mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-02-11 14:50:40 +08:00
Code Issues Packages Projects Releases Wiki Activity
15,535 Commits 24 Branches 223 Tags 218 MiB
C 74.9%
Perl 8.1%
M4 4.9%
Python 4.2%
CMake 2.6%
Other 5.3%
1394cad30f
Go to file
Oscar Koeroo 1394cad30f SSL: Several SSL-backend related fixes 
axTLS:

This will make the axTLS backend perform the RFC2818 checks, honoring
the VERIFYHOST setting similar to the OpenSSL backend.

Generic for OpenSSL and axTLS:

Move the hostcheck and cert_hostcheck functions from the lib/ssluse.c
files to make them genericly available for both the OpenSSL, axTLS and
other SSL backends. They are now in the new lib/hostcheck.c file.

CyaSSL:

CyaSSL now also has the RFC2818 checks enabled by default. There is a
limitation that the verifyhost can not be enabled exclusively on the
Subject CN field comparison. This SSL backend will thus behave like the
NSS and the GnuTLS (meaning: RFC2818 ok, or bust). In other words:
setting verifyhost to 0 or 1 will disable the Subject Alt Names checks
too.

Schannel:

Updated the schannel information messages: Split the IP address usage
message from the verifyhost setting and changed the message about
disabling SNI (Server Name Indication, used in HTTP virtual hosting)
into a message stating that the Subject Alternative Names checks are
being disabled when verifyhost is set to 0 or 1. As a side effect of
switching off the RFC2818 related servername checks with
SCH_CRED_NO_SERVERNAME_CHECK
(http://msdn.microsoft.com/en-us/library/aa923430.aspx) the SNI feature
is being disabled. This effect is not documented in MSDN, but Wireshark
output clearly shows the effect (details on the libcurl maillist).

PolarSSL:

Fix the prototype change in PolarSSL of ssl_set_session() and the move
of the peer_cert from the ssl_context to the ssl_session. Found this
change in the PolarSSL SVN between r1316 and r1317 where the
POLARSSL_VERSION_NUMBER was at 0x01010100. But to accommodate the Ubuntu
PolarSSL version 1.1.4 the check is to discriminate between lower then
PolarSSL version 1.2.0 and 1.2.0 and higher. Note: The PolarSSL SVN
trunk jumped from version 1.1.1 to 1.2.0.

Generic:

All the SSL backends are fixed and checked to work with the
ssl.verifyhost as a boolean, which is an internal API change.
2012-11-08 22:23:12 +01:00
CMake cmake: use standard findxxx modules for cmake v2.8+ 2012-09-17 23:22:09 +02:00
docs CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value 2012-11-06 19:46:53 +01:00
include version-bump: towards 7.28.1! 2012-10-10 22:35:08 +02:00
lib SSL: Several SSL-backend related fixes 2012-11-08 22:23:12 +01:00
m4 configure: remove the --enable/disable-nonblocking options 2012-08-16 19:24:33 +02:00
packages Updated Symbian build files 2012-09-03 22:54:58 +02:00
perl removed trailing whitespace 2011-12-30 03:36:18 +01:00
src Added deps for static metalink-aware MinGW builds. 2012-11-08 18:41:59 +01:00
tests Fix compilation of lib1501 2012-11-08 18:33:47 +01:00
winbuild winbuild: Use machine type of development environment 2012-11-01 22:23:05 +01:00
.gitattributes Tell git to not convert configure-related files. 2012-07-17 20:35:23 +02:00
.gitignore Moved some patterns to subfolder's .gitignore. 2012-07-03 14:31:50 +02:00
acinclude.m4 configure: NATIVE_WINDOWS no longer defined in config files 2012-04-12 13:08:48 +02:00
Android.mk Updated build docs w.r.t. Android and binary sizes 2012-09-03 22:41:03 +02:00
buildconf curl tool: use configuration files from lib directory 2012-04-06 23:37:05 +02:00
buildconf.bat curl tool: use configuration files from lib directory - follow-up II 2012-04-09 21:39:03 +02:00
CHANGES CHANGES: move all contents from CHANGES to CHANGES.0 2010-06-21 22:27:39 +02:00
CHANGES.0 removed trailing whitespace 2011-12-30 03:36:18 +01:00
CMakeLists.txt configure: NATIVE_WINDOWS no longer defined in config files 2012-04-12 13:08:48 +02:00
configure.ac configure: update the copyright years for the output 2012-08-19 00:18:34 +02:00
COPYING Updated copyright year. 2012-04-13 20:35:02 +02:00
CTestConfig.cmake
curl-config.in curl-config: parentheses fix 2012-08-07 14:13:09 +02:00
curl-style.el remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
GIT-INFO s/CVS/git 2010-03-22 00:41:34 +01:00
install-sh
libcurl.pc.in Fix libcurl.pc and curl-config generation for static MingW* cross builds 2012-05-26 00:01:00 +02:00
log2changes.pl log2changes.pl: fix the Version output 2012-06-07 23:50:00 +02:00
MacOSX-Framework MacOSX-Framework: updates for Snowleopard 2010-09-21 00:07:45 +02:00
Makefile.am make: make distclean work again 2012-07-20 21:56:27 +02:00
Makefile.dist Changed some main makefile targets. 2011-09-25 17:43:50 +02:00
Makefile.msvc.names build: refactoring of msvc makefiles to allow overriding of library filenames. 2010-12-20 21:53:44 +01:00
maketgz curl tool: use configuration files from lib directory 2012-04-06 23:37:05 +02:00
missing
mkinstalldirs remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
README
RELEASE-NOTES RELEASE-NOTES: synced with 487538e87a 2012-11-07 23:21:55 +01:00
sample.emacs remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
TODO-RELEASE TODO-RELEASE: cleanup for 7.28.0 2012-10-09 00:34:16 +02:00
vc6curl.dsw

README 

                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

README

  Curl is a command line tool for transferring data specified with URL
  syntax. Find out how to use curl by reading the curl.1 man page or the
  MANUAL document. Find out how to install Curl by reading the INSTALL
  document.

  libcurl is the library curl is using to do its job. It is readily
  available to be used by your software. Read the libcurl.3 man page to
  learn how!

  You find answers to the most frequent questions we get in the FAQ document.

  Study the COPYING file for distribution terms and similar. If you distribute
  curl binaries or other binaries that involve libcurl, you might enjoy the
  LICENSE-MIXING document.

CONTACT

  If you have problems, questions, ideas or suggestions, please contact us
  by posting to a suitable mailing list. See http://curl.haxx.se/mail/

  All contributors to the project are listed in the THANKS document.

WEB SITE

  Visit the curl web site for the latest news and downloads:

        http://curl.haxx.se/

GIT

  To download the very latest source off the GIT server do this:

    git clone git://github.com/bagder/curl.git

  (you'll get a directory named curl created, filled with the source code)

NOTICE

  Curl contains pieces of source code that is Copyright (c) 1998, 1999
  Kungliga Tekniska Högskolan. This notice is included here to comply with the
  distribution terms.