:34:34 +01:00

README

                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

README

  Curl is a command line tool for transferring data specified with URL
  syntax. Find out how to use curl by reading the curl.1 man page or the
  MANUAL document. Find out how to install Curl by reading the INSTALL
  document.

  libcurl is the library curl is using to do its job. It is readily
  available to be used by your software. Read the libcurl.3 man page to
  learn how!

  You find answers to the most frequent questions we get in the FAQ document.

  Study the COPYING file for distribution terms and similar. If you distribute
  curl binaries or other binaries that involve libcurl, you might enjoy the
  LICENSE-MIXING document.

CONTACT

  If you have problems, questions, ideas or suggestions, please contact us
  by posting to a suitable mailing list. See http://curl.haxx.se/mail/

  All contributors to the project are listed in the THANKS document.

WEB SITE

  Visit the curl web site for the latest news and downloads:

        http://curl.haxx.se/

GIT

  To download the very latest source off the GIT server do this:

    git clone https://github.com/bagder/curl.git

  (you'll get a directory named curl created, filled with the source code)

NOTICE

  Curl contains pieces of source code that is Copyright (c) 1998, 1999
  Kungliga Tekniska Högskolan. This notice is included here to comply with the
  distribution terms.

Languages

C 74.6%

M4 8.4%

Perl 7.1%

DIGITAL Command Language 3.6%

CMake 1.9%

Other 4.3%