generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
20,185 Commits 5 Branches 157 Tags
d58ba66eeceb5a290ecd50f596606a7f77d68b4b
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jay Satiro d58ba66eec mbedtls: Fix pinned key return value on fail 
- Switch from verifying a pinned public key in a callback during the
certificate verification to inline after the certificate verification.

The callback method had three problems:

1. If a pinned public key didn't match, CURLE_SSL_PINNEDPUBKEYNOTMATCH
was not returned.

2. If peer certificate verification was disabled the pinned key
verification did not take place as it should.

3. (related to #2) If there was no certificate of depth 0 the callback
would not have checked the pinned public key.

Though all those problems could have been fixed it would have made the
code more complex. Instead we now verify inline after the certificate
verification in mbedtls_connect_step2.

Ref: http://curl.haxx.se/mail/lib-2016-01/0047.html
Ref: https://github.com/bagder/curl/pull/601
2016-01-18 03:48:10 -05:00
CMake
CMake: Put "winsock2.h" before "windows.h" during configure checks
2015-09-23 15:18:38 +02:00
docs
CURLINFO_RESPONSE_CODE.3: add example
2016-01-16 23:05:07 -05:00
include
curlver: the pending release will become 7.47.0
2015-12-15 00:02:20 +01:00
lib
mbedtls: Fix pinned key return value on fail
2016-01-18 03:48:10 -05:00
m4
configure: detect IPv6 support on Windows
2015-12-20 23:48:25 +01:00
packages
os400: define CURL_VERSION_PSL in ILE/RPG binding
2015-12-07 10:09:33 +01:00
projects
projects/Windows/.gitignore: ignore generated files for release
2015-09-03 23:34:53 +02:00
scripts
scripts: don't generate and install zsh completion when cross-compiling
2016-01-11 23:32:30 +01:00
src
Makefile.inc: s/curl_SOURCES/CURL_FILES
2015-12-23 12:07:50 +01:00
tests
tests: Add a test for pinnedpubkey fail even when insecure
2016-01-18 03:10:10 -05:00
winbuild
winbuild: run buildconf.bat if necessary
2015-09-09 02:37:57 -04:00
.dir-locals.el
Add .dir-locals and set c-basic-offset to 2.
2015-12-23 10:16:14 +01:00
.gitattributes
Tell git to not convert configure-related files.
2012-07-17 20:35:23 +02:00
.gitignore
build: Install zsh completion
2015-11-24 22:22:01 +01:00
.travis.yml
travis.yml: Add OS X testbot.
2015-08-21 12:48:52 +02:00
acinclude.m4
acinclude: Remove check for 16-bit curl_off_t
2015-11-09 02:56:40 -05:00
appveyor.yml
CI: Added AppVeyor-CI for curl
2015-09-26 23:57:36 +02:00
buildconf
configure: remove missing and make it autogenerate
2015-04-30 18:40:35 +02:00
buildconf.bat
buildconf.bat: fix syntax error
2015-09-09 02:46:48 -04:00
CHANGES
CHANGES: refer to the online changelog
2015-08-06 15:28:27 +02:00
CHANGES.0
code/docs: Use correct case for IPv4 and IPv6
2014-12-27 11:31:55 +00:00
CMakeLists.txt
cmake: Fix for add_subdirectory(curl) use-case
2015-10-19 12:49:56 -04:00
configure.ac
configure: assume IPv6 works when cross-compiled
2016-01-12 10:30:54 +01:00
CONTRIBUTING.md
CONTRIBUTING.md: remove the sourceforge mention
2015-04-30 18:35:43 +02:00
COPYING
COPYING: update general copyright year range
2016-01-07 00:11:16 +01:00
CTestConfig.cmake
ENH: move dashboard location
2009-07-15 19:40:46 +00:00
curl-config.in
curl-config.in: eliminate double quotes around CURL_CA_BUNDLE
2015-02-25 10:23:07 +01:00
GIT-INFO
curl tool: renaming hugehelp files to tool_hugehelp
2012-12-26 23:30:54 +01:00
libcurl.pc.in
build: prevent global LIBS from influencing src and lib build targets
2012-12-03 22:41:18 +01:00
MacOSX-Framework
MacOSX-Framework: sdk regex fix for sdk 10.10 and later
2015-10-25 12:35:49 +01:00
Makefile.am
build: Install zsh completion
2015-11-24 22:22:01 +01:00
Makefile.dist
makefile: Added support for VC14
2015-07-21 18:52:43 +01:00
maketgz
maketgz: Fixed some VC makefiles missing from the release tarball
2015-07-30 06:34:03 +01:00
README
README: use secure protocol for Git repository
2015-06-15 23:45:34 +02:00
RELEASE-NOTES
ssh: make CURLOPT_SSH_PUBLIC_KEYFILE treat "" as NULL
2016-01-15 10:34:34 +01:00

README 

                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

README

  Curl is a command line tool for transferring data specified with URL
  syntax. Find out how to use curl by reading the curl.1 man page or the
  MANUAL document. Find out how to install Curl by reading the INSTALL
  document.

  libcurl is the library curl is using to do its job. It is readily
  available to be used by your software. Read the libcurl.3 man page to
  learn how!

  You find answers to the most frequent questions we get in the FAQ document.

  Study the COPYING file for distribution terms and similar. If you distribute
  curl binaries or other binaries that involve libcurl, you might enjoy the
  LICENSE-MIXING document.

CONTACT

  If you have problems, questions, ideas or suggestions, please contact us
  by posting to a suitable mailing list. See http://curl.haxx.se/mail/

  All contributors to the project are listed in the THANKS document.

WEB SITE

  Visit the curl web site for the latest news and downloads:

        http://curl.haxx.se/

GIT

  To download the very latest source off the GIT server do this:

    git clone https://github.com/bagder/curl.git

  (you'll get a directory named curl created, filled with the source code)

NOTICE

  Curl contains pieces of source code that is Copyright (c) 1998, 1999
  Kungliga Tekniska Högskolan. This notice is included here to comply with the
  distribution terms.
Description
No description provided
Readme 40 MiB
Languages
C 74.6%
M4 8.4%
Perl 7.1%
DIGITAL Command Language 3.6%
CMake 1.9%
Other 4.3%