mirror of
https://github.com/curl/curl.git
synced 2024-12-03 06:20:31 +08:00
806dbb022b
When NSS-powered libcurl connected to a SSL server with CURLOPT_SSL_VERIFYPEER equal to zero, NSS remembered that the peer certificate was accepted by libcurl and did not ask the second time when connecting to the same server with CURLOPT_SSL_VERIFYPEER equal to one. This patch turns off the SSL session cache for the particular SSL socket if peer verification is disabled. In order to avoid any performance impact, the peer verification is completely skipped in that case, which makes it even faster than before. Bug: https://bugzilla.redhat.com/678580
52 lines
2.0 KiB
Plaintext
52 lines
2.0 KiB
Plaintext
Curl and libcurl 7.21.5
|
|
|
|
Public curl releases: 121
|
|
Command line options: 143
|
|
curl_easy_setopt() options: 185
|
|
Public functions in libcurl: 58
|
|
Known libcurl bindings: 39
|
|
Contributors: 854
|
|
|
|
This release includes the following changes:
|
|
|
|
o SOCKOPTFUNCTION: callback can say already-connected
|
|
o Added --netrc-file
|
|
o Added (new) support for cyassl
|
|
|
|
This release includes the following bugfixes:
|
|
|
|
o nss: avoid memory leak on SSL connection failure
|
|
o nss: do not ignore failure of SSL handshake
|
|
o multi: better failed connect handling when using FTP, SMTP, POP3 and IMAP
|
|
o runtests.pl: fix pid number concatenation that prevented it from killing
|
|
the correct process at times
|
|
o PolarSSL: Return 0 on receiving TLS CLOSE_NOTIFY alert
|
|
o curl_easy_setopt.3: Removed wrong reference to CURLOPT_USERPASSWORD
|
|
o multi: close connection on timeout
|
|
o IMAP in multi mode does SSL connections non-blocking
|
|
o honours the --disable-ldaps configure option
|
|
o Force setopt constants written by --libcurl to be long
|
|
o ssh_connect: treat libssh2 return code better
|
|
o SFTP upload could stall the state machine when the multi_socket API was
|
|
used
|
|
o SFTP and SCP could leak memory when used with the multi interface and
|
|
the connection was closed
|
|
o Added missing file to repair the MSVC makefiles
|
|
o Fixed detection of recvfrom arguments on Android/bionic
|
|
o GSS: handle reuse fix
|
|
o transfer: avoid insane conversion of time_t
|
|
o nss: do not ignore value of CURLOPT_SSL_VERIFYPEER in certain cases
|
|
|
|
This release includes the following known bugs:
|
|
|
|
o see docs/KNOWN_BUGS (http://curl.haxx.se/docs/knownbugs.html)
|
|
|
|
This release would not have looked like this without help, code, reports and
|
|
advice from friends like these:
|
|
|
|
Mike Crowe, Kamil Dudka, Julien Chaffraix, Hoi-Ho Chan, Ben Noordhuis,
|
|
Dan Fandrich, Henry Ludemann, Karl M, Manuel Massing, Marcus Sundberg,
|
|
Stefan Krause, Todd A Ouska, Saqib Ali
|
|
|
|
Thanks! (and sorry if I forgot to mention someone)
|