Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Comment: | Hotfix for secure app update |
---|---|
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
7db359029c846eabbb86fe6dd4f4a41f |
User & Date: | kevin 2017-04-07 22:31:42 |
2017-04-08
| ||
01:53 | Hotfix for tls issues on macOS check-in: 5124af622e user: kevin tags: trunk | |
2017-04-07
| ||
22:31 | Hotfix for secure app update check-in: 7db359029c user: kevin tags: trunk | |
2017-04-03
| ||
10:09 | Update ssl bits check-in: 6ae661a85d user: kevin tags: trunk | |
Deleted maclibs/tcltls1.7.11/pkgIndex.tcl.
|
| < < < < < < < < < < < < < < < < |
Deleted maclibs/tcltls1.7.11/tcltls.dylib.
cannot compute difference between binary files
Added scriptlibs/softwareupdate/curl/BUILD-HOMEPAGE.url.
> > | 1 2 | [InternetShortcut] URL=https://github.com/vszakats/harbour-deps |
Added scriptlibs/softwareupdate/curl/BUILD-README.txt.
> > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 | Visit the project page for details about these builds and the list of changes: https://github.com/vszakats/harbour-deps Please donate to support maintaining these builds: PayPal: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=2DZM6WAGRJWT6 Thank you! |
Added scriptlibs/softwareupdate/curl/CHANGES.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679 1680 1681 1682 1683 1684 1685 1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 1704 1705 1706 1707 1708 1709 1710 1711 1712 1713 1714 1715 1716 1717 1718 1719 1720 1721 1722 1723 1724 1725 1726 1727 1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 1747 1748 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 1796 1797 1798 1799 1800 1801 1802 1803 1804 1805 1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 1816 1817 1818 1819 1820 1821 1822 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850 1851 1852 1853 1854 1855 1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868 1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 1893 1894 1895 1896 1897 1898 1899 1900 1901 1902 1903 1904 1905 1906 1907 1908 1909 1910 1911 1912 1913 1914 1915 1916 1917 1918 1919 1920 1921 1922 1923 1924 1925 1926 1927 1928 1929 1930 1931 1932 1933 1934 1935 1936 1937 1938 1939 1940 1941 1942 1943 1944 1945 1946 1947 1948 1949 1950 1951 1952 1953 1954 1955 1956 1957 1958 1959 1960 1961 1962 1963 1964 1965 1966 1967 1968 1969 1970 1971 1972 1973 1974 1975 1976 1977 1978 1979 1980 1981 1982 1983 1984 1985 1986 1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025 2026 2027 2028 2029 2030 2031 2032 2033 2034 2035 2036 2037 2038 2039 2040 2041 2042 2043 2044 2045 2046 2047 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 2058 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 2088 2089 2090 2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103 2104 2105 2106 2107 2108 2109 2110 2111 2112 2113 2114 2115 2116 2117 2118 2119 2120 2121 2122 2123 2124 2125 2126 2127 2128 2129 2130 2131 2132 2133 2134 2135 2136 2137 2138 2139 2140 2141 2142 2143 2144 2145 2146 2147 2148 2149 2150 2151 2152 2153 2154 2155 2156 2157 2158 2159 2160 2161 2162 2163 2164 2165 2166 2167 2168 2169 2170 2171 2172 2173 2174 2175 2176 2177 2178 2179 2180 2181 2182 2183 2184 2185 2186 2187 2188 2189 2190 2191 2192 2193 2194 2195 2196 2197 2198 2199 2200 2201 2202 2203 2204 2205 2206 2207 2208 2209 2210 2211 2212 2213 2214 2215 2216 2217 2218 2219 2220 2221 2222 2223 2224 2225 2226 2227 2228 2229 2230 2231 2232 2233 2234 2235 2236 2237 2238 2239 2240 2241 2242 2243 2244 2245 2246 2247 2248 2249 2250 2251 2252 2253 2254 2255 2256 2257 2258 2259 2260 2261 2262 2263 2264 2265 2266 2267 2268 2269 2270 2271 2272 2273 2274 2275 2276 2277 2278 2279 2280 2281 2282 2283 2284 2285 2286 2287 2288 2289 2290 2291 2292 2293 2294 2295 2296 2297 2298 2299 2300 2301 2302 2303 2304 2305 2306 2307 2308 2309 2310 2311 2312 2313 2314 2315 2316 2317 2318 2319 2320 2321 2322 2323 2324 2325 2326 2327 2328 2329 2330 2331 2332 2333 2334 2335 2336 2337 2338 2339 2340 2341 2342 2343 2344 2345 2346 2347 2348 2349 2350 2351 2352 2353 2354 2355 2356 2357 2358 2359 2360 2361 2362 2363 2364 2365 2366 2367 2368 2369 2370 2371 2372 2373 2374 2375 2376 2377 2378 2379 2380 2381 2382 2383 2384 2385 2386 2387 2388 2389 2390 2391 2392 2393 2394 2395 2396 2397 2398 2399 2400 2401 2402 2403 2404 2405 2406 2407 2408 2409 2410 2411 2412 2413 2414 2415 2416 2417 2418 2419 2420 2421 2422 2423 2424 2425 2426 2427 2428 2429 2430 2431 2432 2433 2434 2435 2436 2437 2438 2439 2440 2441 2442 2443 2444 2445 2446 2447 2448 2449 2450 2451 2452 2453 2454 2455 2456 2457 2458 2459 2460 2461 2462 2463 2464 2465 2466 2467 2468 2469 2470 2471 2472 2473 2474 2475 2476 2477 2478 2479 2480 2481 2482 2483 2484 2485 2486 2487 2488 2489 2490 2491 2492 2493 2494 2495 2496 2497 2498 2499 2500 2501 2502 2503 2504 2505 2506 2507 2508 2509 2510 2511 2512 2513 2514 2515 2516 2517 2518 2519 2520 2521 2522 2523 2524 2525 2526 2527 2528 2529 2530 2531 2532 2533 2534 2535 2536 2537 2538 2539 2540 2541 2542 2543 2544 2545 2546 2547 2548 2549 2550 2551 2552 2553 2554 2555 2556 2557 2558 2559 2560 2561 2562 2563 2564 2565 2566 2567 2568 2569 2570 2571 2572 2573 2574 2575 2576 2577 2578 2579 2580 2581 2582 2583 2584 2585 2586 2587 2588 2589 2590 2591 2592 2593 2594 2595 2596 2597 2598 2599 2600 2601 2602 2603 2604 2605 2606 2607 2608 2609 2610 2611 2612 2613 2614 2615 2616 2617 2618 2619 2620 2621 2622 2623 2624 2625 2626 2627 2628 2629 2630 2631 2632 2633 2634 2635 2636 2637 2638 2639 2640 2641 2642 2643 2644 2645 2646 2647 2648 2649 2650 2651 2652 2653 2654 2655 2656 2657 2658 2659 2660 2661 2662 2663 2664 2665 2666 2667 2668 2669 2670 2671 2672 2673 2674 2675 2676 2677 2678 2679 2680 2681 2682 2683 2684 2685 2686 2687 2688 2689 2690 2691 2692 2693 2694 2695 2696 2697 2698 2699 2700 2701 2702 2703 2704 2705 2706 2707 2708 2709 2710 2711 2712 2713 2714 2715 2716 2717 2718 2719 2720 2721 2722 2723 2724 2725 2726 2727 2728 2729 2730 2731 2732 2733 2734 2735 2736 2737 2738 2739 2740 2741 2742 2743 2744 2745 2746 2747 2748 2749 2750 2751 2752 2753 2754 2755 2756 2757 2758 2759 2760 2761 2762 2763 2764 2765 2766 2767 2768 2769 2770 2771 2772 2773 2774 2775 2776 2777 2778 2779 2780 2781 2782 2783 2784 2785 2786 2787 2788 2789 2790 2791 2792 2793 2794 2795 2796 2797 2798 2799 2800 2801 2802 2803 2804 2805 2806 2807 2808 2809 2810 2811 2812 2813 2814 2815 2816 2817 2818 2819 2820 2821 2822 2823 2824 2825 2826 2827 2828 2829 2830 2831 2832 2833 2834 2835 2836 2837 2838 2839 2840 2841 2842 2843 2844 2845 2846 2847 2848 2849 2850 2851 2852 2853 2854 2855 2856 2857 2858 2859 2860 2861 2862 2863 2864 2865 2866 2867 2868 2869 2870 2871 2872 2873 2874 2875 2876 2877 2878 2879 2880 2881 2882 2883 2884 2885 2886 2887 2888 2889 2890 2891 2892 2893 2894 2895 2896 2897 2898 2899 2900 2901 2902 2903 2904 2905 2906 2907 2908 2909 2910 2911 2912 2913 2914 2915 2916 2917 2918 2919 2920 2921 2922 2923 2924 2925 2926 2927 2928 2929 2930 2931 2932 2933 2934 2935 2936 2937 2938 2939 2940 2941 2942 2943 2944 2945 2946 2947 2948 2949 2950 2951 2952 2953 2954 2955 2956 2957 2958 2959 2960 2961 2962 2963 2964 2965 2966 2967 2968 2969 2970 2971 2972 2973 2974 2975 2976 2977 2978 2979 2980 2981 2982 2983 2984 2985 2986 2987 2988 2989 2990 2991 2992 2993 2994 2995 2996 2997 2998 2999 3000 3001 3002 3003 3004 3005 3006 3007 3008 3009 3010 3011 3012 3013 3014 3015 3016 3017 3018 3019 3020 3021 3022 3023 3024 3025 3026 3027 3028 3029 3030 3031 3032 3033 3034 3035 3036 3037 3038 3039 3040 3041 3042 3043 3044 3045 3046 3047 3048 3049 3050 3051 3052 3053 3054 3055 3056 3057 3058 3059 3060 3061 3062 3063 3064 3065 3066 3067 3068 3069 3070 3071 3072 3073 3074 3075 3076 3077 3078 3079 3080 3081 3082 3083 3084 3085 3086 3087 3088 3089 3090 3091 3092 3093 3094 3095 3096 3097 3098 3099 3100 3101 3102 3103 3104 3105 3106 3107 3108 3109 3110 3111 3112 3113 3114 3115 3116 3117 3118 3119 3120 3121 3122 3123 3124 3125 3126 3127 3128 3129 3130 3131 3132 3133 3134 3135 3136 3137 3138 3139 3140 3141 3142 3143 3144 3145 3146 3147 3148 3149 3150 3151 3152 3153 3154 3155 3156 3157 3158 3159 3160 3161 3162 3163 3164 3165 3166 3167 3168 3169 3170 3171 3172 3173 3174 3175 3176 3177 3178 3179 3180 3181 3182 3183 3184 3185 3186 3187 3188 3189 3190 3191 3192 3193 3194 3195 3196 3197 3198 3199 3200 3201 3202 3203 3204 3205 3206 3207 3208 3209 3210 3211 3212 3213 3214 3215 3216 3217 3218 3219 3220 3221 3222 3223 3224 3225 3226 3227 3228 3229 3230 3231 3232 3233 3234 3235 3236 3237 3238 3239 3240 3241 3242 3243 3244 3245 3246 3247 3248 3249 3250 3251 3252 3253 3254 3255 3256 3257 3258 3259 3260 3261 3262 3263 3264 3265 3266 3267 3268 3269 3270 3271 3272 3273 3274 3275 3276 3277 3278 3279 3280 3281 3282 3283 3284 3285 3286 3287 3288 3289 3290 3291 3292 3293 3294 3295 3296 3297 3298 3299 3300 3301 3302 3303 3304 3305 3306 3307 3308 3309 3310 3311 3312 3313 3314 3315 3316 3317 3318 3319 3320 3321 3322 3323 3324 3325 3326 3327 3328 3329 3330 3331 3332 3333 3334 3335 3336 3337 3338 3339 3340 3341 3342 3343 3344 3345 3346 3347 3348 3349 3350 3351 3352 3353 3354 3355 3356 3357 3358 3359 3360 3361 3362 3363 3364 3365 3366 3367 3368 3369 3370 3371 3372 3373 3374 3375 3376 3377 3378 3379 3380 3381 3382 3383 3384 3385 3386 3387 3388 3389 3390 3391 3392 3393 3394 3395 3396 3397 3398 3399 3400 3401 3402 3403 3404 3405 3406 3407 3408 3409 3410 3411 3412 3413 3414 3415 3416 3417 3418 3419 3420 3421 3422 3423 3424 3425 3426 3427 3428 3429 3430 3431 3432 3433 3434 3435 3436 3437 3438 3439 3440 3441 3442 3443 3444 3445 3446 3447 3448 3449 3450 3451 3452 3453 3454 3455 3456 3457 3458 3459 3460 3461 3462 3463 3464 3465 3466 3467 3468 3469 3470 3471 3472 3473 3474 3475 3476 3477 3478 3479 3480 3481 3482 3483 3484 3485 3486 3487 3488 3489 3490 3491 3492 3493 3494 3495 3496 3497 3498 3499 3500 3501 3502 3503 3504 3505 3506 3507 3508 3509 3510 3511 3512 3513 3514 3515 3516 3517 3518 3519 3520 3521 3522 3523 3524 3525 3526 3527 3528 3529 3530 3531 3532 3533 3534 3535 3536 3537 3538 3539 3540 3541 3542 3543 3544 3545 3546 3547 3548 3549 3550 3551 3552 3553 3554 3555 3556 3557 3558 3559 3560 3561 3562 3563 3564 3565 3566 3567 3568 3569 3570 3571 3572 3573 3574 3575 3576 3577 3578 3579 3580 3581 3582 3583 3584 3585 3586 3587 3588 3589 3590 3591 3592 3593 3594 3595 3596 3597 3598 3599 3600 3601 3602 3603 3604 3605 3606 3607 3608 3609 3610 3611 3612 3613 3614 3615 3616 3617 3618 3619 3620 3621 3622 3623 3624 3625 3626 3627 3628 3629 3630 3631 3632 3633 3634 3635 3636 3637 3638 3639 3640 3641 3642 3643 3644 3645 3646 3647 3648 3649 3650 3651 3652 3653 3654 3655 3656 3657 3658 3659 3660 3661 3662 3663 3664 3665 3666 3667 3668 3669 3670 3671 3672 3673 3674 3675 3676 3677 3678 3679 3680 3681 3682 3683 3684 3685 3686 3687 3688 3689 3690 3691 3692 3693 3694 3695 3696 3697 3698 3699 3700 3701 3702 3703 3704 3705 3706 3707 3708 3709 3710 3711 3712 3713 3714 3715 3716 3717 3718 3719 3720 3721 3722 3723 3724 3725 3726 3727 3728 3729 3730 3731 3732 3733 3734 3735 3736 3737 3738 3739 3740 3741 3742 3743 3744 3745 3746 3747 3748 3749 3750 3751 3752 3753 3754 3755 3756 3757 3758 3759 3760 3761 3762 3763 3764 3765 3766 3767 3768 3769 3770 3771 3772 3773 3774 3775 3776 3777 3778 3779 3780 3781 3782 3783 3784 3785 3786 3787 3788 3789 3790 3791 3792 3793 3794 3795 3796 3797 3798 3799 3800 3801 3802 3803 3804 3805 3806 3807 3808 3809 3810 3811 3812 3813 3814 3815 3816 3817 3818 3819 3820 3821 3822 3823 3824 3825 3826 3827 3828 3829 3830 3831 3832 3833 3834 3835 3836 3837 3838 3839 3840 3841 3842 3843 3844 3845 3846 3847 3848 3849 3850 3851 3852 3853 3854 3855 3856 3857 3858 3859 3860 3861 3862 3863 3864 3865 3866 3867 3868 3869 3870 3871 3872 3873 3874 3875 3876 3877 3878 3879 3880 3881 3882 3883 3884 3885 3886 3887 3888 3889 3890 3891 3892 3893 3894 3895 3896 3897 3898 3899 3900 3901 3902 3903 3904 3905 3906 3907 3908 3909 3910 3911 3912 3913 3914 3915 3916 3917 3918 3919 3920 3921 3922 3923 3924 3925 3926 3927 3928 3929 3930 3931 3932 3933 3934 3935 3936 3937 3938 3939 3940 3941 3942 3943 3944 3945 3946 3947 3948 3949 3950 3951 3952 3953 3954 3955 3956 3957 3958 3959 3960 3961 3962 3963 3964 3965 3966 3967 3968 3969 3970 3971 3972 3973 3974 3975 3976 3977 3978 3979 3980 3981 3982 3983 3984 3985 3986 3987 3988 3989 3990 3991 3992 3993 3994 3995 3996 3997 3998 3999 4000 4001 4002 4003 4004 4005 4006 4007 4008 4009 4010 4011 4012 4013 4014 4015 4016 4017 4018 4019 4020 4021 4022 4023 4024 4025 4026 4027 4028 4029 4030 4031 4032 4033 4034 4035 4036 4037 4038 4039 4040 4041 4042 4043 4044 4045 4046 4047 4048 4049 4050 4051 4052 4053 4054 4055 4056 4057 4058 4059 4060 4061 4062 4063 4064 4065 4066 4067 4068 4069 4070 4071 4072 4073 4074 4075 4076 4077 4078 4079 4080 4081 4082 4083 4084 4085 4086 4087 4088 4089 4090 4091 4092 4093 4094 4095 4096 4097 4098 4099 4100 4101 4102 4103 4104 4105 4106 4107 4108 4109 4110 4111 4112 4113 4114 4115 4116 4117 4118 4119 4120 4121 4122 4123 4124 4125 4126 4127 4128 4129 4130 4131 4132 4133 4134 4135 4136 4137 4138 4139 4140 4141 4142 4143 4144 4145 4146 4147 4148 4149 4150 4151 4152 4153 4154 4155 4156 4157 4158 4159 4160 4161 4162 4163 4164 4165 4166 4167 4168 4169 4170 4171 4172 4173 4174 4175 4176 4177 4178 4179 4180 4181 4182 4183 4184 4185 4186 4187 4188 4189 4190 4191 4192 4193 4194 4195 4196 4197 4198 4199 4200 4201 4202 4203 4204 4205 4206 4207 4208 4209 4210 4211 4212 4213 4214 4215 4216 4217 4218 4219 4220 4221 4222 4223 4224 4225 4226 4227 4228 4229 4230 4231 4232 4233 4234 4235 4236 4237 4238 4239 4240 4241 4242 4243 4244 4245 4246 4247 4248 4249 4250 4251 4252 4253 4254 4255 4256 4257 4258 4259 4260 4261 4262 4263 4264 4265 4266 4267 4268 4269 4270 4271 4272 4273 4274 4275 4276 4277 4278 4279 4280 4281 4282 4283 4284 4285 4286 4287 4288 4289 4290 4291 4292 4293 4294 4295 4296 4297 4298 4299 4300 4301 4302 4303 4304 4305 4306 4307 4308 4309 4310 4311 4312 4313 4314 4315 4316 4317 4318 4319 4320 4321 4322 4323 4324 4325 4326 4327 4328 4329 4330 4331 4332 4333 4334 4335 4336 4337 4338 4339 4340 4341 4342 4343 4344 4345 4346 4347 4348 4349 4350 4351 4352 4353 4354 4355 4356 4357 4358 4359 4360 4361 4362 4363 4364 4365 4366 4367 4368 4369 4370 4371 4372 4373 4374 4375 4376 4377 4378 4379 4380 4381 4382 4383 4384 4385 4386 4387 4388 4389 4390 4391 4392 4393 4394 4395 4396 4397 4398 4399 4400 4401 4402 4403 4404 4405 4406 4407 4408 4409 4410 4411 4412 4413 4414 4415 4416 4417 4418 4419 4420 4421 4422 4423 4424 4425 4426 4427 4428 4429 4430 4431 4432 4433 4434 4435 4436 4437 4438 4439 4440 4441 4442 4443 4444 4445 4446 4447 4448 4449 4450 4451 4452 4453 4454 4455 4456 4457 4458 4459 4460 4461 4462 4463 4464 4465 4466 4467 4468 4469 4470 4471 4472 4473 4474 4475 4476 4477 4478 4479 4480 4481 4482 4483 4484 4485 4486 4487 4488 4489 4490 4491 4492 4493 4494 4495 4496 4497 4498 4499 4500 4501 4502 4503 4504 4505 4506 4507 4508 4509 4510 4511 4512 4513 4514 4515 4516 4517 4518 4519 4520 4521 4522 4523 4524 4525 4526 4527 4528 4529 4530 4531 4532 4533 4534 4535 4536 4537 4538 4539 4540 4541 4542 4543 4544 4545 4546 4547 4548 4549 4550 4551 4552 4553 4554 4555 4556 4557 4558 4559 4560 4561 4562 4563 4564 4565 4566 4567 4568 4569 4570 4571 4572 4573 4574 4575 4576 4577 4578 4579 4580 4581 4582 4583 4584 4585 4586 4587 4588 4589 4590 4591 4592 4593 4594 4595 4596 4597 4598 4599 4600 4601 4602 4603 4604 4605 4606 4607 4608 4609 4610 4611 4612 4613 4614 4615 4616 4617 4618 4619 4620 4621 4622 4623 4624 4625 4626 4627 4628 4629 4630 4631 4632 4633 4634 4635 4636 4637 4638 4639 4640 4641 4642 4643 4644 4645 4646 4647 4648 4649 4650 4651 4652 4653 4654 4655 4656 4657 4658 4659 4660 4661 4662 4663 4664 4665 4666 4667 4668 4669 4670 4671 4672 4673 4674 4675 4676 4677 4678 4679 4680 4681 4682 4683 4684 4685 4686 4687 4688 4689 4690 4691 4692 4693 4694 4695 4696 4697 4698 4699 4700 4701 4702 4703 4704 4705 4706 4707 4708 4709 4710 4711 4712 4713 4714 4715 4716 4717 4718 4719 4720 4721 4722 4723 4724 4725 4726 4727 4728 4729 4730 4731 4732 4733 4734 4735 4736 4737 4738 4739 4740 4741 4742 4743 4744 4745 4746 4747 4748 4749 4750 4751 4752 4753 4754 4755 4756 4757 4758 4759 4760 4761 4762 4763 4764 4765 4766 4767 4768 4769 4770 4771 4772 4773 4774 4775 4776 4777 4778 4779 4780 4781 4782 4783 4784 4785 4786 4787 4788 4789 4790 4791 4792 4793 4794 4795 4796 4797 4798 4799 4800 4801 4802 4803 4804 4805 4806 4807 4808 4809 4810 4811 4812 4813 4814 4815 4816 4817 4818 4819 4820 4821 4822 4823 4824 4825 4826 4827 4828 4829 4830 4831 4832 4833 4834 4835 4836 4837 4838 4839 4840 4841 4842 4843 4844 4845 4846 4847 4848 4849 4850 4851 4852 4853 4854 4855 4856 4857 4858 4859 4860 4861 4862 4863 4864 4865 4866 4867 4868 4869 4870 4871 4872 4873 4874 4875 4876 4877 4878 4879 4880 4881 4882 4883 4884 4885 4886 4887 4888 4889 4890 4891 4892 4893 4894 4895 4896 4897 4898 4899 4900 4901 4902 4903 4904 4905 4906 4907 4908 4909 4910 4911 4912 4913 4914 4915 4916 4917 4918 4919 4920 4921 4922 4923 4924 4925 4926 4927 4928 4929 4930 4931 4932 4933 4934 4935 4936 4937 4938 4939 4940 4941 4942 4943 4944 4945 4946 4947 4948 4949 4950 4951 4952 4953 4954 4955 4956 4957 4958 4959 4960 4961 4962 4963 4964 4965 4966 4967 4968 4969 4970 4971 4972 4973 4974 4975 4976 4977 4978 4979 4980 4981 4982 4983 4984 4985 4986 4987 4988 4989 4990 4991 4992 4993 4994 4995 4996 4997 4998 4999 5000 5001 5002 5003 5004 5005 5006 5007 5008 5009 5010 5011 5012 5013 5014 5015 5016 5017 5018 5019 5020 5021 5022 5023 5024 5025 5026 5027 5028 5029 5030 5031 5032 5033 5034 5035 5036 5037 5038 5039 5040 5041 5042 5043 5044 5045 5046 5047 5048 5049 5050 5051 5052 5053 5054 5055 5056 5057 5058 5059 5060 5061 5062 5063 5064 5065 5066 5067 5068 5069 5070 5071 5072 5073 5074 5075 5076 5077 5078 5079 5080 5081 5082 5083 5084 5085 5086 5087 5088 5089 5090 5091 5092 5093 5094 5095 5096 5097 5098 5099 5100 5101 5102 5103 5104 5105 5106 5107 5108 5109 5110 5111 5112 5113 5114 5115 5116 5117 5118 5119 5120 5121 5122 5123 5124 5125 5126 5127 5128 5129 5130 5131 5132 5133 5134 5135 5136 5137 5138 5139 5140 5141 5142 5143 5144 5145 5146 5147 5148 5149 5150 5151 5152 5153 5154 5155 5156 5157 5158 5159 5160 5161 5162 5163 5164 5165 5166 5167 5168 5169 5170 5171 5172 5173 5174 5175 5176 5177 5178 5179 5180 5181 5182 5183 5184 5185 5186 5187 5188 5189 5190 5191 5192 5193 5194 5195 5196 5197 5198 5199 5200 5201 5202 5203 5204 5205 5206 5207 5208 5209 5210 5211 5212 5213 5214 5215 5216 5217 5218 5219 5220 5221 5222 5223 5224 5225 5226 5227 5228 5229 5230 5231 5232 5233 5234 5235 5236 5237 5238 5239 5240 5241 5242 5243 5244 5245 5246 5247 5248 5249 5250 5251 5252 5253 5254 5255 5256 5257 5258 5259 5260 5261 5262 5263 5264 5265 5266 5267 5268 5269 5270 5271 5272 5273 5274 5275 5276 5277 5278 5279 5280 5281 5282 5283 5284 5285 5286 5287 5288 5289 5290 5291 5292 5293 5294 5295 5296 5297 5298 5299 5300 5301 5302 5303 5304 5305 5306 5307 5308 5309 5310 5311 5312 5313 5314 5315 5316 5317 5318 5319 5320 5321 5322 5323 5324 5325 5326 5327 5328 5329 5330 5331 5332 5333 5334 5335 5336 5337 5338 5339 5340 5341 5342 5343 5344 5345 5346 5347 5348 5349 5350 5351 5352 5353 5354 5355 5356 5357 5358 5359 5360 5361 5362 5363 5364 5365 5366 5367 5368 5369 5370 5371 5372 5373 5374 5375 5376 5377 5378 5379 5380 5381 5382 5383 5384 5385 5386 5387 5388 5389 5390 5391 5392 5393 5394 5395 5396 5397 5398 5399 5400 5401 5402 5403 5404 5405 5406 5407 5408 5409 5410 5411 5412 5413 5414 5415 5416 5417 5418 5419 5420 5421 5422 5423 5424 5425 5426 5427 5428 5429 5430 5431 5432 5433 5434 5435 5436 5437 5438 5439 5440 5441 5442 5443 5444 5445 5446 5447 5448 5449 5450 5451 5452 5453 5454 5455 5456 5457 5458 5459 5460 5461 5462 5463 5464 5465 5466 5467 5468 5469 5470 5471 5472 5473 5474 5475 5476 5477 5478 5479 5480 5481 5482 5483 5484 5485 5486 5487 5488 5489 5490 5491 5492 5493 5494 5495 5496 5497 5498 5499 5500 5501 5502 5503 5504 5505 5506 5507 5508 5509 5510 5511 5512 5513 5514 5515 5516 5517 5518 5519 5520 5521 5522 5523 5524 5525 5526 5527 5528 5529 5530 5531 5532 5533 5534 5535 5536 5537 5538 5539 5540 5541 5542 5543 5544 5545 5546 5547 5548 5549 5550 5551 5552 5553 5554 5555 5556 5557 5558 5559 5560 5561 5562 5563 5564 5565 5566 5567 5568 5569 5570 5571 5572 5573 5574 5575 5576 5577 5578 5579 5580 5581 5582 5583 5584 5585 5586 5587 5588 5589 5590 5591 5592 5593 5594 5595 5596 5597 5598 5599 5600 5601 5602 5603 5604 5605 5606 5607 5608 5609 5610 5611 5612 5613 5614 5615 5616 5617 5618 5619 5620 5621 5622 5623 5624 5625 5626 5627 5628 5629 5630 5631 5632 5633 5634 5635 5636 5637 5638 5639 5640 5641 5642 5643 5644 5645 5646 5647 5648 5649 5650 5651 5652 5653 5654 5655 5656 5657 5658 5659 5660 5661 5662 5663 5664 5665 5666 5667 5668 5669 5670 5671 5672 5673 5674 5675 5676 5677 5678 5679 5680 5681 5682 5683 5684 5685 5686 5687 5688 5689 5690 5691 5692 5693 5694 5695 5696 5697 5698 5699 5700 5701 5702 5703 5704 5705 5706 5707 5708 5709 5710 5711 5712 5713 5714 5715 5716 5717 5718 5719 5720 5721 5722 5723 5724 5725 5726 5727 5728 5729 5730 5731 5732 5733 5734 5735 5736 5737 5738 5739 5740 5741 5742 5743 5744 5745 5746 5747 5748 5749 5750 5751 5752 5753 5754 5755 5756 5757 5758 5759 5760 5761 5762 5763 5764 5765 5766 5767 5768 5769 5770 5771 5772 5773 5774 5775 5776 5777 5778 5779 5780 5781 5782 5783 5784 5785 5786 5787 5788 5789 5790 5791 5792 5793 5794 5795 5796 5797 5798 5799 5800 5801 5802 5803 5804 5805 5806 5807 5808 5809 5810 5811 5812 5813 5814 5815 5816 5817 5818 5819 5820 5821 5822 5823 5824 5825 5826 5827 5828 5829 5830 5831 5832 5833 5834 5835 5836 5837 5838 5839 5840 5841 5842 5843 5844 5845 5846 5847 5848 5849 5850 5851 5852 5853 5854 5855 5856 5857 5858 5859 5860 5861 5862 5863 5864 5865 5866 5867 5868 5869 5870 5871 5872 5873 5874 5875 5876 5877 5878 5879 5880 5881 5882 5883 5884 5885 5886 5887 5888 5889 5890 5891 5892 5893 5894 5895 5896 5897 5898 5899 5900 5901 5902 5903 5904 5905 5906 5907 5908 5909 5910 5911 5912 5913 5914 5915 5916 5917 5918 5919 5920 5921 5922 5923 5924 5925 5926 5927 5928 5929 5930 5931 5932 5933 5934 5935 5936 5937 5938 5939 5940 5941 5942 5943 5944 5945 5946 5947 5948 5949 5950 5951 5952 5953 5954 5955 5956 5957 5958 5959 5960 5961 5962 5963 5964 5965 5966 5967 5968 5969 5970 5971 5972 5973 5974 5975 5976 5977 5978 5979 5980 5981 5982 5983 5984 5985 5986 5987 5988 5989 5990 5991 5992 5993 5994 5995 5996 5997 5998 5999 6000 6001 6002 6003 6004 6005 6006 6007 6008 6009 6010 6011 6012 6013 6014 6015 6016 6017 6018 6019 6020 6021 6022 6023 6024 6025 6026 6027 6028 6029 6030 6031 6032 6033 6034 6035 6036 6037 6038 6039 6040 6041 6042 6043 6044 6045 6046 6047 6048 6049 6050 6051 6052 6053 6054 6055 6056 6057 | _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| Changelog Version 7.53.1 (24 Feb 2017) Daniel Stenberg (24 Feb 2017) - release: 7.53.1 - Revert "tests: use consistent environment variables for setting charset" This reverts commit ecd1d020abdae3c3ce3643ddab3106501e62e7c0. That commit caused test failures on my Debian Linux machine for all changed test cases. We need to reconsider how that should get done. Dan Fandrich (23 Feb 2017) - tests: use consistent environment variables for setting charset Character set in POSIX is set by the locale defined (in decreasing order of precedence) by the LC_ALL, LC_CTYPE and LANG environment variables (I believe CHARSET is only historic). LC_ALL is cleared to ensure that LC_CTYPE takes effect, but LC_ALL is not used to set the locale to ensure that other parts of the locale aren't overriden, if set. Since there doesn't seem to be a cross-platform way of specifying a UTF-8 locale, and not all systems may support UTF-8, a <precheck> is used (where relevant) to skip the test if UTF-8 isn't in use. Test 1035 was also converted to UTF-8 for consistency, as the actual character set used there is irrelevant to the test. Jay Satiro (23 Feb 2017) - url: Default the CA proxy bundle location to CURL_CA_BUNDLE If the compile-time CURL_CA_BUNDLE location is defined use it as the default value for the proxy CA bundle location, which is the same as what we already do for the regular CA bundle location. Ref: https://github.com/curl/curl/pull/1257 Daniel Stenberg (23 Feb 2017) - [Sergii Pylypenko brought this change] rand: added missing #ifdef HAVE_FCNTL_H around fcntl.h header Closes #1285 - TODO: "OPTIONS *" Closes #1280 - RELEASE-NOTES: synced with 443e5b03a7d441 - THANKS-filter: shachaf - [İsmail Dönmez brought this change] tests: Set CHARSET & LANG to UTF-8 in 1035, 2046 and 2047 Closes #1283 Fixes #1277 - bump: 7.53.1 coming up synced with df665f4df0f7a352 - formdata: check for EOF when reading from stdin Reported-by: shachaf@users.noreply.github.com Fixes #1281 Jay Satiro (22 Feb 2017) - docs: gitignore curl.1 curl.1 is generated by the cmdline-opts script since 4c49b83. Daniel Stenberg (22 Feb 2017) - TODO: HTTP Digest using SHA-256 - TODO: brotli is deployed widely now Jay Satiro (21 Feb 2017) - [Viktor Szakats brought this change] urldata: include curl_sspi.h when Windows SSPI is enabled f77dabe broke builds in Windows using Windows SSPI but not Windows SSL. Bug: https://github.com/curl/curl/issues/1276 Reported-by: jveazey@users.noreply.github.com - url: Improve CURLOPT_PROXY_CAPATH error handling - Change CURLOPT_PROXY_CAPATH to return CURLE_NOT_BUILT_IN if the option is not supported, which is the same as what we already do for CURLOPT_CAPATH. - Change the curl tool to handle CURLOPT_PROXY_CAPATH error CURLE_NOT_BUILT_IN as a warning instead of as an error, which is the same as what we already do for CURLOPT_CAPATH. - Fix CAPATH docs to show that CURLE_NOT_BUILT_IN is returned when the respective CAPATH option is not supported by the SSL library. Ref: https://github.com/curl/curl/pull/1257 - cyassl: fix typo Version 7.53.0 (22 Feb 2017) Daniel Stenberg (22 Feb 2017) - release: 7.53.0 - cookie: fix declaration of 'dup' shadows a global declaration - TLS: make SSL_VERIFYSTATUS work again The CURLOPT_SSL_VERIFYSTATUS option was not properly handled by libcurl and thus even if the status couldn't be verified, the connection would be allowed and the user would not be told about the failed verification. Regression since cb4e2be7c6d42ca CVE-2017-2629 Bug: https://curl.haxx.se/docs/adv_20170222.html Reported-by: Marcus Hoffmann Jay Satiro (21 Feb 2017) - digest_sspi: Handle 'stale=TRUE' directive in HTTP digest - If the server has provided another challenge use it as the replacement input token if stale=TRUE. Otherwise previous credentials have failed so return CURLE_LOGIN_DENIED. Prior to this change the stale directive was ignored and if another challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING. Ref: https://tools.ietf.org/html/rfc2617#page-10 Bug: https://github.com/curl/curl/issues/928 Reported-by: tarek112@users.noreply.github.com Daniel Stenberg (20 Feb 2017) - smb: use getpid replacement for windows UWP builds Source: https://github.com/Microsoft/vcpkg/blob/7676b8780db1e1e591c4fc7eba4f96f73c428cb4/ports/curl/0002_fix_uwp.patch - TODO: CURLOPT_RESOLVE for any port number Closes #1264 - RELEASE-NOTES: synced with af30f1152d43dcdb - [Jean Gressmann brought this change] sftp: improved checks for create dir failures Since negative values are errors and not only -1. This makes SFTP upload with --create-dirs work (again). Closes #1269 Jay Satiro (20 Feb 2017) - [Max Khon brought this change] digest_sspi: Fix nonce-count generation in HTTP digest - on the first invocation: keep security context returned by InitializeSecurityContext() - on subsequent invocations: use MakeSignature() instead of InitializeSecurityContext() to generate HTTP digest response Bug: https://github.com/curl/curl/issues/870 Reported-by: Andreas Roth Closes https://github.com/curl/curl/pull/1251 - examples/multi-uv: checksrc compliance Michael Kaufmann (19 Feb 2017) - string formatting: fix 4 printf-style format strings Dan Fandrich (18 Feb 2017) - tests: removed the obsolete name parameter Michael Kaufmann (18 Feb 2017) - speed caps: update the timeouts if the speed is too low/high Follow-up to 4b86113 Fixes https://github.com/curl/curl/issues/793 Fixes https://github.com/curl/curl/issues/942 - docs: fix timeout handling in multi-uv example - proxy: fix hostname resolution and IDN conversion Properly resolve, convert and log the proxy host names. Support the "--connect-to" feature for SOCKS proxies and for passive FTP data transfers. Follow-up to cb4e2be Reported-by: Jay Satiro Fixes https://github.com/curl/curl/issues/1248 Jay Satiro (17 Feb 2017) - [Isaac Boukris brought this change] http: fix missing 'Content-Length: 0' while negotiating auth - While negotiating auth during PUT/POST if a user-specified Content-Length header is set send 'Content-Length: 0'. This is what we do already in HTTPREQ_POST_FORM and what we did in the HTTPREQ_POST case (regression since afd288b). Prior to this change no Content-Length header would be sent in such a case. Bug: https://curl.haxx.se/mail/lib-2017-02/0006.html Reported-by: Dominik Hölzl Closes https://github.com/curl/curl/pull/1242 Daniel Stenberg (16 Feb 2017) - [Simon Warta brought this change] winbuild: add note on auto-detection of MACHINE in Makefile.vc Closes #1265 - RELEASE-PROCEDURE: update the upcoming release calendar - TODO: consider file name from the redirected URL with -O ? It isn't easily solved, but with some thinking someone could probably come up with a working approach? Closes #1241 Jay Satiro (15 Feb 2017) - tool_urlglob: Allow a glob range with the same start and stop For example allow ranges like [1-1] and [a-a] etc. Regression since 5ca96cb. Bug: https://github.com/curl/curl/issues/1238 Reported-by: R. Dennis Steed Daniel Stenberg (15 Feb 2017) - axtls: adapt to API changes Builds with axTLS 2.1.2. This then also breaks compatibility with axTLS < 2.1.0 (the older API) ... and fix the session_id mixup brought in 04b4ee549 Fixes #1220 - RELEASE-NOTES: synced with 690935390c29c - [Nick Draffen brought this change] curl: fix typo in time condition warning message The warning message had a typo. The argument long form is --time-cond not --timecond Closes #1263 - smb: code indent Jay Satiro (14 Feb 2017) - configure: Allow disabling pthreads, fall back on Win32 threads When the threaded resolver option is specified for configure the default thread library is pthreads. This change makes it possible to --disable-pthreads and then configure can fall back on Win32 threads for native Windows builds. Closes https://github.com/curl/curl/pull/1260 Daniel Stenberg (13 Feb 2017) - http2: fix memory-leak when denying push streams Reported-by: zelinchen@users.noreply.github.com Fixes #1229 Jay Satiro (11 Feb 2017) - tool_operate: Show HTTPS-Proxy options on CURLE_SSL_CACERT When CURLE_SSL_CACERT occurs the tool shows a lengthy error message to the user explaining possible solutions such as --cacert and --insecure. This change appends to that message similar options --proxy-cacert and --proxy-insecure when there's a specified HTTPS proxy. Closes https://github.com/curl/curl/issues/1258 Daniel Stenberg (10 Feb 2017) - cmdline-opts/page-footer: ftp.sunet.se is no longer an FTP mirror - URL: only accept ";options" in SMTP/POP3/IMAP URL schemes Fixes #1252 Jay Satiro (9 Feb 2017) - cmdline-opts/socks*: Mention --preproxy in --socks* opts - Document in --socks* opts they're still mutually exclusive of --proxy. Partial revert of 423a93c; I had misinterpreted the SOCKS proxy + HTTP/HTTPS proxy combination. - Document in --socks* opts that --preproxy can be used to specify a SOCKS proxy at the same time --proxy is used with an HTTP/HTTPS proxy. Daniel Stenberg (9 Feb 2017) - CURLOPT_SSL_VERIFYPEER.3: also the https proxy version Kamil Dudka (9 Feb 2017) - nss: make FTPS work with --proxytunnel If the NSS code was in the middle of a non-blocking handshake and it was asked to finish the handshake in blocking mode, it unexpectedly continued in the non-blocking mode, which caused a FTPS connection over CONNECT to fail with "(81) Socket not ready for send/recv". Bug: https://bugzilla.redhat.com/1420327 Daniel Stenberg (9 Feb 2017) - examples/multithread.c: link to our multi-thread docs ... instead of the OpenSSL mutex page. - http_proxy: avoid freeing static memory Follow up to 7fe81ec298e0: make sure 'host' is either NULL or malloced. - [Cameron MacMinn brought this change] http_proxy: Fix tiny memory leak upon edge case connecting to proxy Fixes #1255 Michael Kaufmann (8 Feb 2017) - polarssl, mbedtls: Fix detection of pending data Reported-by: Dan Fandrich Bug: https://curl.haxx.se/mail/lib-2017-02/0032.html Dan Fandrich (7 Feb 2017) - test1139: Added the --manual keyword since the manual is required Daniel Stenberg (7 Feb 2017) - RELEASE-NOTES: synced with 102454459dd688c - THANKS-filter: polish some recent contributors - http2: reset push header counter fixes crash When removing an easy handler from a multi before it completed its transfer, and it had pushed streams, it would segfault due to the pushed counted not being cleared. Fixed-by: zelinchen@users.noreply.github.com Fixes #1249 - [Markus Westerlind brought this change] transfer: only retry nobody-requests for HTTP Using sftp to delete a file with CURLOPT_NOBODY set with a reused connection would fail as curl expected to get some data. Thus it would retry the command again which fails as the file has already been deleted. Fixes #1243 Jay Satiro (7 Feb 2017) - [Daniel Gustafsson brought this change] telnet: Fix typos Ref: https://github.com/curl/curl/pull/1245 - [Daniel Gustafsson brought this change] test552: Fix typos Closes https://github.com/curl/curl/pull/1245 - [Daniel Gustafsson brought this change] darwinssl: Avoid parsing certificates when not in verbose mode The information extracted from the server certificates in step 3 is only used when in verbose mode, and there is no error handling or validation performed as that has already been done. Only run the certificate information extraction when in verbose mode and libcurl was built with verbose strings. Closes https://github.com/curl/curl/pull/1246 - [JDepooter brought this change] schannel: Remove incorrect SNI disabled message - Remove the SNI disabled when host verification disabled message since that is incorrect. - Show a message for legacy versions of Windows <= XP that connections may fail since those versions of WinSSL lack SNI, algorithms, etc. Bug: https://github.com/curl/curl/pull/1240 Daniel Stenberg (7 Feb 2017) - CHANGES: spell fix, use correct path to script - CHANGES.0: removed This is the previously manually edited changelog, not touched since Aug 2015. Still present in git for those who wants it. Dan Fandrich (6 Feb 2017) - cmdline-opts: Fixed build and test in out of source tree builds Viktor Szakats (6 Feb 2017) - use *.sourceforge.io and misc URL updates Ref: https://sourceforge.net/blog/introducing-https-for-project-websites/ Closes: https://github.com/curl/curl/pull/1247 Jay Satiro (6 Feb 2017) - docs: Add more HTTPS proxy documentation - Document HTTPS proxy type. - Document --write-out %{proxy_ssl_verify_result}. - Document SOCKS proxy + HTTP/HTTPS proxy combination. HTTPS proxy support was added in 7.52.0 for OpenSSL, GnuTLS and NSS. Ref: https://github.com/curl/curl/commit/cb4e2be - OS400: Fix symbols - s/CURLOPT_SOCKS_PROXY/CURLOPT_PRE_PROXY Follow-up to 7907a2b and 845522c. - Fix incorrect id for CURLOPT_PROXY_PINNEDPUBLICKEY. - Add id for CURLOPT_ABSTRACT_UNIX_SOCKET. Bug: https://github.com/curl/curl/issues/1237 Reported-by: jonrumsey@users.noreply.github.com - [Sean Burford brought this change] cmake: Support curl --xattr when built with cmake - Test for and set HAVE_FSETXATTR when support for extended file attributes is present. Closes https://github.com/curl/curl/pull/1176 - [Adam Langley brought this change] openssl: Don't use certificate after transferring ownership SSL_CTX_add_extra_chain_cert takes ownership of the given certificate while, despite the similar name, SSL_CTX_add_client_CA does not. Thus it's best to call SSL_CTX_add_client_CA before SSL_CTX_add_extra_chain_cert, while the code still has ownership of the argument. Closes https://github.com/curl/curl/pull/1236 Daniel Stenberg (29 Jan 2017) - [Antoine Aubert brought this change] mbedtls: implement CTR-DRBG and HAVEGE random generators closes #1227 - docs: we no longer ship HTML versions of man pages ... refer to the web site for the web versions. - [railsnewbie257 brought this change] docs: proofread README.netware README.win32 Closes #1231 - RELEASE-NOTES; synced with ab08d82648 Michael Kaufmann (28 Jan 2017) - mbedtls: disable TLS session tickets SSL session reuse with TLS session tickets is not supported yet. Use SSL session IDs instead. See https://github.com/curl/curl/issues/1109 - gnutls: disable TLS session tickets SSL session reuse with TLS session tickets is not supported yet. Use SSL session IDs instead. Fixes https://github.com/curl/curl/issues/1109 - polarssl: fix hangs This bugfix is similar to commit c111178bd4. Daniel Stenberg (27 Jan 2017) - cookies: do not assume a valid domain has a dot This repairs cookies for localhost. Non-PSL builds will now only accept "localhost" without dots, while PSL builds okeys everything not listed as PSL. Added test 1258 to verify. This was a regression brought in a76825a5efa6b4 - TODO: remove "Support TLS v1.3" Support is trickling in already. - [railsnewbie257 brought this change] INTERNALS.md: language improvements Closes #1226 - telnet: fix windows compiler warnings Thumbs-up-by: Jay Satiro Closes #1225 - VC: remove the makefile.vc6 build infra The winbuild/ build files is now the single MSVC makefile build choice. Closes #1215 - [Jay Satiro brought this change] cmdline-opts/gen.pl: Open input files in CRLF mode On Windows it's possible to have input files with CRLF line endings and a perl that defaults to LF line endings (eg msysgit). Currently that results in generator output of mixed line endings of CR, LF and CRLF. This change fixes that issue in the most succinct way by opening the files in :crlf text mode even when the perl being used does not default to that mode. (On operating systems that don't have a separate text mode it's essentially a no-op.) The output continues to be in the perl's native line ending. - docs/curl.1: generate from the cmdline-opts script - vtls: source indentation fix - contri*.sh: cut off parentheses from names too - RELEASE-NOTES: synced with 01ab7c30bba6f - vtls: fix PolarSSL non-blocking handling A regression brought in cb4e2be Reported-by: Michael Kaufmann Bug: https://github.com/curl/curl/issues/1174#issuecomment-274018791 - [Antoine Aubert brought this change] vtls: fix mbedtls multi non blocking handshake. When using multi, mbedtls handshake is in non blocking mode. vtls must set wait for read/write flags for the socket. Closes #1223 - [Richy Kim brought this change] CURLOPT_BUFFERSIZE: support enlarging receive buffer Replace use of fixed macro BUFSIZE to define the size of the receive buffer. Reappropriate CURLOPT_BUFFERSIZE to include enlarging receive buffer size. Upon setting, resize buffer if larger than the current default size up to a MAX_BUFSIZE (512KB). This can benefit protocols like SFTP. Closes #1222 - sws: use SOCKERRNO, not errno Reported-by: Gisle Vanem Michael Kaufmann (19 Jan 2017) - KNOWN_BUGS: HTTP/2 server push enabled when no pushes can be accepted This has been implemented with commit 9ad034e. Viktor Szakats (19 Jan 2017) - *.rc: escape non-ASCII/non-UTF-8 character for clarity Closes https://github.com/curl/curl/pull/1217 Kamil Dudka (19 Jan 2017) - docs: non-blocking SSL handshake is now supported with NSS Implemented since curl-7_36_0-130-g8868a22 Reported-by: Fahim Chandurwala Michael Kaufmann (18 Jan 2017) - CURLOPT_CONNECT_TO: Fix compile warnings Fix compile warnings that appeared only when curl has been configured with '--disable-verbose'. Daniel Stenberg (18 Jan 2017) - usercertinmem.c: improve the short description - parseurl: move back buffer to function scope Regression since 1d4202ad, which moved the buffer into a more narrow scope, but the data in that buffer was used outside of that more narrow scope. Reported-by: Dan Fandrich Bug: https://curl.haxx.se/mail/lib-2017-01/0093.html Jay Satiro (17 Jan 2017) - openssl: Fix random generation - Fix logic error in Curl_ossl_random. Broken a few days ago in 807698d. Daniel Stenberg (17 Jan 2017) - TODO: share OpenSSL contexts By supporting this, subsequent connects would load a lot less data from disk. Closes #1110 - bump: next release will be 7.53.0 Kamil Dudka (15 Jan 2017) - nss: use the correct lock in nss_find_slot_by_name() Alessandro Ghedini (15 Jan 2017) - http2: disable server push if not requested Ref: https://github.com/curl/curl/pull/1160 Daniel Stenberg (14 Jan 2017) - [railsnewbie257 brought this change] docs: improved language in README.md HISTORY.md CONTRIBUTE.md Closes #1211 Alessandro Ghedini (14 Jan 2017) - http: print correct HTTP string in verbose output when using HTTP/2 Before: ``` % src/curl https://sigsegv.ninja/ -v --http2 ... > GET / HTTP/1.1 > Host: sigsegv.ninja > User-Agent: curl/7.52.2-DEV > Accept: */* > ... ``` After: ``` % src/curl https://sigsegv.ninja/ -v --http2 ... > GET / HTTP/2 > Host: sigsegv.ninja > User-Agent: curl/7.52.2-DEV > Accept: */* > ``` Daniel Stenberg (14 Jan 2017) - TODO: send only part of --data Closes #1200 - TODO: implemened "--fail-fast to exit on first transfer fail" Even though it is called --fail-early - TODO: Chunked transfer multipart formpost Closes #1139 - TODO: Improve formpost API, not just add an easy argument - addrinfo: fix compiler warning on offsetof() use curl_addrinfo.c:519:20: error: conversion to ‘curl_socklen_t {aka unsigned int}’ from ‘long unsigned int’ may alter its value [-Werror=conversion] Follow-up to 1d786faee1046f - THANKS-filter: Jiri Malak - RELEASE-NOTES: synced with a7c73ae309c Peter Wu (13 Jan 2017) - [Isaac Boukris brought this change] unix_socket: add support for abstract unix domain socket In addition to unix domain sockets, Linux also supports an abstract namespace which is independent of the filesystem. In order to support it, add new CURLOPT_ABSTRACT_UNIX_SOCKET option which uses the same storage as CURLOPT_UNIX_SOCKET_PATH internally, along with a flag to specify abstract socket. On non-supporting platforms, the abstract address will be interpreted as an empty string and fail gracefully. Also add new --abstract-unix-socket tool parameter. Signed-off-by: Isaac Boukris <iboukris@gmail.com> Reported-by: Chungtsun Li (typeless) Reviewed-by: Daniel Stenberg Reviewed-by: Peter Wu Closes #1197 Fixes #1061 Daniel Stenberg (13 Jan 2017) - write-out.d: 'time_total' is not always shown with ms precision We have higher resolution since 7.52.0 - next.d: --trace and --trace-ascii are also global - [Isaac Boukris brought this change] curl: reset the easy handle at --next So that only "global" options (verbose mostly) survive into the next transfer, and the others have to be set again unless default is fine. - [Frank Gevaerts brought this change] docs: Add note about libcurl copying strings to CURLOPT_* manpages Closes #1169 - [Frank Gevaerts brought this change] CURLOPT_PREQUOTE.3: takes a struct curl_slist*, not a char* - IDN: Use TR46 non-transitional Assisted-by: Tim Rühsen - IDN: revert use of the transitional option It made the german ß get converted to ss, IDNA2003 style, and we can't have that for the .de TLD - a primary reason for our switch to IDNA2008. Test 165 verifies. - [Tim Rühsen brought this change] IDN: Fix compile time detection of linidn2 TR46 Follow-up to f30cbcac1 Closes #1207 - [ERAMOTO Masaya brought this change] url: --noproxy option overrides NO_PROXY environment variable Under condition using http_proxy env var, noproxy list was the combination of --noproxy option and NO_PROXY env var previously. Since this commit, --noproxy option overrides NO_PROXY environment variable even if use http_proxy env var. Closes #1140 - [ERAMOTO Masaya brought this change] url: Refactor detect_proxy() If defined CURL_DISABLE_HTTP, detect_proxy() returned NULL. If not defined CURL_DISABLE_HTTP, detect_proxy() checked noproxy list. Thus refactor to set proxy to NULL instead of calling detect_proxy() if define CURL_DISABLE_HTTP, and refactor to call detect_proxy() if not define CURL_DISABLE_HTTP and the host is not in the noproxy list. - [ERAMOTO Masaya brought this change] url: Fix NO_PROXY env var to work properly with --proxy option. The combination of --noproxy option and http_proxy env var works well both for proxied hosts and non-proxied hosts. However, when combining NO_PROXY env var with --proxy option, non-proxied hosts are not reachable while proxied host is OK. This patch allows us to access non-proxied hosts even if using NO_PROXY env var with --proxy option. - [Tim Rühsen brought this change] IDN: Use TR46 'transitional' for toASCII translations References: http://unicode.org/faq/idn.html http://unicode.org/reports/tr46 Closes #1206 - [railsnewbie257 brought this change] docs: FAQ MAIL-ETIQUETTE language fixes Closes #1194 - [Marcus Hoffmann brought this change] gnutls: check for alpn and ocsp in configure Check for presence of gnutls_alpn_* and gnutls_ocsp_* functions during configure instead of relying on the version number. GnuTLS has options to turn these features off and we ca just work with with such builds like we work with older versions. Signed-off-by: Marcus Hoffmann <m.hoffmann@cartelsol.com> Closes #1204 Jay Satiro (12 Jan 2017) - url: Fix parsing for when 'file' is the default protocol Follow-up to 3463408. Prior to 3463408 file:// hostnames were silently stripped. Prior to this commit it did not work when a schemeless url was used with file as the default protocol. Ref: https://curl.haxx.se/mail/lib-2016-11/0081.html Closes https://github.com/curl/curl/pull/1124 Also fix for drive letters: - Support --proto-default file c:/foo/bar.txt - Support file://c:/foo/bar.txt - Fail when a file:// drive letter is detected and not MSDOS/Windows. Bug: https://github.com/curl/curl/issues/1187 Reported-by: Anatol Belski Assisted-by: Anatol Belski Daniel Stenberg (12 Jan 2017) - rand: make it work without TLS backing Regression introduced in commit f682156a4fc6c4 Reported-by: John Kohl Bug: https://curl.haxx.se/mail/lib-2017-01/0055.html Jay Satiro (12 Jan 2017) - STARTTLS: Don't print response character in denied messages Both IMAP and POP3 response characters are used internally, but when appended to the STARTTLS denial message likely could confuse the user. Closes https://github.com/curl/curl/pull/1203 - smtp: Fix STARTTLS denied error message - Format the numeric denial code as an integer instead of a character. Daniel Stenberg (11 Jan 2017) - http2_send: avoid unsigned integer wrap around ... when checking for a too large request. Jay Satiro (9 Jan 2017) - [Jiri Malak brought this change] cmake: Fix passing _WINSOCKAPI_ macro to compiler Define _WINSOCKAPI_ blank rather than to 1 in order to match the value used by Microsoft's winsock header files. Closes https://github.com/curl/curl/pull/1195 Daniel Stenberg (9 Jan 2017) - sws: retry send() on EWOULDBLOCK Fixes spurious test 1060 and 1061 failures on OpenBSD, Solaris and more. Bug: https://curl.haxx.se/mail/lib-2017-01/0009.html Reported-by: Christian Weisgerber - RELEASE-NOTES: synced with a41e8592d6b3e58 - examples: make the C++ examples follow our code style too At least mostly, not counting // comments. - [Aulddays brought this change] asiohiper: improved socket handling libcurl requires CURLMOPT_SOCKETFUNCTION to KEEP watching socket events and notify back. Modify event_cb() to continue watching events when fired. Fixes #1191 Closes #1192 Fixed-by: Mingliang Zhu - [Jiří Malák brought this change] lib506: fix build for Open Watcom Rename symbol lock to locks to not clash with OW CRTL function name. Closes #1196 - ROADMAP: 2017 cleanup Removed items already fixed, clarified a few others. - COPYING: update the generic copyright year range - docs/silent: mention --show-error in --silent description Reported in #1190 Reported-by: Dan Jacobson - docs/page-header: mention how to disable the progress meter curl.1 is regenerated Fixes #1190 Dan Fandrich (7 Jan 2017) - wolfssl: display negotiated SSL version and cipher - wolfssl: support setting cipher list Patrick Monnerat (6 Jan 2017) - CIPHERS.md: document GSKit ciphers Jay Satiro (5 Jan 2017) - [peterpih brought this change] TheArtOfHttpScripting: grammar Nick Zitzmann (3 Jan 2017) - darwinssl: --insecure overrides --cacert if both settings are in use Fixes #1184 Jay Satiro (2 Jan 2017) - docs/libcurl: TCP_KEEPALIVE start and interval default to 60 Since the TCP keep-alive options were added in 705f0f7 the start and interval default values have been 60, but that wasn't documented. Bug: https://curl.haxx.se/mail/lib-2017-01/0000.html Reported-by: Praveen Pvs Daniel Stenberg (29 Dec 2016) - curl.h: CURLE_FUNCTION_NOT_FOUND is no longer in use This error code was once introduced when some library was dynamically loaded and a funciton within said library couldn't be found. - content_encoding: change return code on a failure Failure to decompress is now a write error instead of the weird "function not found". - page-footer: error 36 is protocol agnostic! Jay Satiro (28 Dec 2016) - tool_operate: Fix --remote-time incorrect times on Windows - Use Windows API SetFileTime to set the file time instead of utime. Avoid utime on Windows if possible because it may apply a daylight saving time offset to our UTC file time. Bug: https://curl.haxx.se/mail/archive-2016-11/0033.html Reported-by: Tim Closes https://github.com/curl/curl/pull/1121 Daniel Stenberg (29 Dec 2016) - [Max Khon brought this change] digest_sspi: copy terminating NUL as well Curl_auth_decode_digest_http_message(): copy terminating NUL as later Curl_override_sspi_http_realm() expects a NUL-terminated string. Fixes #1180 - curl_formadd.3: CURLFORM_CONTENTSLENGTH not needed when chunked Mentioned in #1013 - [Kyselgov E.N brought this change] cmake: use crypt32.lib when building with OpenSSL on windows Reviewed-by: Peter Wu Closes #1149 Fixes #1147 - [Chris Araman brought this change] darwinssl: fix CFArrayRef leak Reviewed-by: Nick Zitzmann Closes #1173 - [Chris Araman brought this change] darwinssl: fix iOS build Reviewed-by: Nick Zitzmann Fixes #1172 - curl: remove superfluous include file The <netinet/tcp.h> is a leftover from the past when TCP socket options were set in this file. This include causes build issues on AIX 4.3. Reported-by: Kim Minjoong Closes #1178 - RELEASE-NOTES: synced with a7b38c9dc98481e - vtls: s/SSLEAY/OPENSSL Fixed an old leftover use of the USE_SSLEAY define which would make a socket get removed from the applications sockets to monitor when the multi_socket API was used, leading to timeouts. Bug: #1174 - docs/ciphers: link to our own new page about ciphers ... as the former ones always go stale! - cmdline-opts/page-footer: add three more exit codes ... and regenerated curl.1 - formdata: use NULL, not 0, when returning pointers - ftp: failure to resolve proxy should return that error code - configure: accept --with-libidn2 instead ... which the help text already implied since we switched to libidn2 from libidn in commit 9c91ec778104ae3b back in October 2016. Reported-by: Christian Weisgerber Bug: https://curl.haxx.se/mail/lib-2016-12/0110.html - test1282: verify the ftp-gss check - ftp-gss: check for init before use To avoid dereferencing a NULL pointer. Reported-by: Daniel Romero Jay Satiro (24 Dec 2016) - build-wolfssl: Sync config with wolfSSL 3.10 wolfSSL configure script relevant changes from 3.9 to 3.10: - DES3 no longer enabled by default - Shamir no longer enabled by default - Extended master secret enabled by default - RSA and ECC timing protections enabled by default For backwards compatibility I enabled DES3 and ECC shamir config options (ie no change from 3.9), and the other changes are included. - cyassl: use time_t instead of long for timeout Daniel Stenberg (23 Dec 2016) - bump: toward next release - http: remove "Curl_http_done: called premature" message ... it only confuses people. - openssl-random: check return code when asking for random and fail appropriately if it returns error - gnutls-random: check return code for failed random Version 7.52.1 (22 Dec 2016) Daniel Stenberg (22 Dec 2016) - RELEASE-NOTES: curl 7.52.1 - lib557.c: use a shorter MAXIMIZE representation Since several compilers had problems with the previous one Reported-by: Ray Satiro Bug: https://curl.haxx.se/mail/lib-2016-12/0098.html - runtests: remove the valgrind parser Old legacy parsing that 1) hid problems for us and 2) probably isn't needed anymore. - [Kamil Dudka brought this change] randit: store the value in the buffer - tests/Makefile: run checksrc on debug builds ... just like we already do in src/ and lib/ - lib557: move the "enable LONGLINE" to allow more long lines This file is riddled with them... - bump: toward next release Marcel Raad (21 Dec 2016) - lib: fix MSVC compiler warnings Visual C++ complained: warning C4267: '=': conversion from 'size_t' to 'long', possible loss of data warning C4701: potentially uninitialized local variable 'path' used Version 7.52.0 (20 Dec 2016) Daniel Stenberg (20 Dec 2016) - THANKS: 13 new contributors from 7.52.0 - RELEASE-NOTES: 7.52.0 - ssh: inhibit coverity warning with (void) CID 1397391 (#1 of 1): Unchecked return value (CHECKED_RETURN) - Curl_recv_has_postponed_data: silence compiler warnings Follow-up to d00f2a8f2 Jay Satiro (19 Dec 2016) - tests: checksrc compliance - http_proxy: Fix proxy CONNECT hang on pending data - Check for pending data before waiting on the socket. Bug: https://github.com/curl/curl/issues/1156 Reported-by: Adam Langley Daniel Stenberg (19 Dec 2016) - cmdline-opts/tlsv1.d: rephrased - [Dan McNulty brought this change] schannel: fix wildcard cert name validation on Win CE Fixes a few issues in manual wildcard cert name validation in schannel support code for Win32 CE: - when comparing the wildcard name to the hostname, the wildcard character was removed from the cert name and the hostname was checked to see if it ended with the modified cert name. This allowed cert names like *.com to match the connection hostname. This violates recommendations from RFC 6125. - when the wildcard name in the certificate is longer than the connection hostname, a buffer overread of the connection hostname buffer would occur during the comparison of the certificate name and the connection hostname. - printf: fix floating point buffer overflow issues ... and add a bunch of floating point printf tests - config-amigaos.h: (embarrassed) made the line shorter - config-amigaos.h: fix bug report email reference - RELEASE-NOTES: synced with 4517158abfeba - CIPHERS.md: backtick the names to show underscores fine - form-string.d: fix format mistake and regenerated curl.1 Reported-by: Gisle Vanem Michael Kaufmann (18 Dec 2016) - openssl: simplify expression in Curl_ossl_version - curl_easy_recv: Improve documentation and example program Follow-up to 82245ea: Fix the example program sendrecv.c (handle CURLE_AGAIN, handle incomplete send). Improve the documentation for curl_easy_recv() and curl_easy_send(). Reviewed-by: Frank Meier Assisted-by: Jay Satiro See https://github.com/curl/curl/pull/1134 - [Isaac Boukris brought this change] Curl_getconnectinfo: avoid checking if the connection is closed It doesn't benefit us much as the connection could get closed at any time, and also by checking we lose the ability to determine if the socket was closed by reading zero bytes. Reported-by: Michael Kaufmann Closes https://github.com/curl/curl/pull/1134 Daniel Stenberg (18 Dec 2016) - CIPHERS.md: attempt to document TLS cipher names As the official docs seems really hard to keep track of and link to over time - curl.1: generated after 6cce4dbf830 - cmdline-opts/post30X.d: fix the RFC references - curl.1: regenerated Fixed trailing whitespace and numerous formatting glitches - cmdline-opts: formatting fixes - curl_easy_setopt.3: removed CURLOPT_SOCKS_PROXYTYPE - tool_getparam.c: make comments use the up-to-date option names - manpage-scan.pl: allow deprecated options to get removed from curl.1 --krb4, --ftp-ssl and --ftp-ssl-reqd no longer need to be documented in the man page - cmdline-opts/gen.pl: trim off trailing spaces - cmdline-opts/proxy-tlsuser.d: remove trailing .d - curl_easy_setopt.3: CURLOPT_PRE_PROXY instead of CURLOPT_SOCKS_PROXY - symbols: removed two, added one - cmdline-opts: include the man page split up files in the dist - curl.1: generated with gen.pl This is the first time we replace the manually edited curt.1 with the generated one created by gen.pl and the individual option documentation pages. Do not edit this file, edit the individual pages and regenerate this output. This file will be generated by the build system soon and then removed from git. - cmdline-opts: added some missing info - CURLINFO_SSL_VERIFYRESULT.3: language - HTTPS-PROXY docs: update/polish - cmdline-opts/page-header: mention it is generated ... to avoid people from trying to edit the pending curl.1 version that gets generated by gen.pl - preproxy: renamed what was added as SOCKS_PROXY CURLOPT_SOCKS_PROXY -> CURLOPT_PRE_PROXY Added the corresponding --preroxy command line option. Sets a SOCKS proxy to connect to _before_ connecting to a HTTP(S) proxy. - curl: normal socks proxies still use CURLOPT_PROXY ... the newly introduced CURLOPT_SOCKS_PROXY is special and should be asked for specially. (Needs new code.) Unified proxy type to a single variable in the config struct. - CURLOPT_SOCKS_PROXYTYPE: removed This was added as part of the SOCKS+HTTPS proxy merge but there's no need to support this as we prefer to have the protocol specified as a prefix instead. - curl_multi_socket.3: fix typo - checksrc: warn for assignments within if() expressions ... they're already frowned upon in our source code style guide, this now enforces the rule harder. - checksrc: stricter no-space-before-paren enforcement In order to make the code style more uniform everywhere - ISSUE_TEMPLATE: try mentioning known bugs/todo in new issue template - RELEASE-NOTES: synced with 71a55534fa6 - [Adam Langley brought this change] openssl: don't use OpenSSL's ERR_PACK. ERR_PACK is an internal detail of OpenSSL. Also, when using it, a function name must be specified which is overly specific: the test will break whenever OpenSSL internally change things so that a different function creates the error. Closes #1157 Dan Fandrich (5 Dec 2016) - test2032: Mark test as flaky Jay Satiro (3 Dec 2016) - [Jeremy Pearson brought this change] libcurl-multi.3: typo Closes https://github.com/curl/curl/pull/1153 Dan Fandrich (2 Dec 2016) - test1281: added http as a required feature Daniel Stenberg (2 Dec 2016) - curl: support zero-length argument strings in config files ... like 'user-agent = ""' Adjusted test 71 to verify. - http_proxy: simplify CONNECT response reading Since it now reads responses one byte a time, a loop could be removed and it is no longer limited to get the whole response within 16K, it is now instead only limited to 16K maximum header line lengths. - tests: fix CONNECT test cases to be more strict ... as they broke with the cleaned up CONNECT handling - CONNECT: read responses one byte at a time ... so that it doesn't read data that is actually coming from the remote. 2xx responses have no body from the proxy, that data is from the peer. Fixes #1132 - CONNECT: reject TE or CL in 2xx responses A server MUST NOT send any Transfer-Encoding or Content-Length header fields in a 2xx (Successful) response to CONNECT. (RFC 7231 section 4.3.6) Also fixes the three test cases that did this. - URL parser: reject non-numerical port numbers Test 1281 added to verify Dan Fandrich (30 Nov 2016) - runtests: made Servers: output be more consistent by removing OFF - cyassl: fixed typo introduced in 4f8b1774 Michael Kaufmann (30 Nov 2016) - CURLOPT_CONNECT_TO: Skip non-matching "connect-to" entries properly If a port number in a "connect-to" entry does not match, skip this entry instead of connecting to port 0. If a port number in a "connect-to" entry matches, use this entry and look no further. Reported-by: Jay Satiro Assisted-by: Jay Satiro, Daniel Stenberg Closes #1148 Daniel Stenberg (29 Nov 2016) - BUGS: describe bug handling process - RELEASE-NOTES: synced with 19613fb3 Jay Satiro (28 Nov 2016) - http2: check nghttp2_session_set_local_window_size exists The function only exists since nghttp2 1.12.0. Bug: https://github.com/curl/curl/commit/a4d8888#commitcomment-19985676 Reported-by: Michael Kaufmann Daniel Stenberg (28 Nov 2016) - [Anders Bakken brought this change] http2: Fix crashes when parent stream gets aborted Closes #1125 - cmdline-docs: more options converted and fixed Now all options are in the new system. - gen: include footer in mainpage output Jay Satiro (28 Nov 2016) - lib1536: checksrc compliance Daniel Stenberg (28 Nov 2016) - cmdline-opts: more command line options documented Moved over to the new format - curl: remove --proxy-ssl* options There's mostly likely no need to allow setting SSLv2/3 version for HTTPS proxy. Those protocols are insecure by design and deprecated. - CURLOPT_PROXY_*.3: polished some proxy option man pages Patrick Monnerat (26 Nov 2016) - os400: support CURLOPT_PROXY_PINNEDPUBLICKEY Also define it in ILE/RPG binding. Daniel Stenberg (26 Nov 2016) - [Okhin Vasilij brought this change] curl_version_info: add CURL_VERSION_HTTPS_PROXY Closes #1142 - [Frank Gevaerts brought this change] tests: Add some testcases for recent new features. Add missing tests for CURLINFO_SCHEME, CURLINFO_PROTOCOL, %{scheme}, and %{http_version} closes #1143 - [Frank Gevaerts brought this change] curl_easy_reset: clear info for CULRINFO_PROTOCOL and CURLINFO_SCHEME - CURLOPT_PROXY_CAINFO.3: clarify proxy use - CURLOPT_PROXY_CRLFILE.3: clarify https proxy and availability - curl_easy_setopt.3: add CURLOPT_PROXY_PINNEDPUBLICKEY Follow-up to 4f8b17743d7c55a - docs: include all opts man pages in dist Sorted the lists too. ... and include the new ones in the PDF and HTML generation targets - [Thomas Glanzmann brought this change] HTTPS Proxy: Implement CURLOPT_PROXY_PINNEDPUBLICKEY - [Thomas Glanzmann brought this change] url: proxy: Use 443 as default port for https proxies - TODO: removed "HTTPS proxy" - [Jan-E brought this change] winbuild: add config option ENABLE_NGHTTP2 Closes #1141 Jay Satiro (24 Nov 2016) - tool_urlglob: Improve sanity check in glob_range Prior to this change we depended on errno if strtol could not perform a conversion. POSIX says EINVAL *may* be set. Some implementations like Microsoft's will not set it if there's no conversion. Ref: https://github.com/curl/curl/commit/ee4f7660#commitcomment-19658189 - tool_help: Change description for --retry-connrefused Ref: https://github.com/curl/curl/pull/1064#issuecomment-260052409 Patrick Monnerat (25 Nov 2016) - os400: sync ILE/RPG binding Jay Satiro (24 Nov 2016) - test1135: Fix curl_easy_duphandle prototype for code style Follow-up to dbadaeb which changed the style. - x509asn1: Restore the parameter check in Curl_getASN1Element - Restore the removed parts of the parameter check. Follow-up to 945f60e which altered the parameter check. Daniel Stenberg (25 Nov 2016) - RELEASE-NOTES: update option counters - [Frank Gevaerts brought this change] add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme} Adds access to the effectively used protocol/scheme to both libcurl and curl, both in string and numeric (CURLPROTO_*) form. Note that the string form will be uppercase, as it is just the internal string. As these strings are declared internally as const, and all other strings returned by curl_easy_getinfo() are de-facto const as well, string handling in getinfo.c got const-ified. Closes #1137 - RELEASE-NOTES: synced with 63198a4750aeb - curl.1: the new --proxy options ship in 7.52.0 - checksrc: move open braces to comply with function declaration style - checksrc: detect wrongly placed open braces in func declarations - checksrc: white space edits to comply to stricter checksrc - checksrc: verify ASTERISKNOSPACE Detects (char*) and 'char*foo' uses. - checksrc: code style: use 'char *name' style - checksrc: add ASTERISKSPACE Verifies a 'char *name' style, with no space after the asterisk. - openssl: remove dead code Coverity CID 1394666 - [Okhin Vasilij brought this change] HTTPS-proxy: fixed mbedtls and polishing - darwinssl: adopted to the HTTPS proxy changes It builds and runs all test cases. No adaptations for actual HTTPS proxy support has been made. - gtls: fix indent to silence compiler warning vtls/gtls.c: In function ‘Curl_gtls_data_pending’: vtls/gtls.c:1429:3: error: this ‘if’ clause does not guard... [-Werror=misleading-indentation] if(conn->proxy_ssl[connindex].session && ^~ vtls/gtls.c:1433:5: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘if’ return res; - [Thomas Glanzmann brought this change] mbedtls: Fix compile errors - [Alex Rousskov brought this change] proxy: Support HTTPS proxy and SOCKS+HTTP(s) * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks. Patrick Monnerat (24 Nov 2016) - Declare endian read functions argument as a const pointer. This is done for all functions of the form Curl_read[136][624]_[lb]e. - Limit ASN.1 structure sizes to 256K. Prevent some allocation size overflows. See CRL-01-006. Jay Satiro (22 Nov 2016) - url: Fix conn reuse for local ports and interfaces - Fix connection reuse for when the proposed new conn 'needle' has a specified local port but does not have a specified device interface. Bug: https://curl.haxx.se/mail/lib-2016-11/0137.html Reported-by: bjt3[at]hotmail.com Daniel Stenberg (21 Nov 2016) - rand: pass in number of randoms as an unsigned argument Jay Satiro (20 Nov 2016) - rand: Fix potentially uninitialized result warning Marcel Raad (19 Nov 2016) - vtls: fix build warnings Fix warnings about conversions from long to time_t in openssl.c and schannel.c. Follow-up to de4de4e3c7c Daniel Stenberg (18 Nov 2016) - [Marcel Raad brought this change] lib: fix compiler warnings after de4de4e3c7c Visual C++ now complains about implicitly casting time_t (64-bit) to long (32-bit). Fix this by changing some variables from long to time_t, or explicitly casting to long where the public interface would be affected. Closes #1131 Peter Wu (17 Nov 2016) - [Isaac Boukris brought this change] Don't mix unix domain sockets with regular ones When reusing a connection, make sure the unix domain socket option matches. Jay Satiro (17 Nov 2016) - tests: Fix HTTP2-Settings header for huge window size Follow-up to a4d8888. Changing the window size in that commit resulted in a different HTTP2-Settings upgrade header, causing test 1800 to fail. - http2: Use huge HTTP/2 windows - Improve performance by using a huge HTTP/2 window size. Bug: https://github.com/curl/curl/issues/1102 Reported-by: afrind@users.noreply.github.com Assisted-by: Tatsuhiro Tsujikawa Daniel Stenberg (16 Nov 2016) - cmdline-docs: more conversion - gen: support 'protos' and warn on unrecognized lines - gen: support 'single' to make an individual page man page - cmdline-docs: more options converted over - gen: support 'redirect' ... and warn for too long --help lines - cmdline/gen: replace options in texts better Jay Satiro (16 Nov 2016) - http2: Fix address sanitizer memcpy warning - In Curl_http2_switched don't call memcpy when src is NULL. Curl_http2_switched can be called like: Curl_http2_switched(conn, NULL, 0); .. and prior to this change memcpy was then called like: memcpy(dest, NULL, 0) .. causing address sanitizer to warn: http2.c:2057:3: runtime error: null pointer passed as argument 2, which is declared to never be null - tool_help: Clarify --dump-header only writes received headers - curl.1: Clarify --dump-header only writes received headers Daniel Stenberg (15 Nov 2016) - [Alex Chan brought this change] docs: Spelling fixes Kamil Dudka (15 Nov 2016) - docs: the next release will be 7.52.0 Daniel Stenberg (15 Nov 2016) - cmdline-opts: support generating the --help output - [David Schweikert brought this change] darwinssl: fix SSL client certificate not found on MacOS Sierra Reviewed-by: Nick Zitzmann Closes #1105 - curl: add --fail-early to help output Fixes test 1139 failures Follow-up to f82bbe01c8835 - glob: fix [a-c] globbing regression Brought in ee4f76606cf Added test case 1280 to verify Reported-by: Dave Reisner Bug: https://github.com/curl/curl/commit/ee4f76606cfa4ee068bf28edd37c8dae7e8db317#commitcomment-19823146 - curl: add --fail-early Exit with an error on the first transfer error instead of continuing to do the rest of the URLs. Discussion: https://curl.haxx.se/mail/archive-2016-11/0038.html - Curl_rand: fixed and moved to rand.c Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html - cmdline-opts: first test version of a new man page generator kit See MANPAGE.md for the description of how this works. Each command line option is now described in a separate .d file. - time_t fix: follow-up to de4de4e3c7c Blah, I accidentally wrote size_t instead of time_t for two variables. Reported-by: Dave Reisner - timeval: prefer time_t to hold seconds instead of long ... as long is still 32bit on modern 64bit windows machines, while time_t is generally 64bit. Dan Fandrich (12 Nov 2016) - tests: fixed variable might be clobbered warning This stops the compiler from potentially making invalid assumptions about the immutability of sdp and sap across the longjmp boundary. Daniel Stenberg (12 Nov 2016) - RELEASE-NOTES: synced with 346340808c - URL-parser: for file://[host]/ URLs, the [host] must be localhost Previously, the [host] part was just ignored which made libcurl accept strange URLs misleading users. like "file://etc/passwd" which might've looked like it refers to "/etc/passwd" but is just "/passwd" since the "etc" is an ignored host name. Reported-by: Mike Crowe Assisted-by: Kamil Dudka - test558: adapt to 0649433da - openssl: make sure to fail in the unlikely event that PRNG seeding fails - openssl: avoid unnecessary seeding if already done 1.1.0+ does more of this by itself so we can avoid extra processing this way. - openssl: RAND_status always exists in OpenSSL >= 0.9.7 and remove RAND_screen from configure since nothing is using that function - Curl_pgrsUpdate: use dedicated function for time passed - realloc: use Curl_saferealloc to avoid common mistakes Discussed: https://curl.haxx.se/mail/lib-2016-11/0087.html - [Daniel Hwang brought this change] curl: Add --retry-connrefused to consider ECONNREFUSED as a transient error. Closes #1064 - openssl: raise the max_version to 1.3 if asked for Now I've managed to negotiate TLS 1.3 with https://enabled.tls13.com/ when using boringssl. Jay Satiro (9 Nov 2016) - vtls: Fail on unrecognized param for CURLOPT_SSLVERSION - Fix GnuTLS code for CURL_SSLVERSION_TLSv1_2 that broke when the TLS 1.3 support was added in 6ad3add. - Homogenize across code for all backends the error message when TLS 1.3 is not available to "<backend>: TLS 1.3 is not yet supported". - Return an error when a user-specified ssl version is unrecognized. --- Prior to this change our code for some of the backends used the 'default' label in the switch statement (ie ver unrecognized) for ssl.version and treated it the same as CURL_SSLVERSION_DEFAULT. Bug: https://curl.haxx.se/mail/lib-2016-11/0048.html Reported-by: Kamil Dudka Daniel Stenberg (9 Nov 2016) - [Isaac Boukris brought this change] SPNEGO: Fix memory leak when authentication fails If SPNEGO fails, cleanup the negotiate handle right away. Fixes #1115 Signed-off-by: Isaac Boukris <iboukris@gmail.com> Reported-by: ashman-p - CODE_STYLE.md: link to INTERNALS.md correctly - bump: next version will be 7.52.0 - RELEASE-NOTES: synced with dfcdaaba371e9a3 - examples/fileupload.c: fclose the file as well - printf: fix ".*f" handling It would always use precision 1 instead of reading it from the argument list as intended. Reported-by: Ray Satiro Bug: #1113 - curl_formadd.3: *_FILECONTENT and *_FILE need the file to be kept Reported-by: Frank Gevaerts Kamil Dudka (7 Nov 2016) - nss: silence warning 'SSL_NEXT_PROTO_EARLY_VALUE not handled in switch' ... with nss-3.26.0 and newer Reported-by: Daniel Stenberg Daniel Stenberg (7 Nov 2016) - openssl: initial TLS 1.3 adaptions BoringSSL supports TLSv1.3 already, but these changes don't seem to be anough to get it working. - ssh: check md5 fingerprints case insensitively (regression) Revert the change from ce8d09483eea but use the new function Reported-by: Kamil Dudka Bug: https://github.com/curl/curl/commit/ce8d09483eea2fcb1b50e323e1a8ed1f3613b2e3#commitcomment-19666146 Kamil Dudka (7 Nov 2016) - curl: introduce the --tlsv1.3 option to force TLS 1.3 Fully implemented with the NSS backend only for now. Reviewed-by: Ray Satiro - vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3 Fully implemented with the NSS backend only for now. Reviewed-by: Ray Satiro - nss: map CURL_SSLVERSION_DEFAULT to NSS default ... but make sure we use at least TLSv1.0 according to libcurl API Reported-by: Cure53 Reviewed-by: Ray Satiro Daniel Stenberg (7 Nov 2016) - s/cURL/curl We're mostly saying just "curl" in lower case these days so here's a big cleanup to adapt to this reality. A few instances are left as the project could still formally be considered called cURL. Jay Satiro (7 Nov 2016) - [Tatsuhiro Tsujikawa brought this change] http2: Don't send header fields prohibited by HTTP/2 spec Previously, we just ignored "Connection" header field. But HTTP/2 specification actually prohibits few more header fields. This commit ignores all of them so that we don't send these bad header fields. Bug: https://curl.haxx.se/mail/archive-2016-10/0033.html Reported-by: Ricki Hirner Closes https://github.com/curl/curl/pull/1092 Daniel Stenberg (7 Nov 2016) - curl.1: explain the SMTP data expected for -T Fixes #1107 Reported-by: Adam Piggott Peter Wu (6 Nov 2016) - cmake: disable poll for macOS Mirrors the autotools behavior introduced with curl-7_50_3-83-ga34c7ce. Fixes #1089 Jay Satiro (5 Nov 2016) - easy: Initialize info variables on easy init and duphandle - Call Curl_initinfo on init and duphandle. Prior to this change the statistical and informational variables were simply zeroed by calloc on easy init and duphandle. While zero is the correct default value for almost all info variables, there is one where it isn't (filetime initializes to -1). Bug: https://github.com/curl/curl/issues/1103 Reported-by: Neal Poole Daniel Stenberg (5 Nov 2016) - [Mauro Rappa brought this change] curl -w: added more decimal digits to timing counters Now showing microsecond resolution. Closes #1106 Jakub Zakrzewski (4 Nov 2016) - dist: add CMakeLists.txt to the tarball Daniel Stenberg (4 Nov 2016) - mbedtls: fix build with mbedtls versions < 2.4.0 Regression added in 62a8095e714 Reported-by: Tony Kelman Discussed in #1087 - configure: verify that compiler groks -Werror=partial-availability Reported-by: bemoody Fixes #1104 - docs: shorten and simplify the top comment in multi-uv.c and change URL to use https - [Andrei Sedoi brought this change] docs: handle CURL_POLL_INOUT in multi-uv example - [Andrei Sedoi brought this change] docs: multi-uv: don't use CURLMsg after cleanup - [Andrei Sedoi brought this change] docs: remove unused variables in multi-uv example - bump: start working on 7.51.1 - winbuild: remove strcase.obj from curl build Reported-by: Bruce Stephens Fixes #1098 Dan Fandrich (2 Nov 2016) - msvc: removed a straggling reference to strequal.c Follow-up to 502acba2 Version 7.51.0 (2 Nov 2016) Daniel Stenberg (2 Nov 2016) - THANKS: synced with 7.51.0 - RELEASE-NOTES: 7.51.0 - ftp_done: don't clobber the passed in error code Coverity CID 1374359 pointed out the unused result value. - ftp: remove dead code in ftp_done Coverity CID 1374358 Jay Satiro (1 Nov 2016) - generate.bat: Include include/curl in libcurl VS projects .. because including those headers helps Visual Studio's Intellisense. - generate.bat: Remove strcase.[ch] from curl tool VS projects ..because they're no longer needed in the tool build. strcase is still built by the libcurl project and exports curl_str(n)equal which is used by the curl tool. Bug: https://github.com/curl/curl/commit/9363f1a#all_commit_comments Daniel Stenberg (2 Nov 2016) - metalink: simplify the hex parsing function ... and now it avoids using the libcurl toupper() function Michael Kaufmann (1 Nov 2016) - file: fix compiler warning follow-up to 46133aa5 Dan Fandrich (1 Nov 2016) - strcase: fixed Metalink builds by redefining checkprefix() ...to use the public function curl_strnequal(). This isn't ideal because it adds extra overhead to any internal calls to checkprefix. follow-up to 95bd2b3e Daniel Stenberg (1 Nov 2016) - curl.1: typo - curl.1: expand on how multiple uses of -o looks Suggested-by: Dan Jacobson Issue: https://github.com/curl/curl/issues/1097 - tests/util: get a private strncasecompare clone ... since the curlx_* code no longer provides one and we don't link libcurl to these test servers. - strcase: make the tool use curl_str[n]equal instead As they are after all part of the public API. Saves space and reduces complexity. Remove the strcase defines from the curlx_ family. Suggested-by: Dan Fandrich Idea: https://curl.haxx.se/mail/lib-2016-10/0136.html Kamil Dudka (31 Oct 2016) - gskit, nss: do not include strequal.h follow-up to 811a693b80 Dan Fandrich (31 Oct 2016) - strcasecompare: include curl.h in strcase.c This should fix the "warning: 'curl_strequal' redeclared without dllimport attribute: previous dllimport ignored" message and subsequent link error on Windows because of the missing CURL_EXTERN on the prototype. Daniel Stenberg (31 Oct 2016) - strcase: fix the remaining rawstr users - msvc builds: s/rawstr/strcase Follow-up to 811a693b Dan Fandrich (31 Oct 2016) - strcasecompare: replaced remaining rawstr.h with strcase.h This is a followup to commit 811a693b Marcel Raad (31 Oct 2016) - digest_sspi: fix include Fix compile break from 811a693b80 Dan Fandrich (31 Oct 2016) - libauthretry: use the external function curl_strequal The internal version strcasecompare isn't available outside libcurl Daniel Stenberg (31 Oct 2016) - RELEASE-NOTES: synced with d14538d2501ef0da - configure: raise the default minimum version for macos to 10.8 follow-up to 4f8d0b6f02aa7043. Since the darwinssl code breaks otherwise. If you build without darwinssl 10.5 works fine. - unit1301: keep testing curl_strequal as that is still part of the API, fix from 8fe4bd084412f30 - ldap: fix include Fix bug from 811a693b80 - url: remove unconditional idn2.h include Mistake brought by 9c91ec778104a - curl_strequal: part of public API/ABI, needs to be kept These two public functions have been mentioned as deprecated since a very long time but since they are still part of the API and ABI we need to keep them around. - strcase: s/strequal/strcasecompare some more follow-ups to 811a693b80 - ldap: fix strcase use follow-up to 811a693b80 - test165: adapted to the libidn2 use and IDNA2008 fix - cookie: replace use of fgets() with custom version ... that will ignore lines that are too long to fit in the buffer. CVE-2016-8615 Bug: https://curl.haxx.se/docs/adv_20161102A.html Reported-by: Cure53 - strcasecompare: all case insensitive string compares ignore locale now We had some confusions on when each function was used. We should not act differently on different locales anyway. - strcasecompare: is the new name for strequal() ... to make it less likely that we forget that the function actually does case insentive compares. Also replaced several invokes of the function with a plain strcmp when case sensitivity is not an issue (like comparing with "-"). - ftp: check for previous patch must be case sensitive! ... otherwise example.com/PATH and example.com/path would be assumed to be the same and they usually aren't! - SSH: check md5 fingerprint case sensitively - connectionexists: use case sensitive user/password comparisons CVE-2016-8616 Bug: https://curl.haxx.se/docs/adv_20161102B.html Reported-by: Cure53 - base64: check for integer overflow on large input CVE-2016-8617 Bug: https://curl.haxx.se/docs/adv_20161102C.html Reported-by: Cure53 - krb5: avoid realloc(0) If the requested size is zero, bail out with error instead of doing a realloc() that would cause a double-free: realloc(0) acts as a free() and then there's a second free in the cleanup path. CVE-2016-8619 Bug: https://curl.haxx.se/docs/adv_20161102E.html Reported-by: Cure53 - aprintf: detect wrap-around when growing allocation On 32bit systems we could otherwise wrap around after 2GB and allocate 0 bytes and crash. CVE-2016-8618 Bug: https://curl.haxx.se/docs/adv_20161102D.html Reported-by: Cure53 - range: reject char globs with missing end like '[L-]' ... which previously would lead to out of boundary reads. Reported-by: Luật Nguyễn - glob_next_url: make sure to stay within the given output buffer - range: prevent negative end number in a glob range CVE-2016-8620 Bug: https://curl.haxx.se/docs/adv_20161102F.html Reported-by: Luật Nguyễn - parsedate: handle cut off numbers better ... and don't read outside of the given buffer! CVE-2016-8621 bug: https://curl.haxx.se/docs/adv_20161102G.html Reported-by: Luật Nguyễn - escape: avoid using curl_easy_unescape() internally Since the internal Curl_urldecode() function has a better API. - unescape: avoid integer overflow CVE-2016-8622 Bug: https://curl.haxx.se/docs/adv_20161102H.html Reported-by: Cure53 - cookies: getlist() now holds deep copies of all cookies Previously it only held references to them, which was reckless as the thread lock was released so the cookies could get modified by other handles that share the same cookie jar over the share interface. CVE-2016-8623 Bug: https://curl.haxx.se/docs/adv_20161102I.html Reported-by: Cure53 - TODO: remove IDNA2008 - idn: switch to libidn2 use and IDNA2008 support CVE-2016-8625 Bug: https://curl.haxx.se/docs/adv_20161102K.html Reported-by: Christian Heimes - test1246: verify URL parsing with host name ending with '#' - urlparse: accept '#' as end of host name 'http://example.com#@127.0.0.1/x.txt' equals a request to example.com for the '/' document with the rest of the URL being a fragment. CVE-2016-8624 Bug: https://curl.haxx.se/docs/adv_20161102J.html Reported-by: Fernando Muñoz Jay Satiro (31 Oct 2016) - INTERNALS: better markdown (follow-up) - Wrap more words with underscores in backticks. Follow-up to 13f4913. Daniel Stenberg (30 Oct 2016) - INTERNALS: better markdown words with underscore need to be within `these` Bug: https://github.com/curl/curl-www/issues/19 Reported-by : Jay Satiro Jay Satiro (30 Oct 2016) - mk-ca-bundle.vbs: Fix UTF-8 output - Change initial message box to mention delay when downloading/parsing. Since there is no progress meter it was somewhat unexpected that after choosing a filename nothing appears to happen, when actually the cert data is in the process of being downloaded and parsed. - Warn if OpenSSL is not present. - Use a UTF-8 stream to make the ca-bundle data. - Save the UTF-8 ca-bundle stream as binary so that no BOM is added. --- This is a follow-up to d2c6d15 which switched mk-ca-bundle.vbs output to ANSI due to corrupt UTF-8 output, now fixed. This change completes making the default certificate bundle output of mk-ca-bundle.vbs as close as possible to that of mk-ca-bundle.pl, which should make it easier to review any difference between their output. Ref: https://github.com/curl/curl/pull/1012 Daniel Stenberg (28 Oct 2016) - BINDINGS: converted to markdown To make it render better on the web site, at the price of it becoming slightly less readable as text. Jay Satiro (27 Oct 2016) - CURLMOPT_MAX_PIPELINE_LENGTH.3: Clarify it's not for HTTP/2 - Clarify that this option is only for HTTP/1.1 pipelining. Bug: https://github.com/curl/curl/issues/1059 Reported-by: Jeroen Ooms Assisted-by: Daniel Stenberg Daniel Stenberg (27 Oct 2016) - KNOWN_BUGS: HTTP/2 server push enabled when no pushes can be accepted Closes #927 - KNOWN_BUGS: c-ares deviates from stock resolver on http://1346569778 Closes #893 Michael Osipov (27 Oct 2016) - configure.in: Fix test syntax Some versions of test allow == for equality, but others (such as the HP-UX version) do not. Use a single = for correctness. Error output: checking for monotonic clock_gettime... ./configure[20445]: ==: A test command parameter is not valid. Daniel Stenberg (27 Oct 2016) - SECURITY: minor updates - we allow the security push up to 48 hours before the release - add a mention about possible pre-notifications - lower case the 'curl-security' title - [Andrei Sedoi brought this change] docs: fix req->data in multi-uv example Closes #1088 - mbedtls: stop using deprecated include file Reported-by: wyattoday Fixes #1087 Kamil Dudka (25 Oct 2016) - [Martin Frodl brought this change] nss: fix tight loop in non-blocking TLS handhsake over proxy ... in case the handshake completes before entering CURLM_STATE_PROTOCONNECT Bug: https://bugzilla.redhat.com/1388162 Jay Satiro (25 Oct 2016) - mk-ca-bundle: Update the vbscript version Bring the VBScript version more in line with the perl version: - Change timestamp to UTC. - Change URL retrieval to HTTPS-only by default. - Comment out the options that disabled SSL cert checking by default. - Assume OpenSSL is present, get SHA256. And add a flag to toggle it. - Fix cert issuer name output. The cert issuer output is now ansi, converted from UTF-8. Prior to this it was corrupt UTF-8. It turns out though we can work with UTF-8 the FSO object that writes ca-bundle can't write UTF-8, so there will have to be some alternative if UTF-8 is needed (like an ADODB.Stream). - Disable the certificate text info feature. The certificate text info doesn't work properly with any recent OpenSSL. Daniel Stenberg (24 Oct 2016) - TODO: indent code to make it render properly - TODO: Remove the generated include file - TODO: add "--retry should resume" See #1084 - mk-ca-bundle.1: document -k Brought in 1ad2bdcf110266c. Now does HTTPS by default and needs -k to fall back to plain HTTP. - [Jay Satiro brought this change] mk-ca-bundle: Change URL retrieval to HTTPS-only by default - Change all predefined Mozilla URLs to HTTPS (Gregory Szorc). - New option -k to allow URLs other than HTTPS and enable HTTP fallback. Prior to this change the default URL retrieval mode was to fall back to HTTP if HTTPS didn't work. Reported-by: Gregory Szorc Closes #1012 - RELEASE-NOTES: synced with 50ee3aaf1a9b22d Dan Fandrich (23 Oct 2016) - INSTALL.md: Updated minimum file sizes for 7.50.3 Daniel Stenberg (22 Oct 2016) - multi: force connections to get closed in close_all_connections Several independent reports on infinite loops hanging in the close_all_connections() function when closing a multi handle, can be fixed by first marking the connection to get closed before calling Curl_disconnect. This is more fixing-the-symptom rather than the underlying problem though. Bug: https://curl.haxx.se/mail/lib-2016-10/0011.html Bug: https://curl.haxx.se/mail/lib-2016-10/0059.html Reported-by: Dan Fandrich, Valentin David, Miloš Ljumović - [Anders Bakken brought this change] curl_multi_remove_handle: fix a double-free In short the easy handle needs to be disconnected from its connection at this point since the connection still is serving other easy handles. In our app we can reliably reproduce a crash in our http2 stress test that is fixed by this change. I can't easily reproduce the same test in a small example. This is the gdb/asan output: ==11785==ERROR: AddressSanitizer: heap-use-after-free on address 0xe9f4fb80 at pc 0x09f41f19 bp 0xf27be688 sp 0xf27be67c READ of size 4 at 0xe9f4fb80 thread T13 (RESOURCE_HTTP) #0 0x9f41f18 in curl_multi_remove_handle /path/to/source/3rdparty/curl/lib/multi.c:666 0xe9f4fb80 is located 0 bytes inside of 1128-byte region [0xe9f4fb80,0xe9f4ffe8) freed by thread T13 (RESOURCE_HTTP) here: #0 0xf7b1b5c2 in __interceptor_free /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_malloc_linux.cc:45 #1 0x9f7862d in conn_free /path/to/source/3rdparty/curl/lib/url.c:2808 #2 0x9f78c6a in Curl_disconnect /path/to/source/3rdparty/curl/lib/url.c:2876 #3 0x9f41b09 in multi_done /path/to/source/3rdparty/curl/lib/multi.c:615 #4 0x9f48017 in multi_runsingle /path/to/source/3rdparty/curl/lib/multi.c:1896 #5 0x9f490f1 in curl_multi_perform /path/to/source/3rdparty/curl/lib/multi.c:2123 #6 0x9c4443c in perform /path/to/source/src/net/resourcemanager/ResourceManagerCurlThread.cpp:854 #7 0x9c445e0 in ... #8 0x9c4cf1d in ... #9 0xa2be6b5 in ... #10 0xf7aa5780 in asan_thread_start /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_interceptors.cc:226 #11 0xf4d3a16d in __clone (/lib/i386-linux-gnu/libc.so.6+0xe716d) previously allocated by thread T13 (RESOURCE_HTTP) here: #0 0xf7b1ba27 in __interceptor_calloc /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_malloc_linux.cc:70 #1 0x9f7dfa6 in allocate_conn /path/to/source/3rdparty/curl/lib/url.c:3904 #2 0x9f88ca0 in create_conn /path/to/source/3rdparty/curl/lib/url.c:5797 #3 0x9f8c928 in Curl_connect /path/to/source/3rdparty/curl/lib/url.c:6438 #4 0x9f45a8c in multi_runsingle /path/to/source/3rdparty/curl/lib/multi.c:1411 #5 0x9f490f1 in curl_multi_perform /path/to/source/3rdparty/curl/lib/multi.c:2123 #6 0x9c4443c in perform /path/to/source/src/net/resourcemanager/ResourceManagerCurlThread.cpp:854 #7 0x9c445e0 in ... #8 0x9c4cf1d in ... #9 0xa2be6b5 in ... #10 0xf7aa5780 in asan_thread_start /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_interceptors.cc:226 #11 0xf4d3a16d in __clone (/lib/i386-linux-gnu/libc.so.6+0xe716d) SUMMARY: AddressSanitizer: heap-use-after-free /path/to/source/3rdparty/curl/lib/multi.c:666 in curl_multi_remove_handle Shadow bytes around the buggy address: 0x3d3e9f20: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x3d3e9f30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x3d3e9f40: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x3d3e9f50: fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa 0x3d3e9f60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa =>0x3d3e9f70:[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x3d3e9f80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x3d3e9f90: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x3d3e9fa0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x3d3e9fb0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x3d3e9fc0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==11785==ABORTING Thread 14 "RESOURCE_HTTP" received signal SIGABRT, Aborted. [Switching to Thread 0xf27bfb40 (LWP 12324)] 0xf7fd8be9 in __kernel_vsyscall () (gdb) bt #0 0xf7fd8be9 in __kernel_vsyscall () #1 0xf4c7ee89 in __GI_raise (sig=6) at ../sysdeps/unix/sysv/linux/raise.c:54 #2 0xf4c803e7 in __GI_abort () at abort.c:89 #3 0xf7b2ef2e in __sanitizer::Abort () at /opt/toolchain/src/gcc-6.2.0/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cc:122 #4 0xf7b262fa in __sanitizer::Die () at /opt/toolchain/src/gcc-6.2.0/libsanitizer/sanitizer_common/sanitizer_common.cc:145 #5 0xf7b21ab3 in __asan::ScopedInErrorReport::~ScopedInErrorReport (this=0xf27be171, __in_chrg=<optimized out>) at /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_report.cc:689 #6 0xf7b214a5 in __asan::ReportGenericError (pc=166993689, bp=4068206216, sp=4068206204, addr=3925146496, is_write=false, access_size=4, exp=0, fatal=true) at /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_report.cc:1074 #7 0xf7b21fce in __asan::__asan_report_load4 (addr=3925146496) at /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_rtl.cc:129 #8 0x09f41f19 in curl_multi_remove_handle (multi=0xf3406080, data=0xde582400) at /path/to/source3rdparty/curl/lib/multi.c:666 #9 0x09f6b277 in Curl_close (data=0xde582400) at /path/to/source3rdparty/curl/lib/url.c:415 #10 0x09f3354e in curl_easy_cleanup (data=0xde582400) at /path/to/source3rdparty/curl/lib/easy.c:860 #11 0x09c6de3f in ... #12 0x09c378c5 in ... #13 0x09c48133 in ... #14 0x09c4d092 in ... #15 0x0a2be6b6 in ... #16 0xf7aa5781 in asan_thread_start (arg=0xf2d22938) at /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_interceptors.cc:226 #17 0xf5de52b5 in start_thread (arg=0xf27bfb40) at pthread_create.c:333 #18 0xf4d3a16e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:114 Fixes #1083 - testcurl.1: fix the URL to the autobuild summary - testcurl.1: update URLs - INSTALL: converted to markdown => INSTALL.md Also heavily edited for content. Removed lots of old cruft that we added like 10+ years ago that is likely incorrect by now. Also removed INSTALL.devcpp for same reason. - [Martin Storsjo brought this change] configure: Check for other variants of the -m*os*-version-min flags In addition to -miphoneos-version-min, the same version can be set using -mios-version-min. And for WatchOS and TvOS, there's -mwatchos-version-min and -mtvos-version-min. - configure: set min version flags for builds on mac This helps building binaries that can work on multiple macOS versions. Help-by: Martin Storsjö Fixes #1069 - curl_multi_add_handle: set timeouts in closure handles The closure handle only ever has default timeouts set. To improve the state somewhat we clone the timeouts from each added handle so that the closure handle always has the same timeouts as the most recently added easy handle. Fixes #739 - configure/CURL_CHECK_FUNC_POLL: disable poll completely on mac ... so that the same libcurl build easier can run on any version. Follow-up to issue #1057 - RELEASE-NOTES: synced with f36f8c14551efc6772 - test14xx: fixed --libcurl output tests again after 8e8afa82cbb - s/cURL/curl The tool was never called cURL, only the project. But even so, we have more and more over time switched to just use lower case. - polarssl: indented code, removed unused variables - polarssl: reduce #ifdef madness with a macro - polarssl: fix unaligned SSL session-id lock - Curl_polarsslthreadlock_thread_setup: clear array at init ... since if it fails to init the entire array and then tries to clean it up, it would attempt to work on an uninitialized pointer. - curl: set INTERLEAVEDATA too As otherwise the callback could be called with a NULL pointer when RTSP data is provided. - gopher: properly return error for poll failures - select: switch to macros in uppercase Curl_select_ready() was the former API that was replaced with Curl_select_check() a while back and the former arg setup was provided with a define (in order to leave existing code unmodified). Now we instead offer SOCKET_READABLE and SOCKET_WRITABLE for the most common shortcuts where only one socket is checked. They're also more visibly macros. - select: use more proper macro-looking names ... so that it becomes more obvious in the code what is what. Also added a typecast for one of the calculations. - Curl_socket_check: add extra check to avoid integer overflow - maketgz: make it support "only" generating version info ... to allow you to update the local repository with the given version number data. Jay Satiro (17 Oct 2016) - url: skip to-be-closed connections when pipelining (follow-up) - Change back behavior so that pipelining is considered possible for connections that have not yet reached the protocol level. This is a follow-up to e5f0b1a which had changed the behavior of checking if pipelining is possible to ignore connections that had 'bits.close' set. Connections that have not yet reached the protocol level also have that bit set, and we need to consider pipelining possible on those connections. Daniel Stenberg (17 Oct 2016) - HTTP2: mention the tool's limited support - RELEASE-NOTES: synced with a1a5cd04877fd6fd - [David Woodhouse brought this change] curl: do not set CURLOPT_SSLENGINEDEFAULT automatically There were bugs in the PKCS#11 engine, and fixing them triggers bugs in OpenSSL. Just don't get involved; there's no need to be making the engine methods the default anyway. https://github.com/OpenSC/libp11/pull/108 https://github.com/openssl/openssl/pull/1639 Merges #1042 - KNOWN_BUGS: two more existing problems Marcel Raad (16 Oct 2016) - win: fix Universal Windows Platform build This fixes a merge error in commit 7f3df80 caused by commit 332e8d6. Additionally, this changes Curl_verify_windows_version for Windows App builds to assume to always be running on the target Windows version. There seems to be no way to determine the Windows version from a UWP app. Neither GetVersion(Ex), nor VerifyVersionInfo, nor the Version Helper functions are supported. Bug: https://github.com/curl/curl/pull/820#issuecomment-250889878 Reported-by: Paul Joyce Closes https://github.com/curl/curl/pull/1048 Daniel Stenberg (16 Oct 2016) - KNOWN_BUGS: minor formatting edit Jay Satiro (14 Oct 2016) - [Rider Linden brought this change] url: skip to-be-closed connections when pipelining No longer attempt to use "doomed" to-be-closed connections when pipelining. Prior to this change connections marked for deletion (e.g. timeout) would be erroneously used, resulting in sporadic crashes. As originally reported and fixed by Carlo Wood (origin unknown). Bug: https://github.com/curl/curl/issues/627 Reported-by: Rider Linden Closes https://github.com/curl/curl/pull/1075 Participation-by: nopjmp@users.noreply.github.com Daniel Stenberg (13 Oct 2016) - vtls: only re-use session-ids using the same scheme To make it harder to do cross-protocol mistakes Jay Satiro (11 Oct 2016) - [Torben Dannhauer brought this change] dist: add missing cmake modules to the tarball Closes https://github.com/curl/curl/pull/1070 Daniel Stenberg (11 Oct 2016) - configure: detect the broken poll() in macOS 10.12 Fixes #1057 - dist: remove PDF and HTML converted docs from the releases - [Remo E brought this change] cmake: add nghttp2 support Closes #922 - [Andreas Streichardt brought this change] resolve: add error message when resolving using SIGALRM Closes #1066 - GIT-INFO: remove the Mac 10.1-specific details There shouldn't be many devs out there anymore using such outdated macOS versions. And it removes the dead link. Closes #1049 - RELEASE-NOTES: spellfix - RELEASE-NOTES: synced with 82720490628cb53a 5 more fixes, 2 more contributors - [Tobias Stoeckmann brought this change] smb: properly check incoming packet boundaries Not all reply messages were properly checked for their lengths, which made it possible to access uninitialized memory (but this does not lead to out of boundary accesses). Closes #1052 - test557: verify printf() with 128 and 129 arguments - mprintf: return error on too many arguments 128 arguments should be enough for everyone - ftp: fix Curl_ftpsendf() ... it no longer takes printf() arguments since it was only really taken advantage by one user and it was not written and used in a safe way. Thus the 'f' is removed from the function name and the proto is changed. Although the current code wouldn't end up in badness, it was a risk that future changes could end up springf()ing too large data or passing in a format string inadvertently. - formpost: avoid silent snprintf() truncation The previous use of snprintf() could make libcurl silently truncate some input data and not report that back on overly large input, which could make data get sent over the network in a bad format. Example: $ curl --form 'a=b' -H "Content-Type: $(perl -e 'print "A"x4100')" - TODO: build: Enable PIE and RELRO by default - TODO: Support better than MD5 hostkey hash (for ssh) - [Daniel Gustafsson brought this change] tests: Fix a small typo in the tests README (#1060) The subdirectory for logs in tests/ is named log/ without an 's' at the end. - TODO: Introduce --fail-fast to exit on first transfer fail See #1054 - TODO: Leave secure cookies alone - [Rainer Müller brought this change] CURLOPT_DEBUGFUNCTION.3: unused argument warning (#1056) The 'userp' argument is unused in this example code. - TODO: TCP Fast Open for windows - RELEASE-NOTES: synced with 8fd2a754f0de - CURLOPT_KEEP_SENDING_ON_ERROR.3: mention when it is added - memdup: use 'void *' as return and source type - TODO: Add easy argument to formpost functions - formpost: trying to attach a directory no longer crashes The error path would previously add a freed entry to the linked list. Reported-by: Toby Peterson Fixes #1053 - [Sergei Kuzmin brought this change] cookies: same domain handling changed to match browser behavior Cokie with the same domain but different tailmatching property are now considered different and do not replace each other. If header contains following lines then two cookies will be set: Set-Cookie: foo=bar; domain=.foo.com; expires=Thu Mar 3 GMT 8:56:27 2033 Set-Cookie: foo=baz; domain=foo.com; expires=Thu Mar 3 GMT 8:56:27 2033 This matches Chrome, Opera, Safari, and Firefox behavior. When sending stored tokens to foo.com Chrome, Opera, Firefox store send them in the stored order, while Safari pre-sort the cookies. Closes #1050 - [Stephen Brokenshire brought this change] FAQ: Fix typos in section 5.14 (#1047) Type required for YourClass::func C++ function (using size_t in line with the documentation for CURLOPT_WRITEFUNCTION) and missing second colon when specifying the static function for CURLOPT_WRITEFUNCTION. - [Sebastian Mundry brought this change] KNOWN_BUGS: Fix typos in section 5.8. Closes #1046 - [mundry brought this change] CONTRIBUTE.md: Fix typo in 'About pull requests' section. (#1045) - curl.1: --trace supports % for sending to stderr! - KNOWN_BUGS: 5.8 configure finding libs in wrong directory Dan Fandrich (24 Sep 2016) - configure: Fixed builds with libssh2 in a custom location A libssh2 library in the standard system location was being used in preference to the desired one while linking. Daniel Stenberg (23 Sep 2016) - SECURITY: remove the top ascii logo Michael Kaufmann (22 Sep 2016) - New libcurl option to keep sending on error Add the new option CURLOPT_KEEP_SENDING_ON_ERROR to control whether sending the request body shall be completed when the server responds early with an error status code. This is suitable for manual NTLM authentication. Reviewed-by: Jay Satiro Closes https://github.com/curl/curl/pull/904 Kamil Dudka (22 Sep 2016) - nss: add chacha20-poly1305 cipher suites if supported by NSS - nss: add cipher suites using SHA384 if supported by NSS - nss: fix typo in ecdhe_rsa_null cipher suite string As it seems to be a rarely used cipher suite (for securely established but _unencrypted_ connections), I believe it is fine not to provide an alias for the misspelled variant. Jay Satiro (21 Sep 2016) - docs: Remove that --proto is just used for initial retrieval .. and add that --proto-redir and CURLOPT_REDIR_PROTOCOLS do not override protocols denied by --proto and CURLOPT_PROTOCOLS. - Add a test to enforce: --proto deny must override --proto-redir allow Closes https://github.com/curl/curl/pull/1031 Daniel Stenberg (21 Sep 2016) - dist: add CurlSymbolHiding.cmake to the tarball Follow-up to 6140dfcf3e784 Reported-by: Alexander Sinditskiy - curl_global_cleanup.3: don't unload the lib with sub threads running Discussed in #997 Assisted-by: Jay Satiro - MAIL-ETIQUETTE: language Jay Satiro (20 Sep 2016) - easy: Reset all statistical session info in curl_easy_reset Bug: https://github.com/curl/curl/issues/1017 Reported-by: Jeroen Ooms Daniel Stenberg (19 Sep 2016) - RELEASE-NOTES: synced with 79607eec51055 Jay Satiro (19 Sep 2016) - [Daniel Gustafsson brought this change] darwinssl: Fix typo in comment Closes https://github.com/curl/curl/pull/1028 Daniel Stenberg (19 Sep 2016) - [Bernard Spil brought this change] libressl: fix version output LibreSSL defines `OPENSSL_VERSION_NUMBER` as `0x20000000L` for all versions returning `LibreSSL/2.0.0` for any LibreSSL version. This change provides a local OpenSSL_version_num function replacement returning LIBRESSL_VERSION_NUMBER instead. Closes #1029 - [rugk brought this change] TODO: Add PINNEDPUBLICKEY - HPKP compatibility, HSTS & HPKP Closes #1025 Closes #1026 Closes #1027 - openssl: don't call ERR_remote_thread_state on >= 1.1.0 Follow-up fix to d9321562 - openssl: don’t call CRYTPO_cleanup_all_ex_data The OpenSSL function CRYTPO_cleanup_all_ex_data() cannot be called multiple times without crashing - and other libs might call it! We basically cannot call it without risking a crash. The function is a no-op since OpenSSL 1.1.0. Not calling this function only risks a small memory leak with OpenSSL < 1.1.0. Bug: https://curl.haxx.se/mail/lib-2016-09/0045.html Reported-by: Todd Short - TODO: Support SSLKEYLOGFILE Jay Satiro (18 Sep 2016) - CURLOPT_PINNEDPUBLICKEY.3: fix the AVAILABILITY formatting Nick Zitzmann (18 Sep 2016) - darwinssl: disable RC4 cipher-suite support RC4 was a nice alternative to CBC back in the days of BEAST, but it's insecure and obsolete now. - configure: change "iOS/Mac OS X native" to "Apple OS native" Since I first wrote that text, Apple introduced tvOS and watchOS, and renamed "Mac OS X" to "macOS." Let's make the text a little more inclusive, since curl can be built for all four operating systems. Jay Satiro (18 Sep 2016) - test2048: fix url - examples/imap-append: Set size of data to be uploaded Prior to this commit this example failed with error 'Cannot APPEND with unknown input file size'. Bug: https://github.com/curl/curl/issues/1008 Reported-by: lukaszgn@users.noreply.github.com Closes https://github.com/curl/curl/pull/1011 Daniel Stenberg (16 Sep 2016) - [Tony Kelman brought this change] LICENSE-MIXING.md: update with mbedTLS dual licensing Recent versions of mbedTLS are available under either Apache 2.0 or GPL 2.0, see https://tls.mbed.org/how-to-get Closes #1019 - KNOWN_BUGS: chunked-encoded requests with HTTP/2 is fixed - http2: debug ouput sent HTTP/2 request headers - http: accept "Transfer-Encoding: chunked" for HTTP/2 as well ... but don't send the actual header over the wire as it isn't accepted. Chunked uploading is still triggered using this method. Fixes #1013 Fixes #662 - openssl: fix per-thread memory leak usiong 1.0.1 or 1.0.2 OpenSSL 1.0.1 and 1.0.2 build an error queue that is stored per-thread so we need to clean it when easy handles are freed, in case the thread will be killed in which the easy handle was used. All OpenSSL code in libcurl should extract the error in association with the error already so clearing this queue here should be harmless at worst. Fixes #964 - RELEASE-NOTES: reset and go toward 7.51.0 (again) Version 7.50.3 (14 Sep 2016) Daniel Stenberg (14 Sep 2016) - THANKS: updated with curl 7.50.3 contributors - RELEASE-NOTES: curl 7.50.3 - test1605: verify negative input lengths to (un)escape functions - curl_easy_unescape: deny negative string lengths as input CVE-2016-7167 Bug: https://curl.haxx.se/docs/adv_20160914.html - curl_easy_escape: deny negative string lengths as input CVE-2016-7167 Bug: https://curl.haxx.se/docs/adv_20160914.html - curl: make --create-dirs on windows grok both forward and backward slashes Reported-by: Ryan Scott Fixes #1007 - RELEASE-NOTES: synced with 665694979b6 - [Tony Kelman brought this change] mbedtls: switch off NTLM in build if md4 isn't available NTLM support with mbedTLS was added in 497e7c9 but requires that mbedTLS is built with the MD4 functions available, which it isn't in default builds. This now adapts if the funtion isn't there and builds libcurl without NTLM support if so. Fixes #1004 Jay Satiro (12 Sep 2016) - CODE_STYLE: fix long-line guideline - Change maximum allowed line length from 80 to 79. - CODE_STYLE: add column alignment section Note that since the added examples are for column alignment I had to encapsulate with ~~~c markdown to preserve their alignment. Peter Wu (11 Sep 2016) - cmake: fix curl-config --static-libs The `curl-config --static-libs` command should not output paths like -l/usr/lib/libssl.so, instead print the absolute path without `-l`. This also removes the confusing message "Static linking is broken" which was printed because curl-config --static-libs was disfunctional even though the static libcurl.a library works properly. Fixes https://github.com/curl/curl/issues/841 Daniel Stenberg (11 Sep 2016) - http: refuse to pass on response body with NO_NODY was set ... like when a HTTP/0.9 response comes back without any headers at all and just a body this now prevents that body from being sent to the callback etc. Adapted test 1144 to verify. Fixes #973 Assisted-by: Ray Satiro - RELEASE-NOTES: synced with 257bf3ac67eb6 Jakub Zakrzewski (10 Sep 2016) - CMake: Don't build unit tests if private symbols are hidden This only excludes building unit tests from default build ( 'all' Make target or "Build Solution" in VisualStudio). The projects and Make targets will still be generated and shown in supporting IDEs. Fixes https://github.com/curl/curl/issues/981 Reported-by: Randy Armstrong Closes https://github.com/curl/curl/pull/990 - CMake: Try to (un-)hide private library symbols Detect support for compiler symbol visibility flags and apply those according to CURL_HIDDEN_SYMBOLS option. It should work true to the autotools build except it tries to unhide symbols on Windows when requested and prints warning if it fails. Ref: https://github.com/curl/curl/issues/981#issuecomment-242665951 Reported-by: Daniel Stenberg Daniel Stenberg (9 Sep 2016) - openssl: fix bad memory free (regression) ... by partially reverting f975f06033b1. The allocation could be made by OpenSSL so the free must be made with OPENSSL_free() to avoid problems. Reported-by: Harold Stuart Fixes #1005 - http2: support > 64bit sized uploads ... by making sure we don't count down the "upload left" counter when the uploaded size is unknown and then it can be allowed to continue forever. Fixes #996 Jay Satiro (7 Sep 2016) - errors: new alias CURLE_WEIRD_SERVER_REPLY (8) Since we're using CURLE_FTP_WEIRD_SERVER_REPLY in imap, pop3 and smtp as more of a generic "failed to parse" introduce an alias without FTP in the name. Closes https://github.com/curl/curl/pull/975 Daniel Stenberg (7 Sep 2016) - bump: toward 7.51.0 - HISTORY: remove ascii logo to render nicer on web - curl: whitelist use of strtok() in non-threaded context - checksrc: detect strtok() use ... as that function slipped through once before. GitHub (7 Sep 2016) - [Viktor Szakats brought this change] mk-ca-bundle.pl: use SHA256 instead of SHA1 This hash is used to verify the original downloaded certificate bundle and also included in the generated bundle's comment header. Also rename related internal symbols to algorithm-agnostic names. Version 7.50.2 (7 Sep 2016) Daniel Stenberg (7 Sep 2016) - RELEASE-NOTES: curl 7.50.2 release - THANKS: updated for 7.50.2 Jay Satiro (6 Sep 2016) - [Gaurav Malhotra brought this change] openssl: fix CURLINFO_SSL_VERIFYRESULT CURLINFO_SSL_VERIFYRESULT does not get the certificate verification result when SSL_connect fails because of a certificate verification error. This fix saves the result of SSL_get_verify_result so that it is returned by CURLINFO_SSL_VERIFYRESULT. Closes https://github.com/curl/curl/pull/995 Daniel Stenberg (6 Sep 2016) - [Daniel Gustafsson brought this change] darwinssl: test for errSecSuccess in PKCS12 import rather than noErr (#993) While noErr and errSecSuccess are defined as the same value, the API documentation states that SecPKCS12Import() returns errSecSuccess if there were no errors in importing. Ensure that a future change of the defined value doesn't break (however unlikely) and be consistent with the API docs. - [Daniel Gustafsson brought this change] docs: Fix link to CONTRIBUTE in Github contribution guidelines (#994) - [Marcel Raad brought this change] openssl: Fix compilation with OPENSSL_API_COMPAT=0x10100000L With OPENSSL_API_COMPAT=0x10100000L (OpenSSL 1.1 API), the cleanup functions are unavailable (they're no-ops anyway in OpenSSL 1.1). The replacements for SSL_load_error_strings, SSLeay_add_ssl_algorithms, and OpenSSL_add_all_algorithms are called automatically [1][2]. SSLeay() is now called OpenSSL_version_num(). [1]: https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html [2]: https://www.openssl.org/docs/man1.1.0/crypto/OPENSSL_init_crypto.html Closes #992 - RELEASE-NOTES: synced with 3d4c0c8b9bc1d - http2: return EOF when done uploading without known size Fixes #982 - http2: skip the content-length parsing, detect unknown size - http2: minor white space edit - http2: use named define instead of magic constant in read callback - [Craig Davison brought this change] configure: make the cpp -P detection not clobber CPPFLAGS CPPPFLAGS is now CPPPFLAG. Fixes CURL_CHECK_DEF. Fixes #958 - [Olivier Brunel brought this change] speed caps: not based on average speeds anymore Speed limits (from CURLOPT_MAX_RECV_SPEED_LARGE & CURLOPT_MAX_SEND_SPEED_LARGE) were applied simply by comparing limits with the cumulative average speed of the entire transfer; While this might work at times with good/constant connections, in other cases it can result to the limits simply being "ignored" for more than "short bursts" (as told in man page). Consider a download that goes on much slower than the limit for some time (because bandwidth is used elsewhere, server is slow, whatever the reason), then once things get better, curl would simply ignore the limit up until the average speed (since the beginning of the transfer) reached the limit. This could prove the limit useless to effectively avoid using the entire bandwidth (at least for quite some time). So instead, we now use a "moving starting point" as reference, and every time at least as much as the limit as been transferred, we can reset this starting point to the current position. This gets a good limiting effect that applies to the "current speed" with instant reactivity (in case of sudden speed burst). Closes #971 - HISTORY.md: the multi socket was put in the wrong year! - [Mark Hamilton brought this change] tool_helpers.c: fix comment typo (#989) - [Mark Hamilton brought this change] libtest/test.h: fix typo (#988) - CURLMOPT_PIPELINING.3: language - CURLMOPT_PIPELINING.3: extended and clarified Especially in regards to the multiplexing part. Steve Holme (31 Aug 2016) - curl_sspi.c: Updated function description comments * Added description to Curl_sspi_free_identity() * Added parameter and return explanations to Curl_sspi_global_init() * Added parameter explaination to Curl_sspi_global_cleanup() - README: Corrected the supported Visual Studio versions Missed from commit 8356022d17. - KNOWN_BUGS: Move the Visual Studio project shortcomings from local README - KNOWN_BUGS: Expand 6.4 to include Kerberos V5 ...and discuss a possible solution. Daniel Stenberg (30 Aug 2016) - connect: fix #ifdefs for debug versions of conn/streamclose() macros CURLDEBUG is for the memory debugging DEBUGBUILD is for the extra debug stuff Pointed-out-by: Steve Holme - KNOWN_BUGS: mention some cmake "support gaps" Nick Zitzmann (28 Aug 2016) - darwinssl: add documentation stating that the --cainfo option is intended for backward compatibility only In other news, I changed one other reference to "Mac OS X" in the documentation (that I previously wrote) to say "macOS" instead. Daniel Stenberg (28 Aug 2016) - http2: return CURLE_HTTP2_STREAM for unexpected stream close Follow-up to c3e906e9cd0f, seems like a more appropriate error code Suggested-by: Jay Satiro - [Tatsuhiro Tsujikawa brought this change] http2: handle closed streams when uploading Fixes #986 - http2: make sure stream errors don't needlessly close the connection With HTTP/2 each transfer is made in an indivial logical stream over the connection, making most previous errors that caused the connection to get forced-closed now instead just kill the stream and not the connection. Fixes #941 - Curl_verify_windows_version: minor edit to avoid compiler warnings ... instead of if() before the switch(), add a default to the switch so that the compilers don't warn on "warning: enumeration value 'PLATFORM_DONT_CARE' not handled in switch" anymore. Steve Holme (27 Aug 2016) - RELEASE-NOTES: Added missing fix from commit 15592143f Jay Satiro (26 Aug 2016) - schannel: Disable ALPN for Wine since it is causing problems - Disable ALPN on Wine. - Don't pass input secbuffer when ALPN is disabled. When ALPN support was added a change was made to pass an input secbuffer to initialize the context. When ALPN is enabled the buffer contains the ALPN information, and when it's disabled the buffer is empty. In either case this input buffer caused problems with Wine and connections would not complete. Bug: https://github.com/curl/curl/issues/983 Reported-by: Christian Fillion Kamil Dudka (26 Aug 2016) - [Peter Wang brought this change] nss: work around race condition in PK11_FindSlotByName() Serialise the call to PK11_FindSlotByName() to avoid spurious errors in a multi-threaded environment. The underlying cause is a race condition in nssSlot_IsTokenPresent(). Bug: https://bugzilla.mozilla.org/1297397 Closes #985 - nss: refuse previously loaded certificate from file ... when we are not asked to use a certificate from file Daniel Stenberg (26 Aug 2016) - ftp_done: remove dead code - TLS: random file/egd doesn't have to match for conn reuse - test161: add comment for the exit code Dan Fandrich (26 Aug 2016) - test219: Add http as a required feature Daniel Stenberg (25 Aug 2016) - [Michael Kaufmann brought this change] HTTP: stop parsing headers when switching to unknown protocols - unknown protocols probably won't send more headers (e.g. WebSocket) - improved comments and moved them to the correct case statements Closes #899 - openssl: make build with 1.1.0 again synced with OpenSSL git master commit cc06906707 - INTERNALS: fix title - configure: detect zlib with our pkg-config macros ... instead of relying on the pkg-config autoconf macros to be present. Fixes #972 (again...) Jay Satiro (25 Aug 2016) - http2: Remove incorrect comments .. also remove same from scp Daniel Stenberg (23 Aug 2016) - [Ales Novak brought this change] ftp: fix wrong poll on the secondary socket When we're uploading using FTP and the server issues a tiny pause between opening the connection to the client's secondary socket, the client's initial poll() times out, which leads to second poll() which does not wait for POLLIN on the secondary socket. So that poll() also has to time out, creating a long (200ms) pause. This patch adds the correct flag to the secondary socket, making the second poll() correctly wait for the connection there too. Signed-off-by: Ales Novak <alnovak@suse.cz> Closes #978 - RELEASE-NOTES: synced with 95ded2c56 - configure: make it work without PKG_CHECK_MODULES With commit c2f9b78 we added a new dependency on pkg-config for developers which may be unwanted. This change make the configure script still work as before if pkg-config isn't installed, it'll just use the old zlib detection logic without pkg-config. Reported-by: Marc Hörsken Fixes #972 Marc Hoersken (21 Aug 2016) - Revert "KNOWN_BUGS: SOCKS proxy not working via IPv6" This reverts commit 9cb1059f92286a6eb5d28c477fdd3f26aed1d554. As discussed in #835 SOCKS5 supports IPv6 proxies and destinations. Daniel Stenberg (21 Aug 2016) - [Marco Deckel brought this change] win: Basic support for Universal Windows Platform apps Closes #820 Steve Holme (21 Aug 2016) - sasl: Don't use GSSAPI authentication when domain name not specified Only choose the GSSAPI authentication mechanism when the user name contains a Windows domain name or the user is a valid UPN. Fixes #718 - vauth: Added check for supported SSPI based authentication mechanisms Completing commit 00417fd66c and 2708d4259b. - http.c: Remove duplicate (authp->avail & CURLAUTH_DIGEST) check From commit 2708d4259b. Marc Hoersken (20 Aug 2016) - socks.c: display the hostname returned by the SOCKS5 proxy server Instead of displaying the requested hostname the one returned by the SOCKS5 proxy server is used in case of connection error. The requested hostname is displayed earlier in the connection sequence. The upper-value of the port is moved to a temporary variable and replaced with a 0-byte to make sure the hostname is 0-terminated. Steve Holme (20 Aug 2016) - urldata.h: Corrected comment for httpcode which is also populated by SMTP As of 7.25.0 and commit 5430007222. Marc Hoersken (20 Aug 2016) - socks.c: use Curl_printable_address in SOCKS5 connection sequence Replace custom string formatting with Curl_printable_address. Add additional debug and error output in case of failures. - socks.c: align SOCKS4 connection sequence with SOCKS5 Calling sscanf is not required since the raw IPv4 address is available and the protocol can be detected using ai_family. Steve Holme (20 Aug 2016) - http.c: Corrected indentation change from commit 2708d4259b Made by Visual Studio's auto-correct feature and missed by me in my own code reviews! - http: Added calls to Curl_auth_is_<mechansism>_supported() Hooked up the HTTP authentication layer to query the new 'is mechanism supported' functions when deciding what mechanism to use. As per commit 00417fd66c existing functionality is maintained for now. Marc Hoersken (20 Aug 2016) - socks.c: improve verbose output of SOCKS5 connection sequence - configure.ac: add missing quotes to PKG_CHECK_MODULES Steve Holme (20 Aug 2016) - sasl: Added calls to Curl_auth_is_<mechansism>_supported() Hooked up the SASL authentication layer to query the new 'is mechanism supported' functions when deciding what mechanism to use. For now existing functionality is maintained. Daniel Stenberg (19 Aug 2016) - [Miroslav Franc brought this change] spnego_sspi: fix memory leak in case *outlen is zero (#970) - CURLMOPT_MAX_TOTAL_CONNECTIONS.3: mention it can also multiplex Steve Holme (18 Aug 2016) - vauth: Introduced Curl_auth_is_<mechansism>_supported() functions As Windows SSPI authentication calls fail when a particular mechanism isn't available, introduced these functions for DIGEST, NTLM, Kerberos 5 and Negotiate to allow both HTTP and SASL authentication the opportunity to query support for a supported mechanism before selecting it. For now each function returns TRUE to maintain compatability with the existing code when called. Daniel Stenberg (18 Aug 2016) - test1144: verify HEAD with body-only response Steve Holme (17 Aug 2016) - RELEASE-PROCEDURE: Added some more future release dates ...and removed some old ones Daniel Stenberg (17 Aug 2016) - [David Woodhouse brought this change] curl: allow "pkcs11:" prefix for client certificates RFC7512 provides a standard method to reference certificates in PKCS#11 tokens, by means of a URI starting 'pkcs11:'. We're working on fixing various applications so that whenever they would have been able to use certificates from a file, users can simply insert a PKCS#11 URI instead and expect it to work. This expectation is now a part of the Fedora packaging guidelines, for example. This doesn't work with cURL because of the way that the colon is used to separate the certificate argument from the passphrase. So instead of curl -E 'pkcs11:manufacturer=piv_II;id=%01' … I instead need to invoke cURL with the colon escaped, like this: curl -E 'pkcs11\:manufacturer=piv_II;id=%01' … This is suboptimal because we want *consistency* — the URI should be usable in place of a filename anywhere, without having strange differences for different applications. This patch therefore disables the processing in parse_cert_parameter() when the string starts with 'pkcs11:'. It means you can't pass a passphrase with an unescaped PKCS#11 URI, but there's no need to do so because RFC7512 allows a PIN to be given as a 'pin-value' attribute in the URI itself. Also, if users are already using RFC7512 URIs with the colon escaped as in the above example — even providing a passphrase for cURL to handling instead of using a pin-value attribute, that will continue to work because their string will start 'pkcs11\:' and won't match the check. What *does* break with this patch is the extremely unlikely case that a user has a file which is in the local directory and literally named just "pkcs11", and they have a passphrase on it. If that ever happened, the user would need to refer to it as './pkcs11:<passphrase>' instead. - nss: make the global variables static - openssl: use regular malloc instead of OPENSSL_malloc This allows for better memmory debugging and torture tests. - proxy: fix tests as follow-up to 93b0d907d5 This fixes tests that were added after 113f04e664b as the tests would fail otherwise. We bring back "Proxy-Connection: Keep-Alive" now unconditionally to fix regressions with old and stupid proxies, but we could possibly switch to using it only for CONNECT or only for NTLM in a future if we want to gradually reduce it. Fixes #954 Reported-by: János Fekete - Revert "Proxy-Connection: stop sending this header by default" This reverts commit 113f04e664b16b944e64498a73a4dab990fe9a68. - CURLOPT_PROXY.3: unsupported schemes cause errors now Follow-up to a96319ebb9 (document the new behavior) - tests/README: mention nghttpx for HTTP/2 tests - README.md: add our CII Best Practices badge - proxy: polished the error message for unsupported schemes Follow up to a96319ebb93 - test219: verify unsupported scheme for proxies get rejected - proxy: reject attempts to use unsupported proxy schemes I discovered some people have been using "https://example.com" style strings as proxy and it "works" (curl doesn't complain) because curl ignores unknown schemes and then assumes plain HTTP instead. I think this misleads users into believing curl uses HTTPS to proxies when it doesn't. Now curl rejects proxy strings using unsupported schemes instead of just ignoring and defaulting to HTTP. - RELEASE-NOTES: synced with b7ee5316c2fd5b Marc Hoersken (14 Aug 2016) - socks.c: Correctly calculate position of port in response packet Third commit to fix issue #944 regarding SOCKS5 error handling. Reported-by: David Kalnischkies - socks.c: Do not modify and invalidate calculated response length Second commit to fix issue #944 regarding SOCKS5 error handling. Reported-by: David Kalnischkies - socks.c: Move error output after reading the whole response packet First commit to fix issue #944 regarding SOCKS5 error handling. Reported-by: David Kalnischkies Daniel Stenberg (13 Aug 2016) - [Ronnie Mose brought this change] MANUAL: Remove invalid link to LDAP documentation (#962) The server developer.netscape.com does not resolve into any ip address and can be removed. Jay Satiro (13 Aug 2016) - openssl: accept subjectAltName iPAddress if no dNSName match Undo change introduced in d4643d6 which caused iPAddress match to be ignored if dNSName was present but did not match. Also, if iPAddress is present but does not match, and dNSName is not present, fail as no-match. Prior to this change in such a case the CN would be checked for a match. Bug: https://github.com/curl/curl/issues/959 Reported-by: wmsch@users.noreply.github.com Daniel Stenberg (12 Aug 2016) - [Dambaev Alexander brought this change] configure.ac: add zlib search with pkg-config Closes #956 - rtsp: ignore whitespace in session id Follow-up to e577c43bb to fix test case 569 brekage: stop the parser at whitespace as well. Help-by: Erik Janssen - HTTP: retry failed HEAD requests too Mark's new document about HTTP Retries (https://mnot.github.io/I-D/httpbis-retry/) made me check our code and I spotted that we don't retry failed HEAD requests which seems totally inconsistent and I can't see any reason for that separate treatment. So, no separate treatment for HEAD starting now. A HTTP request sent over a reused connection that gets cut off before a single byte is received will be retried on a fresh connection. Made-aware-by: Mark Nottingham - mk-ca-bundle.1: document -m, added in 1.26 - RELEASE-NOTES: synced with e577c43bb5 - [Erik Janssen brought this change] rtsp: accept any RTSP session id Makes libcurl work in communication with gstreamer-based RTSP servers. The original code validates the session id to be in accordance with the RFC. I think it is better not to do that: - For curl the actual content is a don't care. - The clarity of the RFC is debatable, is $ allowed or only as \$, that is imho not clear - Gstreamer seems to url-encode the session id but % is not allowed by the RFC - less code With this patch curl will correctly handle real-life lines like: Session: biTN4Kc.8%2B1w-AF.; timeout=60 Bug: https://curl.haxx.se/mail/lib-2016-08/0076.html - symbols-in-versions: add CURL_STRICTER Added in 5fce88aa8c12564 - [Simon Warta brought this change] winbuild: Allow changing C compiler via environment variable CC (#952) This makes it possible to use specific compilers or a cache. Sample use for clcache: set CC=clcache.bat nmake /f Makefile.vc DEBUG=no MODE=static VC=14 GEN_PDB=no - LICENSE-MIXING.md: switched to markdown - docs-make: have markdown files use .md - curl.h: make CURL_NO_OLDIES define CURL_STRICTER - HISTORY.md: use markdown extension - SSLCERTS.md: renamed to markdown extension - INTERNALS.md: use markdown extension for markdown content - CONTRIBUTE.md: markdown extension - CONTRIBUTE: changed to markdown - CONTRIBUTE: refreshed - TODO: added an SSH section and two SFTP things to do - TODO: remove the 1.22 duplicated item - TODO: move "CURLOPT_MAIL_CLIENT" to SMTP section - TODO: API for URL parsing/splitting - TODO: move QUIC to the HTTP section - [Simon Warta brought this change] winbuild: Free name $(CC) in Makefile (#950) In the old line number 290, CC and CURL_CC had the same value. After that, /DCURL_STATICLIB was added to CC but not CURL_CC (intended?). This gets rid of the CC variable entirely. It is a first step to make it possible to manualyl set a CC variable in order to be able to change the compiler. - TODO: Use huge HTTP/2 windows - [Simon Warta brought this change] winbuild: Avoid setting redundant CFLAGS to compile commands (#949) $(CURL_CC) is always used with $(CURL_CFLAGS) appended, so before this, all arguments in CURL_CFLAGS have been added twice. Jay Satiro (8 Aug 2016) - cmake: Enable win32 threaded resolver by default - Turn on USE_THREADS_WIN32 in Windows if ares isn't on This change is similar to what we already do in the autotools build. - cmake: Enable win32 large file support by default All compilers used by cmake in Windows should support large files. - Add test SIZEOF_OFF_T - Remove outdated test SIZEOF_CURL_OFF_T - Turn on USE_WIN32_LARGE_FILES in Windows - Check for 'Largefile' during the features output Daniel Stenberg (7 Aug 2016) - TODO: added several ideas, removed SPDY - http2: always wait for readable socket Since the server can at any time send a HTTP/2 frame to us, we need to wait for the socket to be readable during all transfers so that we can act on incoming frames even when uploading etc. Reminded-by: Tatsuhiro Tsujikawa - RELEASE-NOTES: synced with 7b4bf37a44791 - [Thomas Glanzmann brought this change] mbedtls: set debug threshold to 4 (verbose) when MBEDTLS_DEBUG is defined In order to make MBEDTLS_DEBUG work, the debug threshold must be unequal to 0. This patch also adds a comment how mbedtls must be compiled in order to make debugging work, and explains the possible debug levels. - CURLOPT_TCP_NODELAY: now enabled by default After a few wasted hours hunting down the reason for slowness during a TLS handshake that turned out to be because of TCP_NODELAY not being set, I think we have enough motivation to toggle the default for this option. We now enable TCP_NODELAY by default and allow applications to switch it off. This also makes --tcp-nodelay unnecessary, but --no-tcp-nodelay can be used to disable it. Thanks-to: Tim Rühsen Bug: https://curl.haxx.se/mail/lib-2016-06/0143.html - [Serj Kalichev brought this change] TFTP: Fix upload problem with piped input When input stream for curl is stdin and input stream is not a file but generated by a script then curl can truncate data transfer to arbitrary size since a partial packet is treated as end of transfer by TFTP. Fixes #857 - mk-ca-bundle.pl: -m keeps ca cert meta data in output Makes the script pass on comments holding meta data to the output file. Like fingerprinters, issuer, date ranges etc. Closes #937 - multi: make Curl_expire() work with 0 ms timeouts Previously, passing a timeout of zero to Curl_expire() was a magic code for clearing all timeouts for the handle. That is now instead made with the new Curl_expire_clear() function and thus a 0 timeout is fine to set and will trigger a timeout ASAP. This will help removing short delays, in particular notable when doing HTTP/2. - transfer: return without select when the read loop reached maxcount Regression added in 790d6de48515. The was then added to avoid one particular transfer to starve out others. But when aborting due to reading the maxcount, the connection must be marked to be read from again without first doing a select as for some protocols (like SFTP/SCP) the data may already have been read off the socket. Reported-by: Dan Donahue Bug: https://curl.haxx.se/mail/lib-2016-07/0057.html Steve Holme (3 Aug 2016) - [Bill Nagel brought this change] mbedtls: Added support for NTLM Daniel Stenberg (3 Aug 2016) - [Sergei Nikulov brought this change] travis: removed option to rebuild autotool from source Fixes #943 - bump: start working toward 7.50.2 Version 7.50.1 (3 Aug 2016) Daniel Stenberg (3 Aug 2016) - THANKS: 7 new contributors from the 7.50.1 release - RELEASE-NOTES: 7.50.1 - TLS: only reuse connections with the same client cert CVE-2016-5420 Bug: https://curl.haxx.se/docs/adv_20160803B.html - TLS: switch off SSL session id when client cert is used CVE-2016-5419 Bug: https://curl.haxx.se/docs/adv_20160803A.html Reported-by: Bru Rom Contributions-by: Eric Rescorla and Ray Satiro - curl_multi_cleanup: clear connection pointer for easy handles CVE-2016-5421 Bug: https://curl.haxx.se/docs/adv_20160803C.html Reported-by: Marcelo Echeverria and Fernando Muñoz - KNOWN_BUGS: SOCKS proxy not working via IPv6 Closes #835 - KNOWN_BUGS: CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM Closes #768 - KNOWN_BUGS: transfer-encoding: chunked in HTTP/2 Closes #662 - TODO: Provide cmake config-file Closes #885 Patrick Monnerat (2 Aug 2016) - os400: define BUILDING_LIBCURL in make script. Daniel Stenberg (1 Aug 2016) - RELEASE-NOTES: synced with aa9f536a18b Jay Satiro (1 Aug 2016) - [Thomas Glanzmann brought this change] mbedtls: Fix debug function name This patch is necessary so that curl compiles if MBEDTLS_DEBUG is defined. Bug: https://curl.haxx.se/mail/lib-2016-08/0001.html Daniel Stenberg (1 Aug 2016) - [Sergei Nikulov brought this change] travis: fix OSX build by re-installing libtool Apparently due to a broken homebrew install fixes #934 Closes #939 - [Martin Vejnár brought this change] win32: fix a potential memory leak in Curl_load_library If a call to GetSystemDirectory fails, the `path` pointer that was previously allocated would be leaked. This makes sure that `path` is always freed. Closes #938 - include: revert 9adf3c4 and make public types void * again Many applications assume the actual contents of the public types and use that do for example forward declarations (saving them from including our public header) which then breaks when we switch from void * to a struct *. I'm not convinced we were wrong, but since this practise seems widespread enough I'm willing to (partly) step down. Now libcurl uses the struct itself when it is built and it allows applications to use the struct type if CURL_STRICTER is defined at the time of the #include. Reported-by: Peter Frühberger Fixes #926 Jay Satiro (28 Jul 2016) - [Yonggang Luo brought this change] cmake: Fix for schannel support The check_library_exists_concat do not check crypt32 library properly. So include it directly. Bug: https://github.com/curl/curl/pull/917 Reported-by: Yonggang Luo Bug: https://github.com/curl/curl/issues/935 Reported-by: Alain Danteny - Revert "travis: Install libtool for OS X builds" Didn't work. This reverts commit 50723585ed380744358de054e2a55dccee65dfd7. - travis: Install libtool for OS X builds CI is failing due to missing libtoolize, so I'm trying this. Daniel Stenberg (26 Jul 2016) - [Viktor Szakats brought this change] TODO: minor typo in last commit merged #931 - TODO: Timeout idle connections from the pool Patrick Monnerat (25 Jul 2016) - os400: minimum supported OS version: V6R1M0. Do not log compilation informational messages. Jay Satiro (24 Jul 2016) - tests: Fix for http/2 feature Bug: https://curl.haxx.se/mail/lib-2016-07/0070.html Reported-by: Paul Howarth Steve Holme (23 Jul 2016) - README: Mention wolfSSL in the 'Dependencies' section - vauth.h: No need to query HAVE_GSSAPI || USE_WINDOWS_SSPI for SPNEGO As SPNEGO is only defined when these pre-processor variables are defined there is no need to query them explicitly. - spnego: Corrected miss-placed * in Curl_auth_spnego_cleanup() declaration Typo introduced in commit ad5e9bfd5d. Daniel Stenberg (22 Jul 2016) - SECURITY: mention how to get windows-specific CVEs ... and make the distros link a proper link Dan Fandrich (21 Jul 2016) - test558: fix test by stripping file paths from FD lines Kamil Dudka (21 Jul 2016) - tests: distribute the http2-server.pl script, too - docs: distribute the CURLINFO_HTTP_VERSION(3) man page, too Daniel Stenberg (21 Jul 2016) - bump: start working on 7.50.1 Version 7.50.0 (21 Jul 2016) Daniel Stenberg (21 Jul 2016) - RELEASE-NOTES: version 7.50.0 ready - THANKS: 13 new contributors from the 7.50.0 release Jay Satiro (21 Jul 2016) - winbuild: fix embedded manifest option Embedded manifest option didn't work due to typo. Reported-by: Stefan Kanthak - vauth: Fix memleak by freeing credentials if out of memory This is a follow up to the parent commit dcdd4be which fixes one leak but creates another by failing to free the credentials handle if out of memory. Also there's a second location a few lines down where we fail to do same. This commit fixes both of those issues. Daniel Stenberg (20 Jul 2016) - [Saurav Babu brought this change] vauth: Fixed memory leak due to function returning without free This patch allocates memory to "output_token" only when it is required so that memory is not leaked if function returns. - test558: updated after ipv6-check move Follow-up commit to c50980807c5 to make this test pass. Jay Satiro (20 Jul 2016) - connect: disable TFO on Linux when using SSL - Linux TFO + TLS is not implemented yet. Bug: https://github.com/curl/curl/issues/907 Daniel Stenberg (19 Jul 2016) - ROADMAP: QUIC and TLS 1.3 - RELEASE-NOTES: synced with c50980807c5 Jay Satiro (18 Jul 2016) - [Brian Prodoehl brought this change] curl_global_init: Check if IPv6 works - Curl_ipv6works() is not thread-safe until after the first call, so call it once during global init to avoid a possible race condition. Bug: https://github.com/curl/curl/issues/915 PR: https://github.com/curl/curl/pull/918 - [Timothy Polich brought this change] CURLMOPT_SOCKETFUNCTION.3: fix typo Closes https://github.com/curl/curl/pull/914 - [Miroslav Franc brought this change] library: Fix memory leaks found during static analysis Closes https://github.com/curl/curl/pull/913 - [Viktor Szakats brought this change] cookie.c: Fix misleading indentation Closes https://github.com/curl/curl/pull/911 - FAQ: Update FTP directory listing section for MLSD command Explain how some FTP servers support the machine readable listing format MLSD from RFC 3659 and compare it to LIST. Ref: https://github.com/curl/curl/issues/906 Daniel Stenberg (1 Jul 2016) - [Sergei Nikulov brought this change] Appveyor: Updates for options - CURL_STATICLIB/BUILD_TESTING Closes #892 - TODO: 17.4 also brings more HTTP/2 support - TODO: try next proxy if one doesn't work Closes #896 - conn: don't free easy handle data in handler->disconnect Reported-by: Gou Lingfeng Bug: https://curl.haxx.se/mail/lib-2016-06/0139.html - test1244: test different proxy ports same URL - curl_global_init.3: improved formatting of the flags - curl_global_init.3: expand on the SSL and WIN32 bits purpose Reported-by: Richard Gray Bug: https://curl.haxx.se/mail/lib-2016-06/0136.html - [Michael Kaufmann brought this change] cleanup: minor code cleanup in Curl_http_readwrite_headers() - the expression of an 'if' was always true - a 'while' contained a condition that was always true - use 'if(k->exp100 > EXP100_SEND_DATA)' instead of 'if(k->exp100)' - fixed a typo Closes #889 - SFTP: set a generic error when no SFTP one exists... ... as otherwise we could get a 0 which would count as no error and we'd wrongly continue and could end up segfaulting. Bug: https://curl.haxx.se/mail/lib-2016-06/0052.html Reported-by: 暖和的和暖 - ROADMAP: http2 tests are merged, mention http2 perf - docs/README.md: to render nicer pages on github ... as previously the README.cmake would be picked and put at the bottom of the docs page there and it wasn't very representative! - README.md: change host name for the svg logo rawgit.com asks to use the domain cdn.rawgit.com for production See #900 - [Viktor Szakats brought this change] README.md: use the SVG logo - README.md: logo on top! - KNOWN_BUGS: 3.4 POP3 expects "CRLF.CRLF" eob for some Closes #740 - RELEASE-NOTES: synced with d61c80515aa8 - [Michael Osipov brought this change] acinclude.m4: improve autodetection of CA bundle on FreeBSD The FreeBSD Port security/ca_root_nss installs the Mozilla NSS CA bundle to /usr/local/share/certs/ca-root-nss.crt. Use this bundle in the discovery process. This change also removes the former FreeBSD path that has been obsolete for 8 years since this FreeBSD ports commit: https://svnweb.freebsd.org/ports/head/security/?view=revision&revision=215953 Closes #894 - configure: don't specify .lib for libs on windows Another follow up for crypt32.lib linking with winssl - configure: fix winssl LIBS change typo follow-up from 120bf29e - TODO: "TCP Fast Open" is done, add monitor pool connections - configure: add crypt32.lib for winssl builds Necessary since 6cabd78531f - Makefile.vc: link with crypt32.lib for winssl builds Necessary since 6cabd78531f Fixes #853 - [Joel Depooter brought this change] VC: Add crypt32.lib to Visual Sudio project template files Closes #854 - vc: fix the build for schannel certinfo support Broken since 6cabd785, which adds use of the Curl_extract_certinfo function from the x509asn1.c file. - typedefs: use the full structs in internal code... ... and save the typedef'ed names for headers and external APIs. - internals: rename the SessionHandle struct to Curl_easy - headers: forward declare CURL, CURLM and CURLSH as structs Instead of typedef'ing to void, typedef to their corresponding actual struct names to allow compilers to type-check. Assisted-by: Reinhard Max Jay Satiro (22 Jun 2016) - vtls: Only call add/getsession if session id is enabled Prior to this change we called Curl_ssl_getsessionid and Curl_ssl_addsessionid regardless of whether session ID reusing was enabled. According to comments that is in case session ID reuse was disabled but then later enabled. The old way was not intuitive and probably not something users expected. When a user disables session ID caching I'd guess they don't expect the session ID to be cached anyway in case the caching is later enabled. Daniel Stenberg (22 Jun 2016) - curl.1: the used progress meter suffix is k in lower case Closes #883 - [Sergei Nikulov brought this change] cmake: now using BUILD_TESTING=ON/OFF CMake build now using BUILD_TESTING=ON/OFF (default is OFF) to build tests and enabling CTest integration. Options BUILD_CURL_TESTS and BUILD_DASHBOARD_REPORTS was removed. Closes #882 Reviewed-by: Brad King - [Michael Kaufmann brought this change] cleanup: fix method names in code comments Closes #887 Kamil Dudka (21 Jun 2016) - curl-compilers.m4: improve detection of GCC's -fvisibility= flag Some builds of GCC produce output on both stdout and stderr when --help --verbose is used. The 2>&1 redirection caused them to be arbitrarily interleaved with each other because of stream buffering. Consequently, grep failed to match the fvisibility= string in the mixed output, even though the string was present in GCC's standard output. This led to silently disabling symbol hiding in some builds of curl. Daniel Stenberg (19 Jun 2016) - tests: fix the HTTP/2 tests The HTTP/2 tests brought with commit bf05606ef1f were using the internal name 'http2' for the HTTP/2 server, while in fact that name was already used for the second instance of the HTTP server. This made tests using the second instance (like test 2050) fail after a HTTP/2 test had run. The server is now known as HTTP/2 internally and within the <server> section in test cases. 1700, 1701 and 1702 were updated accordingly. - openssl: use more 'const' to fix build warnings with 1.1.0 branch - curl.1: missed 'T' in the progress unit suffixes - curl.1: mention the unix for the progress meter Patrick Monnerat (16 Jun 2016) - os400: add new definitions to ILE/RPG binding. Daniel Stenberg (16 Jun 2016) - openssl: fix cert check with non-DNS name fields present Regression introduced in 5f5b62635 (released in 7.48.0) Reported-by: Fabian Ruff Fixes #875 Dan Fandrich (16 Jun 2016) - axtls: Use Curl_wait_ms instead of the less-portable usleep - axtls: Fixed compile after compile 31c521b0 - tests: Added HTTP proxy keywords to tests 1141 & 1142 Jay Satiro (15 Jun 2016) - [Sergei Nikulov brought this change] cmake: Fix build with winldap Bug: https://github.com/curl/curl/pull/874 Reported-by: Sergei Nikulov - CURLOPT_POSTFIELDS.3: Clarify what happens when set empty When CURLOPT_POSTFIELDS is set to an empty string libcurl will send a zero-byte POST. Prior to this change it was documented as sending data from the read callback. This also changes the wording of what happens when empty or NULL so that it's hopefully easier to understand for people whose primary language isn't English. Bug: https://github.com/curl/curl/issues/862 Reported-by: Askar Safin - [Michael Wallner brought this change] curl_multi_socket_action.3: Fix rewording - Remove some erroneous text. Closes https://github.com/curl/curl/pull/865 - [Luo Jinghua brought this change] resolve: enable protocol family logic for synthesized IPv6 - Enable protocol family logic for IPv6 resolves even when support for synthesized addresses is enabled. This is a follow up to the parent commit that added support for synthesized IPv6 addresses from IPv4 on iOS/OS X. The protocol family logic needed for IPv6 was inadvertently excluded if support for synthesized addresses was enabled. Bug: https://github.com/curl/curl/issues/863 Ref: https://github.com/curl/curl/pull/866 Ref: https://github.com/curl/curl/pull/867 Daniel Stenberg (7 Jun 2016) - [Luo Jinghua brought this change] resolve: add support for IPv6 DNS64/NAT64 Networks on OS X + iOS Use getaddrinfo() to resolve the IPv4 address literal on iOS/Mac OS X. If the current network interface doesn’t support IPv4, but supports IPv6, NAT64, and DNS64. Closes #866 Fixes #863 - tests: two more HTTP/2 tests 1701 and 1702 - runtests: don't display logs when http2 server fails to start - runtests: make stripfile work on stdout as well ... and have test 1700 use that to strip out the nghttpx server: headers - http2-tests: test1700 is the first real HTTP/2 test It requires that 'nghttpx' is in the PATH, and it will run the tests using nghttpx as a front-end proxy in front of the standard HTTP/1 test server. This uses HTTP/2 over plain TCP. If you like me have nghttpx installed in a custom path, you can run test 1700 like this: $ PATH=$PATH:$HOME/build-nghttp2/bin/ ./runtests.pl 1700 - RELEASE-NOTES: synced with 34855feeb4c299 Steve Holme (6 Jun 2016) - schannel: Disable ALPN on Windows < 8.1 Calling QueryContextAttributes with SECPKG_ATTR_APPLICATION_PROTOCOL fails on Windows < 8.1 so we need to disable ALPN on these OS versions. Inspiration provide by: Daniel Seither Closes #848 Fixes #840 Jay Satiro (5 Jun 2016) - checksrc: Add LoadLibrary to the banned functions list LoadLibrary was supplanted by Curl_load_library for security reasons in 6df916d. - http: Fix HTTP/2 connection reuse - Change the parser to not require a minor version for HTTP/2. HTTP/2 connection reuse broke when we changed from HTTP/2.0 to HTTP/2 in 8243a95 because the parser still expected a minor version. Bug: https://github.com/curl/curl/issues/855 Reported-by: Andrew Robbins, Frank Gevaerts Steve Holme (4 Jun 2016) - connect.c: Fixed compilation warning from commit 332e8d6164 connect.c:952:5: warning: suggest explicit braces to avoid ambiguous 'else' - win32: Used centralised verify windows version function Closes #845 - win32: Added verify windows version functionality - win32: Introduced centralised verify windows version function Kamil Dudka (3 Jun 2016) - tool_urlglob: fix off-by-one error in glob_parse() ... causing SIGSEGV while parsing URL with too many globs. Minimal example: $ curl $(for i in $(seq 101); do printf '{a}'; done) Reported-by: Romain Coltel Bug: https://bugzilla.redhat.com/1340757 Daniel Stenberg (1 Jun 2016) - [Benjamin Kircher brought this change] libcurl-multi.3: fix small typo Closes #850 - [Viktor Szakats brought this change] makefile.m32: add crypt32 for winssl builds Dependency added by 6cabd78 Closes #849 - [Ivan Avdeev brought this change] vtls: fix ssl session cache race condition Sessionid cache management is inseparable from managing individual session lifetimes. E.g. for reference-counted sessions (like those in SChannel and OpenSSL engines) every session addition and removal should be accompanied with refcount increment and decrement respectively. Failing to do so synchronously leads to a race condition that causes symptoms like use-after-free and memory corruption. This commit: - makes existing session cache locking explicit, thus allowing individual engines to manage lock's scope. - fixes OpenSSL and SChannel engines by putting refcount management inside this lock's scope in relevant places. - adds these explicit locking calls to other engines that use sessionid cache to accommodate for this change. Note, however, that it is unknown whether any of these engines could also have this race. Bug: https://github.com/curl/curl/issues/815 Fixes #815 Closes #847 - [Andrew Kurushin brought this change] schannel: add CURLOPT_CERTINFO support Closes #822 - RELEASE-NOTES: synced with 142ee9fa15002315 - openssl: rename the private SSL_strerror ... to make it not look like an OpenSSL function - [Michael Kaufmann brought this change] openssl: Use correct buffer sizes for error messages Closes #844 - curl: fix -q [regression] This broke in 7.49.0 with commit e200034425a7625 Fixes #842 - URL parser: allow URLs to use one, two or three slashes Mostly in order to support broken web sites that redirect to broken URLs that are accepted by browsers. Browsers are typically even more leniant than this as the WHATWG URL spec they should allow an _infinite_ amount. I tested 8000 slashes with Firefox and it just worked. Added test case 1141, 1142 and 1143 to verify the new parser. Closes #791 - [Renaud Lehoux brought this change] cmake: Added missing mbedTLS support Closes #837 - [Renaud Lehoux brought this change] mbedtls: removed unused variables Closes #838 - [Frank Gevaerts brought this change] http: add CURLINFO_HTTP_VERSION and %{http_version} Adds access to the effectively used http version to both libcurl and curl. Closes #799 - bump: start the journey toward 7.50.0 - [Marcel Raad brought this change] openssl: fix build with OPENSSL_NO_COMP With OPENSSL_NO_COMP defined, there is no function SSL_COMP_free_compression_methods Closes #836 - [Gisle Vanem brought this change] memdebug: fix MSVC crash with -DMEMDEBUG_LOG_SYNC Fixes #828 - [Jonathan brought this change] README.md: polish Closes #834 - RELEASE-NOTES: fix vuln link Version 7.49.1 (30 May 2016) Daniel Stenberg (30 May 2016) - RELEASE-NOTES: 7.49.1 - [Steve Holme brought this change] loadlibrary: Only load system DLLs from the system directory Inspiration provided by: Daniel Stenberg and Ray Satiro Bug: https://curl.haxx.se/docs/adv_20160530.html Ref: Windows DLL hijacking with curl, CVE-2016-4802 - ssh: fix version number check typo Jay Satiro (29 May 2016) - curl_share_setopt.3: Add min ver needed for ssl session lock Bug: https://github.com/curl/curl/issues/826 Reported-by: Michael Wallner Daniel Stenberg (29 May 2016) - ssh: fix build for libssh2 before 1.2.6 The statvfs functionality was added to libssh2 in that version, so we switch off that functionality when built with older libraries. Fixes #831 - mbedtls: fix includes so snprintf() works Regression from the previous *printf() rearrangements, this file missed to include the correct header to make sure snprintf() works universally. Reported-by: Moti Avrahami Bug: https://curl.haxx.se/mail/lib-2016-05/0196.html Steve Holme (23 May 2016) - checksrc.pl: Added variants of strcat() & strncat() to banned function list Added support for checking the tchar, unicode and mbcs variants of strcat() and strncat() in the banned function list. Daniel Stenberg (23 May 2016) - smtp: minor ident (white space) fixes - THANKS: updated after script fixes Now giving credit properly to github user names, fixed some UTF-8 issues and added names discovered when contrithanks was improved. - THANKS-filter: more name cleanups - contrithanks.sh: exclude existing names case insensitively - contrithanks.sh: use same grep pattern and -a flag as contributors.sh - contributors.sh: better grep pattern, use grep -a - THANKS-filter: fix more names - contrithanks.sh: do the same github fix as contributors.sh from 1577bfa35ba Jay Satiro (23 May 2016) - contributors: Show GitHub username if real name unknown Prior to this change if a GitHub contributor's real name was unknown they would be omitted from the list. Bug: https://github.com/curl/curl/issues/824 Daniel Stenberg (21 May 2016) - RELEASE-NOTES: synced with 3caaeffbe8ded4 Jay Satiro (20 May 2016) - openssl: cleanup must free compression methods - Free compression methods if OpenSSL 1.0.2 to avoid a memory leak. Bug: https://github.com/curl/curl/issues/817 Reported-by: jveazey@users.noreply.github.com Daniel Stenberg (20 May 2016) - [Gisle Vanem brought this change] curl_multibyte: fix compiler error While compiling lib/curl_multibyte.c with '-DUSE_WIN32_IDN' etc. I was getting: f:\mingw32\src\inet\curl\lib\memdebug.h(38): error C2054: expected '(' to follow 'CURL_EXTERN' f:\mingw32\src\inet\curl\lib\memdebug.h(38): error C2085: 'curl_domalloc': not in formal parameter list - THANKS-filter: make Jan-E get proper credit - [Jan-E brought this change] winbuild/Makefile.vc: Fix check on SSL, MBEDTLS, WINSSL exclusivity Closes #818 - [Alexander Traud brought this change] libcurl.m4: Avoid obsolete warning Closes #821 Jay Satiro (20 May 2016) - [Michael Kaufmann brought this change] CURLOPT_CONNECT_TO.3: user must not free the list prematurely The connect-to list isn't copied so as long as the handle may be used for a transfer the list must be valid. Bug: https://github.com/curl/curl/pull/819 Reported-by: Michael Kaufmann Daniel Stenberg (19 May 2016) - RELEASE-NOTES: synced with 48114a8634242c - openssl: ERR_remove_thread_state() is deprecated in latest 1.1.0 See OpenSSL commit 21e001747d4a - http2: use HTTP/2 in the HTTP/1.1-alike header ... when generating them, not "2.0" as the protocol is called just HTTP/2 and nothing else. Jay Satiro (19 May 2016) - dist: include curl_multi_socket_all.3 Closes https://github.com/curl/curl/pull/816 Steve Holme (18 May 2016) - bump: Start work on 7.49.1 Daniel Stenberg (18 May 2016) - curlbuild.h.dist: check __LP64__ as well to fix MIPS build The preprocessor check that sets up the 32bit defines for non-configure builds didn't work properly for MIPS systems as __mips__ is defined for both 32bit and 64bit. Now __LP64__ is also checked and indicates 64bit. Reported-by: Tomas Jakobsson Fixes #813 - [Marcel Raad brought this change] schannel: fix compile break with MSVC XP toolset For the Windows XP toolset of Visual C++ 2013/2015, the old Windows SDK 7.1 is used. In this case, _USING_V110_SDK71_ is defined. Closes #812 - dist: include CHECKSRC.md Reported-by: Paul Howarth Bug: https://curl.haxx.se/mail/lib-2016-05/0116.html - test/Makefile.am: include manpage-scan.pl and nroff-scan.pl in dist Reported-by: Ray Satiro Bug: https://curl.haxx.se/mail/lib-2016-05/0113.html Version 7.49.0 (17 May 2016) Daniel Stenberg (17 May 2016) - THANKS: 24 new names from 7.49.0 release notes - RELEASE-NOTES: 7.49.0 - mbedtls/polarssl: set "hostname" unconditionally ...as otherwise the TLS libs will skip the CN/SAN check and just allow connection to any server. curl previously skipped this function when SNI wasn't used or when connecting to an IP address specified host. CVE-2016-3739 Bug: https://curl.haxx.se/docs/adv_20160518A.html Reported-by: Moti Avrahami - [Frank Gevaerts brought this change] CURLOPT_RESOLVE.3: fix typo Closes #811 - docs: CURLOPT_RESOLVE overrides CURLOPT_IPRESOLVE - KNOWN_BUGS: GnuTLS backend skips really long certificate fields Closes #762 - CURLOPT_HTTPPOST.3: the data needs to be around while in use - openssl: get_cert_chain: fix NULL dereference CID 1361815: Explicit null dereferenced (FORWARD_NULL) - openssl: get_cert_chain: avoid NULL dereference CID 1361811: Explicit null dereferenced (FORWARD_NULL) - dprintf_formatf: fix (false?) Coverity warning CID 1024412: Memory - illegal accesses (OVERRUN). Claimed to happen when we run over 'workend' but the condition says <= workend and for all I can see it should be safe. Compensating for the warning by adding a byte margin in the buffer. Also, removed the extra brace level indentation in the code and made it so that 'workend' is only assigned once within the function. - RELEASE-NOTES: synced with 2dcb5adc72d6 - THANKS-filter: fixed Jonathan Cardoso Jay Satiro (15 May 2016) - ftp: fix incorrect out-of-memory code in Curl_pretransfer - Return value type must match function type. s/CURLM_OUT_OF_MEMORY/CURLE_OUT_OF_MEMORY/ Caught by Travis CI Daniel Stenberg (15 May 2016) - ftp wildcard: segfault due to init only in multi_perform The proper FTP wildcard init is now more properly done in Curl_pretransfer() and the corresponding cleanup in Curl_close(). The previous place of init/cleanup code made the internal pointer to be NULL when this feature was used with the multi_socket() API, as it was made within the curl_multi_perform() function. Reported-by: Jonathan Cardoso Machado Fixes #800 Jay Satiro (13 May 2016) - libcurl-tlibcurl-thread: Update OpenSSL links Because the old OpenSSL link now redirects to their master documentation (currently 1.1.0), which does not document the required actions for OpenSSL <= 1.0.2. Daniel Stenberg (13 May 2016) - [Viktor Szakats brought this change] darwinssl.c: fix OS X codename typo in comment - RELEASE-NOTES: synced with 68701e51c1f7 Added 8 bug fixes and 5 more contrbutors - [Jay Satiro brought this change] mprintf: Fix processing of width and prec args Prior to this change a width arg could be erroneously output, and also width and precision args could not be used together without crashing. "%0*d%s", 2, 9, "foo" Before: "092" After: "09foo" "%*.*s", 5, 2, "foo" Before: crash After: " fo" Test 557 is updated to verify this and more - [Michael Kaufmann brought this change] ConnectionExists: follow-up fix for proxy re-use Follow-up commit to 5823179 Closes #648 - [Per Malmberg brought this change] darwinssl: fix certificate verification disable on OS X 10.8 The new way of disabling certificate verification doesn't work on Mountain Lion (OS X 10.8) so we need to use the old way in that version too. I've tested this solution on versions 10.7.5, 10.8, 10.9, 10.10.2 and 10.11. Closes #802 - [Cory Benfield brought this change] http2: Add space between colon and header value curl's representation of HTTP/2 responses involves transforming the response to a format that is similar to HTTP/1.1. Prior to this change, curl would do this by separating header names and values with only a colon, without introducing a space after the colon. While this is technically a valid way to represent a HTTP/1.1 header block, it is much more common to see a space following the colon. This change introduces that space, to ensure that incautious tools are safely able to parse the header block. This also ensures that the difference between the HTTP/1.1 and HTTP/2 response layout is as minimal as possible. Bug: https://github.com/curl/curl/issues/797 Closes #798 Fixes #797 Kamil Dudka (12 May 2016) - openssl: fix compile-time warning in Curl_ossl_check_cxn() ... introduced in curl-7_48_0-293-g2968c83: Error: COMPILER_WARNING: lib/vtls/openssl.c: scope_hint: In function ‘Curl_ossl_check_cxn’ lib/vtls/openssl.c:767:15: warning: conversion to ‘int’ from ‘ssize_t’ may alter its value [-Wconversion] Jay Satiro (11 May 2016) - openssl: stricter connection check function - In the case of recv error, limit returning 'connection still in place' to EINPROGRESS, EAGAIN and EWOULDBLOCK. This is an improvement on the parent commit which changed the openssl connection check to use recv MSG_PEEK instead of SSL_peek. Ref: https://github.com/curl/curl/commit/856baf5#comments Daniel Stenberg (11 May 2016) - [Anders Bakken brought this change] TLS: SSL_peek is not a const operation Calling SSL_peek can cause bytes to be read from the raw socket which in turn can upset the select machinery that determines whether there's data available on the socket. Since Curl_ossl_check_cxn only tries to determine whether the socket is alive and doesn't actually need to see the bytes SSL_peek seems like the wrong function to call. We're able to occasionally reproduce a connect timeout due to this bug. What happens is that Curl doesn't know to call SSL_connect again after the peek happens since data is buffered in the SSL buffer and thus select won't fire for this socket. Closes #795 Jay Satiro (9 May 2016) - [Daniel Stenberg brought this change] TLS: move the ALPN/NPN enable bits to the connection Only protocols that actually have a protocol registered for ALPN and NPN should try to get that negotiated in the TLS handshake. That is only HTTPS (well, http/1.1 and http/2) right now. Previously ALPN and NPN would wrongly be used in all handshakes if libcurl was built with it enabled. Reported-by: Jay Satiro Fixes #789 Daniel Stenberg (8 May 2016) - libcurl-thread.3: openssl 1.1.0 is safe, and so is boringssl - [Antonio Larrosa brought this change] connect: fix invalid "Network is unreachable" errors Sometimes, in systems with both ipv4 and ipv6 addresses but where the network doesn't support ipv6, Curl_is_connected returns an error (intermittently) even if the ipv4 socket connects successfully. This happens because there's a for-loop that iterates on the sockets but the error variable is not resetted when the ipv4 is checked and is ok. This patch fixes this problem by setting error to 0 when checking the second socket and not having a result yet. Fixes #794 Jay Satiro (5 May 2016) - FAQ: refer to thread safety guidelines Daniel Stenberg (3 May 2016) - connections: non-HTTP proxies on different ports aren't reused either Reported-by: Oleg Pudeyev and fuchaoqun Fixes #648 - http: make sure a blank header overrides accept_decoding Reported-by: rcanavan Assisted-by: Isaac Boukris Closes #785 - CHECKSRC.md: clarified, explained the whitelist file - nroff-scan.pl: verify that references are made with \fI - docs: unified man page references to use \fI - TODO: 17.14 --fail without --location should treat 3xx as a failure Closes #727 - RELEASE-NOTES: synced with 7987f5cb14d - [Isaac Boukris brought this change] CURLOPT_ACCEPT_ENCODING.3: Follow-up clarification Mention possible content-length mismatch with sum of bytes reported by write callbacks when auto decoding is enabled. See #785 - test1140: run nroff-scan to verify man pages - nroff-scan.pl: verify the .BR references as well - CURLOPT_CONV_TO_NETWORK_FUNCTION.3: fix bad man page reference - CURLOPT_BUFFERSIZE.3: fix reference to CURLOPT_MAX_RECV_SPEED_LARGE - curl_easy_pause.3: fix man page reference Jay Satiro (1 May 2016) - tool_cb_hdr: Fix --remote-header-name with schemeless URL - Move the existing scheme check from tool_operate. In the case of --remote-header-name we want to parse Content-disposition for a filename, but only if the scheme is http or https. A recent adjustment 0dc4d8e was made to account for schemeless URLs however it's not 100% accurate. To remedy that I've moved the scheme check to the header callback, since at that point the library has already determined the scheme. Bug: https://github.com/curl/curl/issues/760 Reported-by: Kai Noda Daniel Stenberg (1 May 2016) - tls: make setting pinnedkey option fail if not supported to make it obvious to users trying to use the feature with TLS backends not supporting it. Discussed in #781 Reported-by: Travis Burtrum - nroff-scan.pl: verifies nroff pages ... not used by any test yet but can be used stand-alone. - opts: fix broken/bad references - [Michael Kaufmann brought this change] docs: fix bugs in CURLOPT_HTTP_VERSION.3 and CURLOPT_PIPEWAIT.3 Closes #786 - CURLOPT_ACCEPT_ENCODING.3: clarified As discussed in #785 - curl.1: --mail-rcpt can be used multiple times Reported-by: mgendre Closes #784 - [Karlson2k brought this change] tests: Use 'pathhelp' for paths conversions in secureserver.pl Closes #675 - [Karlson2k brought this change] tests: Use 'pathhelp' for paths conversions in sshserver.pl - [Karlson2k brought this change] tests: Use 'pathhelp' for current path in runtests.pl - [Karlson2k brought this change] tests: pathhelp.pm to process paths on Msys/Cygwin - lib: include curl_printf.h as one of the last headers curl_printf.h defines printf to curl_mprintf, etc. This can cause problems with external headers which may use __attribute__((format(printf, ...))) markers etc. To avoid that they cause problems with system includes, we include curl_printf.h after any system headers. That makes the three last headers to always be, and we keep them in this order: curl_printf.h curl_memory.h memdebug.h None of them include system headers, they all do funny #defines. Reported-by: David Benjamin Fixes #743 - memdebug.h: remove inclusion of other headers Mostly because they're not needed, because memdebug.h is always included last of all headers so the others already included the correct ones. But also, starting now we don't want this to accidentally include any system headers, as the header included _before_ this header may add defines and other fun stuff that we won't want used in system includes. - [Jay Satiro brought this change] curl -J: make it work even without http:// scheme on URL It does open up a miniscule risk that one of the other protocols that libcurl could use would send back a Content-Disposition header and then curl would act on it even if not HTTP. A future mitigation for this risk would be to allow the callback to ask libcurl which protocol is being used. Verified with test 1312 Closes #760 - manpage-scan.pl: also verify the command line option docs This script now also scans src/tool_getparam.c, docs/curl.1 and src/tool_help.c and will warn if any of them lists a command line option not mentioned in one of the other places. - curl: show the long option version of -q in the -h list - curl: remove "--socks" as "--socks5" turned 8 In commit 2e42b0a2524 (Jan 2008) we made the option "--socks" deprecated and it has not been documented since. The more explicit socks options (like --socks4 or --socks5) should be used. - curl.1: document the deprecated --ftp-ssl option - curl: remove --http-request It was mentioned as deprecated already in commit ae1912cb0d4 from 1999. It has not been documented in this millennium. - curl: mention --ntlm-wb in -h list - curl: -h output lacked --proxy-header - curl.1: document --ntlm-wb - curl.1: document the long format of -q: --disable - curl.1: mention the deprecated --krb4 option - curl.1: document --ftp-ssl-reqd Even if deprecated, document it so that people will find it as old scripts may still use it. - curl: use --telnet-option as documented The code said "telnet-options" but no documentation ever said so. It worked fine since the code is fine with a unique match of the first part. - getparam: remove support for --ftpport It has been deprecated and undocumented since commit ad5ead8bed7 (Dec 2003). --ftp-port is the proper long option name. - curl: make --disable work as long form of -q To make the aliases list reflect reality. - aliases: remove trailing space from capath string - cmdline parse: only single letter options have single-letter strings ... moved around options so that parsing the code to find all single-letter options easier. Jay Satiro (28 Apr 2016) - CURLINFO_TLS_SSL_PTR.3: Clarify SSL pointer availability Bug: https://curl.haxx.se/mail/lib-2016-04/0126.html Reported-by: Bru Rom Daniel Stenberg (28 Apr 2016) - curl_easy_getinfo.3: remove superfluous blank lines - test1139: verifies libcurl option man page presence - checks that each option has its own man page present - checks that each option is mentioned in its corresponding index man page - curl_easy_getinfo.3: added missing mention of CURLINFO_TLS_SESSION ... although it is deprecated. Jay Satiro (28 Apr 2016) - mbedtls: Fix session resume This also fixes PolarSSL session resume. Prior to this change the TLS session information wasn't properly saved and restored for PolarSSL and mbedTLS. Bug: https://curl.haxx.se/mail/lib-2016-01/0070.html Reported-by: Thomas Glanzmann Bug: https://curl.haxx.se/mail/lib-2016-04/0095.html Reported-by: Moti Avrahami Daniel Stenberg (27 Apr 2016) - RELEASE-NOTES: synced with f4298fcc6d2 - [Michael Kaufmann brought this change] opts: Fix some syntax errors in example code fragments Fixes #779 - openssl: avoid BN_print a NULL bignum OpenSSL 1.1.0-pre seems to return NULL(?) for a whole lot of those numbers so make sure the function handles this. Reported-by: Linus Nordberg - [Marcel Raad brought this change] CONNECT_ONLY: don't close connection on GSS 401/407 reponses Previously, connections were closed immediately before the user had a chance to extract the socket when the proxy required Negotiate authentication. This regression was brought in with the security fix in commit 79b9d5f1a42578f Closes #655 - CURLINFO_TLS_SESSION.3: clarify TLS library support before 7.48.0 - mbedtls.c: silly spellfix of a comment - KNOWN_BUGS: 1.10 Strips trailing dot from host name Closes #716 - test1322: verify stripping of trailing dot from host name While being debated (in #716) and a violation of RFC 7230 section 5.4, this test verifies that the existing functionality works as intended. It strips the dot from the host name and uses the host without dot throughout the internals. - multi: accidentally used resolved host name instead of proxy Regression introduced in 09b5a998 Bug: https://curl.haxx.se/mail/lib-2016-04/0084.html Reported-by: BoBo - symbols-in-versions: added new CURLSSLBACKEND_ symbols - test148: fixed after the --ftp-create-dirs retry change follow-up commit to 3c1e84f569 as it made curl try a little harder - curl.h: clarify curl_sslbackend for openssl clones and renames - [Karlson2k brought this change] url.c: fixed DEBUGASSERT() for WinSock workaround If buffer is allocated, but nothing is received during prereceive stage, than number of processed bytes must be zero. Closes #778 - KNOWN_BUGS: --interface for ipv6 binds to unusable IP address Closes #686 for now. - TODO: 1.17 Add support for IRIs Adding support for IRIs is a mouthful, but is probably interesting at least for areas and countries where the use of such "URLs" are growing popularity. Closes #776 - THANKS-filter: Travis Burtrum - lib1517: checksrc compliance - [moparisthebest brought this change] PolarSSL: Implement public key pinning Patrick Monnerat (22 Apr 2016) - os400: upgrade ILE/RPG binding - curl.h: CURLOPT_CONNECT_TO sets a struct slist *, not a string Daniel Stenberg (22 Apr 2016) - contributors.sh: make --releasenotes implied It got too annoying to type =) - RELEASE-NOTES: synced with 3c1e84f5693d8093 - curl: make --ftp-create-dirs retry on failure The underlying libcurl option used for this feature is CURLOPT_FTP_CREATE_MISSING_DIRS which has the ability to retry the dir creation, but it was never set to do that by the command line tool. Now it does. Bug: https://curl.haxx.se/mail/archive-2016-04/0021.html Reported-by: John Wanghui Help-by: Leif W - [Henrik Gaßmann brought this change] winbuild: add mbedtls support Add WITH_MBEDTLS option. Make WITH_SSL, WITH_MBEDTLS and ENABLE_WINSSL options mutual exclusive. Closes #606 - KNOWN_BUGS: fixed "5.6 Improper use of Autoconf cache variables" As of commit d9f3b365a3 - [Irfan Adilovic brought this change] configure: ac_cv_ -> curl_cv_ for write-only vars These configure vars are modified in a curl-specific way but never evaluated or loaded from cache, even though they are designated as _cv_. We could either implement proper AC_CACHE_CHECKs for them, or remove them completely. Fixes #603 as ac_cv_func_gethostbyname is no longer clobbered, and AC_CHECK_FUNC(gethostbyname...) will no longer spuriously succeed after the first configure run with caching. `ac_cv_func_strcasecmp` is curious, see #770. `eval "ac_cv_func_$func=yes"` can still cause problems as it works in tandem with AC_CHECK_FUNCS and then potentially modifies its result. It would be best to rewrite this test to use a new CURL_CHECK_FUNCS macro, which works the same as AC_CHECK_FUNCS but relies on caching the values of curl_cv_func_* variables, without modifiying ac_cv_func_*. - [Irfan Adilovic brought this change] configure: ac_cv_ -> curl_cv_ for r/w vars These configure vars are modified in a curl-specific way and modified by the configure process, but are never loaded from cache, even though they are designated as _cv_. We should implement proper AC_CACHE_CHECKs for them eventually. - [Irfan Adilovic brought this change] configure: ac_cv_func_clock_gettime -> curl_... This variable must not be cached in its current form, as any cached information will prevent the next configure run from determining the correct LIBS needed for the function. Thus, rename prefix `ac_cv_` to just `curl_`. - [Irfan Adilovic brought this change] configure: ac_cv_ -> curl_cv_ for all cached vars This was automated by: sed -b -i -f <(ack -A1 AC_CACHE_CHECK | \ ack -o 'ac_cv_.*?\b' | \ sort -u | xargs -n1 bash -c \ 'echo "s/$0/curl_cv_${0#ac_cv_}/g"') \ $(git ls-files) This only changed the prefix for 16 variables actually checked with AC_CACHE_CHECK. - openssl: builds with OpenSSL 1.1.0-pre5 The RSA, DSA and DH structs are now opaque and require use of new APIs Fixes #763 Steve Holme (20 Apr 2016) - url.c: Prefer we don't use explicit NULLs in conditions Fixed commit fa5fa65a30 to not use NULLs in if condition. Daniel Stenberg (20 Apr 2016) - [Isaac Boukris brought this change] NTLM: check for NULL pointer before deferencing At ConnectionExists, both check->proxyuser and check->proxypasswd could be NULL, so make sure to check first. Fixes #765 - [Karlson2k brought this change] tests: added test1517 ... for checking ability to receive full HTTP response when POST request is used with slow read callback function. This test checks for bug #657 and verifies the work-around from 72d5e144fbc6. Closes #720 - [Karlson2k brought this change] sendf.c: added ability to call recv() before send() as workaround WinSock destroys recv() buffer if send() is failed. As result - server response may be lost if server sent it while curl is still sending request. This behavior noticeable on HTTP server short replies if libcurl use several send() for request (usually for POST request). To workaround this problem, libcurl use recv() before every send() and keeps received data in intermediate buffer for further processing. Fixes: #657 Closes: #668 Kamil Dudka (19 Apr 2016) - connect: make sure that rc is initialized in singleipconnect() This commit fixes a Clang warning introduced in curl-7_48_0-190-g8f72b13: Error: CLANG_WARNING: lib/connect.c:1120:11: warning: The right operand of '==' is a garbage value 1118| } 1119| 1120|-> if(-1 == rc) 1121| error = SOCKERRNO; 1122| } Daniel Stenberg (19 Apr 2016) - make/checksrc: use $srcdir, not $top_srcdir - src/checksrc.whitelist: removed - tool_operate: switch to inline checksrc ignore - lib/checksrc.whitelist: not needed anymore ... as checksrc now skips comments - vtls.h: remove a space before semicolon ... that the new checksrc detected - darwinssl: removed commented out code - http_chunks: removed checksrc disable ... since checksrc now skips comments - imap: inlined checksrc disable instead of whitelist edit - checksrc: taught to skip comments ... but output non-stripped version of the line, even if that then can make the script identify the wrong position in the line at times. Showing the line stripped (ie without comments) is just too surprising. - opts/Makefile.am: list all docs file one by one ... to make it easier to add lines in patches that won't just break all other patches trying to add lines too. - curl_easy_setopt.3: mention CURLOPT_TCP_FASTOPEN - RELEASE-NOTES: synced with 03de4e4b219 (since we just merged two major features) - [Alessandro Ghedini brought this change] connect: implement TCP Fast Open for Linux Closes #660 - [Alessandro Ghedini brought this change] tool: add --tcp-fastopen option - [Alessandro Ghedini brought this change] connect: implement TCP Fast Open for OS X - [Alessandro Ghedini brought this change] url: add CURLOPT_TCP_FASTOPEN option - checksrc: pass on -D so the whitelists are found correctly - configure: remove check for libresolve 'strncasecmp' was once provided by libresolv (no trailing e) for SunOS, but this check is broken and most likely adds nothing useful. Removing now. Reported-by: Irfan Adilovic Discussed in #770 - scripts/make: use $(EXEEXT) for executables Reported-by: bodop Fixes #771 - includes: avoid duplicate memory callback typdefs even harder - checksrc/makefile.am: use $top_srcdir to find source files ... to properly support out of source tree builds. - RELEASE-NOTES: synced with 26ec93dd6aeba8dfb5 - opts: fix option references missing (section) - [Michael Kaufmann brought this change] news: CURLOPT_CONNECT_TO and --connect-to Makes curl connect to the given host+port instead of the host+port found in the URL. - makefile.vc6: use d suffix on debug object To allow both release and debug builds in parallel. Reported-by: Rod Widdowson Fixes #769 Jay Satiro (12 Apr 2016) - http2: Use size_t type for data drain count Ref: https://github.com/curl/curl/issues/659 Ref: https://github.com/curl/curl/pull/663 - http2: Improve header parsing - Error if a header line is larger than supported. - Warn if cumulative header line length may be larger than supported. - Allow spaces when parsing the path component. - Make sure each header line ends in \r\n. This fixes an out of bounds. - Disallow header continuation lines until we decide what to do. Ref: https://github.com/curl/curl/issues/659 Ref: https://github.com/curl/curl/pull/663 - http2: Add Curl_http2_strerror for HTTP/2 error codes Ref: https://github.com/curl/curl/issues/659 Ref: https://github.com/curl/curl/pull/663 - [Tatsuhiro Tsujikawa brought this change] http2: Don't increment drain when one header field is received Sicne we write header field in temporary location, not in the memory that upper layer provides, incrementing drain should not happen. Ref: https://github.com/curl/curl/issues/659 Ref: https://github.com/curl/curl/pull/663 - [Tatsuhiro Tsujikawa brought this change] http2: Ensure that http2_handle_stream_close is called This commit ensures that streams which was closed in on_stream_close callback gets passed to http2_handle_stream_close. Previously, this might not happen. To achieve this, we increment drain property to forcibly call recv function for that stream. To more accurately check that we have no pending event before shutting down HTTP/2 session, we sum up drain property into http_conn.drain_total. We only shutdown session if that value is 0. With this commit, when stream was closed before reading response header fields, error code CURLE_HTTP2_STREAM is returned even if HTTP/2 level error is NO_ERROR. This signals the upper layer that stream was closed by error just like TCP connection close in HTTP/1. Ref: https://github.com/curl/curl/issues/659 Ref: https://github.com/curl/curl/pull/663 - [Tatsuhiro Tsujikawa brought this change] http2: Process paused data first before tear down http2 session This commit ensures that data from network are processed before HTTP/2 session is terminated. This is achieved by pausing nghttp2 whenever different stream than current easy handle receives data. This commit also fixes the bug that sometimes processing hangs when multiple HTTP/2 streams are multiplexed. Ref: https://github.com/curl/curl/issues/659 Ref: https://github.com/curl/curl/pull/663 - [Tatsuhiro Tsujikawa brought this change] http2: Check session closure early in http2_recv Ref: https://github.com/curl/curl/issues/659 Ref: https://github.com/curl/curl/pull/663 - [Tatsuhiro Tsujikawa brought this change] http2: Add handling stream level error Previously, when a stream was closed with other than NGHTTP2_NO_ERROR by RST_STREAM, underlying TCP connection was dropped. This is undesirable since there may be other streams multiplexed and they are very much fine. This change introduce new error code CURLE_HTTP2_STREAM, which indicates stream error that only affects the relevant stream, and connection should be kept open. The existing CURLE_HTTP2 means connection error in general. Ref: https://github.com/curl/curl/issues/659 Ref: https://github.com/curl/curl/pull/663 Daniel Stenberg (11 Apr 2016) - http2: drain the socket better... ... but ignore EAGAIN if the stream has ended so that we don't end up in a loop. This is a follow-up to c8ab613 in order to avoid the problem d261652 was made to fix. Reported-by: Jay Satiro Clues-provided-by: Tatsuhiro Tsujikawa Discussed in #750 - KNOWN_BUGS: added info for "Hangs with PolarSSL" - KNOWN_BUGS: 1.9 HTTP/2 frames while in the connection pool kill reuse Closes #750 - build: include scripts/ in the dist Steve Holme (9 Apr 2016) - CURLOPT_SOCKS5_GSSAPI_SERVICE: Merged with CURLOPT_PROXY_SERVICE_NAME As these two options provide identical functionality, the former for SOCK5 proxies and the latter for HTTP proxies, merged the two options together. As such CURLOPT_SOCKS5_GSSAPI_SERVICE is marked as deprecated as of 7.49.0. - urldata: Use bool for socks5_gssapi_nec as it is a flag This value is set to TRUE or FALSE so should be a bool and not a long. - url: Ternary operator code style changes - CODE_STYLE: Added ternary operator example to 'Space around operators' Following conversation on the libcurl mailing list. - sasl: Fixed compilation errors from commit 9d89a0387 ...when GSS-API or Windows SSPI are not used. - url: Corrected comments following 9d89a0387 - docs: Added clarification following commit 9d89a0387 - Makefile: Fixed echo of checksrc check - checksrc: Fix issue with the autobuilds not picking up the whitelist - checksrc: Added missing vauth and vtls directories - ftp/imap/pop3/smtp: Allow the service name to be overridden Allow the service name to be overridden for DIGIST-MD5 and Kerberos 5 authentication in FTP, IMAP, POP3 and SMTP. - http_negotiate: Calculate service name and proxy service name locally Calculate the service name and proxy service names locally, rather than in url.c which will allow for us to support overriding the service name for other protocols such as FTP, IMAP, POP3 and SMTP. - ROADMAP: Updated following the move of the authentication code Patrick Monnerat (8 Apr 2016) - KNOWN_BUGS: openldap hangs. TODO: binary SASL. Daniel Stenberg (8 Apr 2016) - KNOWN_BUGS: 5.6 Improper use of Autoconf cache variables Closes #603 - KNOWN_BUGS: 11.2 error buffer not set... Closes #544 - KNOWN_BUGS: 11.1 Curl leaks .onion hostnames in DNS Closes #543 - KNOWN_BUGS: 1.8 DNS timing is wrong for HTTP redirects Closes #522 - TODO: HTTP/2 "prior knowledge" is implemented! - [Damien Vielpeau brought this change] mbedtls: fix MBEDTLS_DEBUG builds - mbedtls: implement and provide *_data_pending() ... as otherwise we might get stuck thinking there's no more data to handle. Reported-by: Damien Vielpeau Fixes #737 - mbedtls: follow-up for the previous commit - mbedtls.c: name space pollution fix, Use 'Curl_' - mbedtls.c: changed private prefix to mbed_ mbedtls_ is the prefix used by the mbedTLS library itself so we should avoid using that for our private functions. - mbedtls.h: fix compiler warnings - Revert "winbuild: trying to set some files eol=crlf for git" This reverts commit 9c08b4f1e7eced5a4d3782a3e0daa484c9d77d21. Didn't help. Caused problems. Fixes #756 - curl.1: use example.com more Make (most) example snippets use the example.com domain instead of the random ones picked and used before. Some of those were probably legitimate sites and some not. example.com is designed for this purpose. - [Michael Kaufmann brought this change] HTTP2: Add a space character after the status code The space character after the status code is mandatory, even if the reason phrase is empty (see RFC 7230 section 3.1.2) Closes #755 - [Viktor Szakats brought this change] URLs: change http to https in many places Closes #754 - winbuild: trying to set some files eol=crlf for git Thinking it might help to apply patches etc with git. - [Theodore Dubois brought this change] curl.1: change example for -F It's a bad idea to send your passwords anywhere, especially over HTTP. Modified example to send a picture instead. Fixes #752 - KNOWN_BUGS: reorganized and cleaned up Now sorted into categories and organized in the same style we do the TODO document. It will make each issue linked properly on the https://curl.haxx.se/docs/knownbugs.html web page. The sections should make it easier to find issues and issues related to areas of the reader's specific interest. Jay Satiro (6 Apr 2016) - KNOWN_BUGS: #95 curl in Windows can't handle Unicode arguments Steve Holme (6 Apr 2016) - KNOWN_BUGS: Use https://curl.haxx.se URL for github based issues - CHECKSRC.md: Corrected some typos - RELEASE-NOTES: Corrected last updated Included a summary of the checksrc.bat updates and combined two krb5 changes as they should have been implemented at the same time. - vauth: Corrected a number of typos in comments Reported-by: Michael Osipov Jay Satiro (5 Apr 2016) - KNOWN_BUGS: #94 IMAP custom requests use the LIST handler Bug: https://github.com/curl/curl/issues/536 Reported-by: eXeC64@users.noreply.github.com Daniel Stenberg (5 Apr 2016) - KNOWN_BUGS: remove 68, 70 and 72. Due to their age (we don't fully know if they actually remain) and lack of detail - very few people will bother to find out what they're about or work on them. If people truly still suffer from any of these, I assume they will be reported again and then we'll deal with them. 72. "Pausing pipeline problems." https://curl.haxx.se/mail/lib-2009-07/0214.html 70. Problem re-using easy handle after call to curl_multi_remove_handle https://curl.haxx.se/mail/lib-2009-07/0249.html 68. "More questions about ares behavior". https://curl.haxx.se/mail/lib-2009-08/0012.html - KNOWN_BUGS: remove 92 and 88, fixed - http2: fix connection reuse when PING comes after last DATA It turns out the google GFE HTTP/2 servers send a PING frame immediately after a stream ends and its last DATA has been received by curl. So if we don't drain that from the socket, it makes the socket readable in subsequent checks and libcurl then (wrongly) assumes the connection is dead when trying to reuse the connection. Reported-by: Joonas Kuorilehto Discussed in #750 - multi: remove trailing space in debug output - RELEASE-NOTES: synced with 86e97b642fb - CHECKSRC.md: mention cmdline options, fix the bullet list - docs/CHECKSRC.md: initial version Steve Holme (3 Apr 2016) - checksrc.bat: Added support for the examples Daniel Stenberg (3 Apr 2016) - lib/src: fix the checksrc invoke ... now works correctly when invoke from the root makefile |
Added scriptlibs/softwareupdate/curl/COPYING-libssh2.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 | /* Copyright (c) 2004-2007 Sara Golemon <sarag@libssh2.org> * Copyright (c) 2005,2006 Mikhail Gusarov <dottedmag@dottedmag.net> * Copyright (c) 2006-2007 The Written Word, Inc. * Copyright (c) 2007 Eli Fant <elifantu@mail.ru> * Copyright (c) 2009-2014 Daniel Stenberg * Copyright (C) 2008, 2009 Simon Josefsson * All rights reserved. * * Redistribution and use in source and binary forms, * with or without modification, are permitted provided * that the following conditions are met: * * Redistributions of source code must retain the above * copyright notice, this list of conditions and the * following disclaimer. * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials * provided with the distribution. * * Neither the name of the copyright holder nor the names * of any other contributors may be used to endorse or * promote products derived from this software without * specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY * OF SUCH DAMAGE. */ |
Added scriptlibs/softwareupdate/curl/COPYING-nghttp2.txt.
> > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | The MIT License Copyright (c) 2012, 2014, 2015, 2016 Tatsuhiro Tsujikawa Copyright (c) 2012, 2014, 2015, 2016 nghttp2 contributors Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
Added scriptlibs/softwareupdate/curl/COPYING-zlib.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 | ZLIB DATA COMPRESSION LIBRARY zlib 1.2.11 is a general purpose data compression library. All the code is thread safe. The data format used by the zlib library is described by RFCs (Request for Comments) 1950 to 1952 in the files http://tools.ietf.org/html/rfc1950 (zlib format), rfc1951 (deflate format) and rfc1952 (gzip format). All functions of the compression library are documented in the file zlib.h (volunteer to write man pages welcome, contact zlib@gzip.org). A usage example of the library is given in the file test/example.c which also tests that the library is working correctly. Another example is given in the file test/minigzip.c. The compression library itself is composed of all source files in the root directory. To compile all files and run the test program, follow the instructions given at the top of Makefile.in. In short "./configure; make test", and if that goes well, "make install" should work for most flavors of Unix. For Windows, use one of the special makefiles in win32/ or contrib/vstudio/ . For VMS, use make_vms.com. Questions about zlib should be sent to <zlib@gzip.org>, or to Gilles Vollant <info@winimage.com> for the Windows DLL version. The zlib home page is http://zlib.net/ . Before reporting a problem, please check this site to verify that you have the latest version of zlib; otherwise get the latest version and check whether the problem still exists or not. PLEASE read the zlib FAQ http://zlib.net/zlib_faq.html before asking for help. Mark Nelson <markn@ieee.org> wrote an article about zlib for the Jan. 1997 issue of Dr. Dobb's Journal; a copy of the article is available at http://marknelson.us/1997/01/01/zlib-engine/ . The changes made in version 1.2.11 are documented in the file ChangeLog. Unsupported third party contributions are provided in directory contrib/ . zlib is available in Java using the java.util.zip package, documented at http://java.sun.com/developer/technicalArticles/Programming/compression/ . A Perl interface to zlib written by Paul Marquess <pmqs@cpan.org> is available at CPAN (Comprehensive Perl Archive Network) sites, including http://search.cpan.org/~pmqs/IO-Compress-Zlib/ . A Python interface to zlib written by A.M. Kuchling <amk@amk.ca> is available in Python 1.5 and later versions, see http://docs.python.org/library/zlib.html . zlib is built into tcl: http://wiki.tcl.tk/4610 . An experimental package to read and write files in .zip format, written on top of zlib by Gilles Vollant <info@winimage.com>, is available in the contrib/minizip directory of zlib. Notes for some targets: - For Windows DLL versions, please see win32/DLL_FAQ.txt - For 64-bit Irix, deflate.c must be compiled without any optimization. With -O, one libpng test fails. The test works in 32 bit mode (with the -n32 compiler flag). The compiler bug has been reported to SGI. - zlib doesn't work with gcc 2.6.3 on a DEC 3000/300LX under OSF/1 2.1 it works when compiled with cc. - On Digital Unix 4.0D (formely OSF/1) on AlphaServer, the cc option -std1 is necessary to get gzprintf working correctly. This is done by configure. - zlib doesn't work on HP-UX 9.05 with some versions of /bin/cc. It works with other compilers. Use "make test" to check your compiler. - gzdopen is not supported on RISCOS or BEOS. - For PalmOs, see http://palmzlib.sourceforge.net/ Acknowledgments: The deflate format used by zlib was defined by Phil Katz. The deflate and zlib specifications were written by L. Peter Deutsch. Thanks to all the people who reported problems and suggested various improvements in zlib; they are too numerous to cite here. Copyright notice: (C) 1995-2017 Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions: 1. The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required. 2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software. 3. This notice may not be removed or altered from any source distribution. Jean-loup Gailly Mark Adler jloup@gzip.org madler@alumni.caltech.edu If you use the zlib library in a product, we would appreciate *not* receiving lengthy legal documents to sign. The sources are provided for free but without warranty of any kind. The library has been entirely written by Jean-loup Gailly and Mark Adler; it does not include third-party code. If you redistribute modified sources, we would appreciate that you include in the file ChangeLog history information documenting your changes. Please read the FAQ for more information on the distribution of modified source versions. |
Added scriptlibs/softwareupdate/curl/COPYING.txt.
> > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | COPYRIGHT AND PERMISSION NOTICE Copyright (c) 1996 - 2017, Daniel Stenberg, <daniel@haxx.se>, and many contributors, see the THANKS file. All rights reserved. Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Except as contained in this notice, the name of a copyright holder shall not be used in advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization of the copyright holder. |
Added scriptlibs/softwareupdate/curl/LICENSE-openssl.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 | LICENSE ISSUES ============== The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License and the original SSLeay license apply to the toolkit. See below for the actual license texts. OpenSSL License --------------- /* ==================================================================== * Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * openssl-core@openssl.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */ Original SSLeay License ----------------------- /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * "This product includes cryptographic software written by * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */ |
Added scriptlibs/softwareupdate/curl/README.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 | _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| README Curl is a command line tool for transferring data specified with URL syntax. Find out how to use curl by reading the curl.1 man page or the MANUAL document. Find out how to install Curl by reading the INSTALL document. libcurl is the library curl is using to do its job. It is readily available to be used by your software. Read the libcurl.3 man page to learn how! You find answers to the most frequent questions we get in the FAQ document. Study the COPYING file for distribution terms and similar. If you distribute curl binaries or other binaries that involve libcurl, you might enjoy the LICENSE-MIXING document. CONTACT If you have problems, questions, ideas or suggestions, please contact us by posting to a suitable mailing list. See https://curl.haxx.se/mail/ All contributors to the project are listed in the THANKS document. WEB SITE Visit the curl web site for the latest news and downloads: https://curl.haxx.se/ GIT To download the very latest source off the GIT server do this: git clone https://github.com/curl/curl.git (you'll get a directory named curl created, filled with the source code) NOTICE Curl contains pieces of source code that is Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan. This notice is included here to comply with the distribution terms. |
Added scriptlibs/softwareupdate/curl/RELEASE-NOTES.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 | Curl and libcurl 7.53.1 Public curl releases: 164 Command line options: 205 curl_easy_setopt() options: 244 Public functions in libcurl: 61 Contributors: 1507 This release includes the following bugfixes: o cyassl: fix typo o url: Improve CURLOPT_PROXY_CAPATH error handling [1] o urldata: include curl_sspi.h when Windows SSPI is enabled [2] o formdata: check for EOF when reading from stdin [3] o tests: Set CHARSET & LANG to UTF-8 in 1035, 2046 and 2047 [4] o url: Default the proxy CA bundle location to CURL_CA_BUNDLE [5] o rand: added missing #ifdef HAVE_FCNTL_H around fcntl.h header [6] This release includes the following known bugs: o see docs/KNOWN_BUGS (https://curl.haxx.se/docs/knownbugs.html) This release would not have looked like this without help, code, reports and advice from friends like these: Dan Fandrich, Daniel Stenberg, İsmail Dönmez, jveazey on github, Ray Satiro, Sergii Pylypenko, Shachaf Ben-Kiki, Viktor Szakáts, (8 contributors) Thanks! (and sorry if I forgot to mention someone) References to bug reports and discussions on issues: [1] = https://curl.haxx.se/bug/?i=1257 [2] = https://curl.haxx.se/bug/?i=1276 [3] = https://curl.haxx.se/bug/?i=1281 [4] = https://curl.haxx.se/bug/?i=1277 [5] = https://curl.haxx.se/bug/?i=1257 [6] = https://curl.haxx.se/bug/?i=1285 |
Added scriptlibs/softwareupdate/curl/bin/curl-ca-bundle.crt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679 1680 1681 1682 1683 1684 1685 1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 1704 1705 1706 1707 1708 1709 1710 1711 1712 1713 1714 1715 1716 1717 1718 1719 1720 1721 1722 1723 1724 1725 1726 1727 1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 1747 1748 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 1796 1797 1798 1799 1800 1801 1802 1803 1804 1805 1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 1816 1817 1818 1819 1820 1821 1822 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850 1851 1852 1853 1854 1855 1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868 1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 1893 1894 1895 1896 1897 1898 1899 1900 1901 1902 1903 1904 1905 1906 1907 1908 1909 1910 1911 1912 1913 1914 1915 1916 1917 1918 1919 1920 1921 1922 1923 1924 1925 1926 1927 1928 1929 1930 1931 1932 1933 1934 1935 1936 1937 1938 1939 1940 1941 1942 1943 1944 1945 1946 1947 1948 1949 1950 1951 1952 1953 1954 1955 1956 1957 1958 1959 1960 1961 1962 1963 1964 1965 1966 1967 1968 1969 1970 1971 1972 1973 1974 1975 1976 1977 1978 1979 1980 1981 1982 1983 1984 1985 1986 1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025 2026 2027 2028 2029 2030 2031 2032 2033 2034 2035 2036 2037 2038 2039 2040 2041 2042 2043 2044 2045 2046 2047 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 2058 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 2088 2089 2090 2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103 2104 2105 2106 2107 2108 2109 2110 2111 2112 2113 2114 2115 2116 2117 2118 2119 2120 2121 2122 2123 2124 2125 2126 2127 2128 2129 2130 2131 2132 2133 2134 2135 2136 2137 2138 2139 2140 2141 2142 2143 2144 2145 2146 2147 2148 2149 2150 2151 2152 2153 2154 2155 2156 2157 2158 2159 2160 2161 2162 2163 2164 2165 2166 2167 2168 2169 2170 2171 2172 2173 2174 2175 2176 2177 2178 2179 2180 2181 2182 2183 2184 2185 2186 2187 2188 2189 2190 2191 2192 2193 2194 2195 2196 2197 2198 2199 2200 2201 2202 2203 2204 2205 2206 2207 2208 2209 2210 2211 2212 2213 2214 2215 2216 2217 2218 2219 2220 2221 2222 2223 2224 2225 2226 2227 2228 2229 2230 2231 2232 2233 2234 2235 2236 2237 2238 2239 2240 2241 2242 2243 2244 2245 2246 2247 2248 2249 2250 2251 2252 2253 2254 2255 2256 2257 2258 2259 2260 2261 2262 2263 2264 2265 2266 2267 2268 2269 2270 2271 2272 2273 2274 2275 2276 2277 2278 2279 2280 2281 2282 2283 2284 2285 2286 2287 2288 2289 2290 2291 2292 2293 2294 2295 2296 2297 2298 2299 2300 2301 2302 2303 2304 2305 2306 2307 2308 2309 2310 2311 2312 2313 2314 2315 2316 2317 2318 2319 2320 2321 2322 2323 2324 2325 2326 2327 2328 2329 2330 2331 2332 2333 2334 2335 2336 2337 2338 2339 2340 2341 2342 2343 2344 2345 2346 2347 2348 2349 2350 2351 2352 2353 2354 2355 2356 2357 2358 2359 2360 2361 2362 2363 2364 2365 2366 2367 2368 2369 2370 2371 2372 2373 2374 2375 2376 2377 2378 2379 2380 2381 2382 2383 2384 2385 2386 2387 2388 2389 2390 2391 2392 2393 2394 2395 2396 2397 2398 2399 2400 2401 2402 2403 2404 2405 2406 2407 2408 2409 2410 2411 2412 2413 2414 2415 2416 2417 2418 2419 2420 2421 2422 2423 2424 2425 2426 2427 2428 2429 2430 2431 2432 2433 2434 2435 2436 2437 2438 2439 2440 2441 2442 2443 2444 2445 2446 2447 2448 2449 2450 2451 2452 2453 2454 2455 2456 2457 2458 2459 2460 2461 2462 2463 2464 2465 2466 2467 2468 2469 2470 2471 2472 2473 2474 2475 2476 2477 2478 2479 2480 2481 2482 2483 2484 2485 2486 2487 2488 2489 2490 2491 2492 2493 2494 2495 2496 2497 2498 2499 2500 2501 2502 2503 2504 2505 2506 2507 2508 2509 2510 2511 2512 2513 2514 2515 2516 2517 2518 2519 2520 2521 2522 2523 2524 2525 2526 2527 2528 2529 2530 2531 2532 2533 2534 2535 2536 2537 2538 2539 2540 2541 2542 2543 2544 2545 2546 2547 2548 2549 2550 2551 2552 2553 2554 2555 2556 2557 2558 2559 2560 2561 2562 2563 2564 2565 2566 2567 2568 2569 2570 2571 2572 2573 2574 2575 2576 2577 2578 2579 2580 2581 2582 2583 2584 2585 2586 2587 2588 2589 2590 2591 2592 2593 2594 2595 2596 2597 2598 2599 2600 2601 2602 2603 2604 2605 2606 2607 2608 2609 2610 2611 2612 2613 2614 2615 2616 2617 2618 2619 2620 2621 2622 2623 2624 2625 2626 2627 2628 2629 2630 2631 2632 2633 2634 2635 2636 2637 2638 2639 2640 2641 2642 2643 2644 2645 2646 2647 2648 2649 2650 2651 2652 2653 2654 2655 2656 2657 2658 2659 2660 2661 2662 2663 2664 2665 2666 2667 2668 2669 2670 2671 2672 2673 2674 2675 2676 2677 2678 2679 2680 2681 2682 2683 2684 2685 2686 2687 2688 2689 2690 2691 2692 2693 2694 2695 2696 2697 2698 2699 2700 2701 2702 2703 2704 2705 2706 2707 2708 2709 2710 2711 2712 2713 2714 2715 2716 2717 2718 2719 2720 2721 2722 2723 2724 2725 2726 2727 2728 2729 2730 2731 2732 2733 2734 2735 2736 2737 2738 2739 2740 2741 2742 2743 2744 2745 2746 2747 2748 2749 2750 2751 2752 2753 2754 2755 2756 2757 2758 2759 2760 2761 2762 2763 2764 2765 2766 2767 2768 2769 2770 2771 2772 2773 2774 2775 2776 2777 2778 2779 2780 2781 2782 2783 2784 2785 2786 2787 2788 2789 2790 2791 2792 2793 2794 2795 2796 2797 2798 2799 2800 2801 2802 2803 2804 2805 2806 2807 2808 2809 2810 2811 2812 2813 2814 2815 2816 2817 2818 2819 2820 2821 2822 2823 2824 2825 2826 2827 2828 2829 2830 2831 2832 2833 2834 2835 2836 2837 2838 2839 2840 2841 2842 2843 2844 2845 2846 2847 2848 2849 2850 2851 2852 2853 2854 2855 2856 2857 2858 2859 2860 2861 2862 2863 2864 2865 2866 2867 2868 2869 2870 2871 2872 2873 2874 2875 2876 2877 2878 2879 2880 2881 2882 2883 2884 2885 2886 2887 2888 2889 2890 2891 2892 2893 2894 2895 2896 2897 2898 2899 2900 2901 2902 2903 2904 2905 2906 2907 2908 2909 2910 2911 2912 2913 2914 2915 2916 2917 2918 2919 2920 2921 2922 2923 2924 2925 2926 2927 2928 2929 2930 2931 2932 2933 2934 2935 2936 2937 2938 2939 2940 2941 2942 2943 2944 2945 2946 2947 2948 2949 2950 2951 2952 2953 2954 2955 2956 2957 2958 2959 2960 2961 2962 2963 2964 2965 2966 2967 2968 2969 2970 2971 2972 2973 2974 2975 2976 2977 2978 2979 2980 2981 2982 2983 2984 2985 2986 2987 2988 2989 2990 2991 2992 2993 2994 2995 2996 2997 2998 2999 3000 3001 3002 3003 3004 3005 3006 3007 3008 3009 3010 3011 3012 3013 3014 3015 3016 3017 3018 3019 3020 3021 3022 3023 3024 3025 3026 3027 3028 3029 3030 3031 3032 3033 3034 3035 3036 3037 3038 3039 3040 3041 3042 3043 3044 3045 3046 3047 3048 3049 3050 3051 3052 3053 3054 3055 3056 3057 3058 3059 3060 3061 3062 3063 3064 3065 3066 3067 3068 3069 3070 3071 3072 3073 3074 3075 3076 3077 3078 3079 3080 3081 3082 3083 3084 3085 3086 3087 3088 3089 3090 3091 3092 3093 3094 3095 3096 3097 3098 3099 3100 3101 3102 3103 3104 3105 3106 3107 3108 3109 3110 3111 3112 3113 3114 3115 3116 3117 3118 3119 3120 3121 3122 3123 3124 3125 3126 3127 3128 3129 3130 3131 3132 3133 3134 3135 3136 3137 3138 3139 3140 3141 3142 3143 3144 3145 3146 3147 3148 3149 3150 3151 3152 3153 3154 3155 3156 3157 3158 3159 3160 3161 3162 3163 3164 3165 3166 3167 3168 3169 3170 3171 3172 3173 3174 3175 3176 3177 3178 3179 3180 3181 3182 3183 3184 3185 3186 3187 3188 3189 3190 3191 3192 3193 3194 3195 3196 3197 3198 3199 3200 3201 3202 3203 3204 3205 3206 3207 3208 3209 3210 3211 3212 3213 3214 3215 3216 3217 3218 3219 3220 3221 3222 3223 3224 3225 3226 3227 3228 3229 3230 3231 3232 3233 3234 3235 3236 3237 3238 3239 3240 3241 3242 3243 3244 3245 3246 3247 3248 3249 3250 3251 3252 3253 3254 3255 3256 3257 3258 3259 3260 3261 3262 3263 3264 3265 3266 3267 3268 3269 3270 3271 3272 3273 3274 3275 3276 3277 3278 3279 3280 3281 3282 3283 3284 3285 3286 3287 3288 3289 3290 3291 3292 3293 3294 3295 3296 3297 3298 3299 3300 3301 3302 3303 3304 3305 3306 3307 3308 3309 3310 3311 3312 3313 3314 3315 3316 3317 3318 3319 3320 3321 3322 3323 3324 3325 3326 3327 3328 3329 3330 3331 3332 3333 3334 3335 3336 3337 3338 3339 3340 3341 3342 3343 3344 3345 3346 3347 3348 3349 3350 3351 3352 3353 3354 3355 3356 3357 3358 3359 3360 3361 3362 3363 3364 3365 3366 3367 3368 3369 3370 3371 3372 3373 3374 3375 3376 3377 3378 3379 3380 3381 3382 3383 3384 3385 3386 3387 3388 3389 3390 3391 3392 3393 3394 3395 3396 3397 3398 3399 3400 3401 3402 3403 3404 3405 3406 3407 3408 3409 3410 3411 3412 3413 3414 3415 3416 3417 3418 3419 3420 3421 3422 3423 3424 3425 3426 3427 3428 3429 3430 3431 3432 3433 3434 3435 3436 3437 3438 3439 3440 3441 3442 3443 3444 3445 3446 3447 3448 3449 3450 3451 3452 3453 3454 3455 3456 3457 3458 3459 3460 3461 3462 3463 3464 3465 3466 3467 3468 3469 3470 3471 3472 3473 3474 3475 3476 3477 3478 3479 3480 3481 3482 3483 3484 3485 3486 3487 3488 3489 3490 3491 3492 3493 3494 3495 3496 3497 3498 3499 3500 3501 3502 3503 3504 3505 3506 3507 3508 3509 3510 3511 3512 3513 3514 3515 3516 3517 3518 3519 3520 3521 3522 3523 3524 3525 3526 3527 3528 3529 3530 3531 3532 3533 3534 3535 3536 3537 3538 3539 3540 3541 3542 3543 3544 3545 3546 3547 3548 3549 3550 3551 3552 3553 3554 3555 3556 3557 3558 3559 3560 3561 3562 3563 3564 3565 3566 3567 3568 3569 3570 3571 3572 3573 3574 3575 3576 3577 3578 3579 3580 3581 3582 3583 3584 3585 3586 3587 3588 3589 3590 3591 3592 3593 3594 3595 3596 3597 3598 3599 3600 3601 3602 3603 3604 3605 3606 3607 3608 3609 3610 3611 3612 3613 3614 3615 3616 3617 3618 3619 3620 3621 3622 3623 3624 3625 3626 3627 3628 3629 3630 3631 3632 3633 3634 3635 3636 3637 3638 3639 3640 3641 3642 3643 3644 3645 3646 3647 3648 3649 3650 3651 3652 3653 3654 3655 3656 3657 3658 3659 3660 3661 3662 3663 3664 3665 3666 3667 3668 3669 3670 3671 3672 3673 3674 3675 3676 3677 3678 3679 3680 3681 3682 3683 3684 3685 3686 3687 3688 3689 3690 3691 3692 3693 3694 3695 3696 3697 3698 3699 3700 3701 3702 3703 3704 3705 3706 3707 3708 3709 3710 3711 3712 3713 3714 3715 3716 3717 3718 3719 3720 3721 3722 3723 3724 3725 3726 3727 3728 3729 3730 3731 3732 3733 3734 3735 3736 3737 3738 3739 3740 3741 3742 3743 3744 3745 3746 3747 3748 3749 3750 3751 3752 3753 3754 3755 3756 3757 3758 3759 3760 3761 3762 3763 3764 3765 3766 3767 3768 3769 3770 3771 3772 3773 3774 3775 3776 3777 3778 3779 3780 3781 3782 3783 3784 3785 3786 3787 3788 3789 3790 3791 3792 3793 3794 3795 3796 3797 3798 3799 3800 3801 3802 3803 3804 3805 3806 3807 3808 3809 3810 3811 3812 3813 3814 3815 3816 3817 3818 3819 3820 3821 3822 3823 3824 3825 3826 3827 3828 3829 3830 3831 3832 3833 3834 3835 3836 3837 3838 3839 3840 3841 3842 3843 3844 3845 3846 3847 3848 3849 3850 3851 3852 3853 3854 3855 3856 3857 3858 3859 3860 3861 3862 3863 3864 3865 3866 3867 3868 3869 3870 3871 3872 3873 3874 3875 3876 3877 3878 3879 3880 3881 3882 3883 3884 3885 3886 3887 3888 3889 3890 3891 3892 3893 3894 3895 3896 3897 3898 3899 3900 3901 3902 3903 3904 3905 3906 3907 3908 3909 3910 3911 3912 3913 3914 3915 3916 3917 3918 3919 3920 3921 3922 3923 3924 3925 3926 3927 3928 3929 3930 3931 3932 3933 3934 3935 3936 3937 3938 3939 3940 3941 3942 3943 3944 3945 3946 3947 3948 3949 3950 3951 3952 3953 3954 3955 3956 3957 3958 3959 3960 3961 3962 3963 3964 3965 3966 3967 3968 3969 3970 3971 3972 3973 3974 3975 3976 3977 3978 3979 3980 3981 3982 3983 3984 3985 3986 3987 3988 3989 3990 3991 3992 3993 3994 3995 3996 3997 3998 3999 4000 4001 4002 4003 4004 4005 4006 4007 4008 4009 4010 4011 4012 4013 4014 4015 4016 4017 4018 4019 4020 4021 4022 4023 4024 4025 4026 4027 4028 4029 4030 4031 4032 4033 4034 4035 4036 4037 4038 4039 4040 4041 4042 4043 | ## ## Bundle of CA Root Certificates ## ## Certificate data from Mozilla as of: Wed Jan 18 04:12:05 2017 GMT ## ## This is a bundle of X.509 certificates of public Certificate Authorities ## (CA). These were automatically extracted from Mozilla's root certificates ## file (certdata.txt). This file can be found in the mozilla source tree: ## https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt ## ## It contains the certificates in PEM format and therefore ## can be directly used with curl / libcurl / php_curl, or with ## an Apache+mod_ssl webserver for SSL client authentication. ## Just configure this file as the SSLCACertificateFile. ## ## Conversion done with mk-ca-bundle.pl version 1.27. ## SHA256: dffa79e6aa993f558e82884abf7bb54bf440ab66ee91d82a27a627f6f2a4ace4 ## GlobalSign Root CA ================== -----BEGIN CERTIFICATE----- MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UEBhMCQkUx GTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkds b2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAwMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNV BAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYD VQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa DuaZjc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6sc THAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4bwY8iGlb Kk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVtbNV4FpWi6cgKOOvyJBNP c1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrX gzT/LCrBbBlDSgeF59N89iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQUF AAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOzyj1hTdNGCbM+w6Dj Y1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE38NflNUVyRRBnMRddWQVDf9VMOyG j/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymPAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhH hm4qxFYxldBniYUr+WymXUadDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveC X4XSQRjbgbMEHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== -----END CERTIFICATE----- GlobalSign Root CA - R2 ======================= -----BEGIN CERTIFICATE----- MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4GA1UECxMXR2xv YmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2Jh bFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxT aWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2ln bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6 ErPLv4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8eoLrvozp s6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklqtTleiDTsvHgMCJiEbKjN S7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzdC9XZzPnqJworc5HGnRusyMvo4KD0L5CL TfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pazq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6C ygPCm48CAwEAAaOBnDCBmTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E FgQUm+IHV2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9i YWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG3lm0mi3f3BmGLjAN BgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4GsJ0/WwbgcQ3izDJr86iw8bmEbTUsp 9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu 01yiPqFbQfXf5WRDLenVOavSot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG7 9G+dwfCMNYxdAfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7 TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== -----END CERTIFICATE----- Verisign Class 3 Public Primary Certification Authority - G3 ============================================================ -----BEGIN CERTIFICATE----- MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQswCQYDVQQGEwJV UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv cmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl IG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNh dGlvbiBBdXRob3JpdHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQsw CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy dXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhv cml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkg Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMu6nFL8eB8aHm8bN3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1 EUGO+i2tKmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGukxUc cLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBmCC+Vk7+qRy+oRpfw EuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJXwzw3sJ2zq/3avL6QaaiMxTJ5Xpj 055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWuimi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA ERSWwauSCPc/L8my/uRan2Te2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5f j267Cz3qWhMeDGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC /Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565pF4ErWjfJXir0 xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGtTxzhT5yvDwyd93gN2PQ1VoDa t20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ== -----END CERTIFICATE----- Entrust.net Premium 2048 Secure Server CA ========================================= -----BEGIN CERTIFICATE----- MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChMLRW50cnVzdC5u ZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBpbmNvcnAuIGJ5IHJlZi4gKGxp bWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNV BAMTKkVudHJ1c3QubmV0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQx NzUwNTFaFw0yOTA3MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3 d3d3LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTEl MCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5u ZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEArU1LqRKGsuqjIAcVFmQqK0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOL Gp18EzoOH1u3Hs/lJBQesYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSr hRSGlVuXMlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVTXTzW nLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/HoZdenoVve8AjhUi VBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH4QIDAQABo0IwQDAOBgNVHQ8BAf8E BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJ KoZIhvcNAQEFBQADggEBADubj1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPy T/4xmf3IDExoU8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5bu/8j72gZyxKT J1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+bYQLCIt+jerXmCHG8+c8eS9e nNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/ErfF6adulZkMV8gzURZVE= -----END CERTIFICATE----- Baltimore CyberTrust Root ========================= -----BEGIN CERTIFICATE----- MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJRTESMBAGA1UE ChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3li ZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoXDTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMC SUUxEjAQBgNVBAoTCUJhbHRpbW9yZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFs dGltb3JlIEN5YmVyVHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKME uyKrmD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjrIZ3AQSsB UnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeKmpYcqWe4PwzV9/lSEy/C G9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSuXmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9 XbIGevOF6uvUA65ehD5f/xXtabz5OTZydc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjpr l3RjM71oGDHweI12v/yejl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoI VDaGezq1BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB BQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT929hkTI7gQCvlYpNRh cL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3WgxjkzSswF07r51XgdIGn9w/xZchMB5 hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsa Y71k5h+3zvDyny67G7fyUIhzksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9H RCwBXbsdtTLSR9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp -----END CERTIFICATE----- AddTrust Low-Value Services Root ================================ -----BEGIN CERTIFICATE----- MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRU cnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMwMTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQsw CQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBO ZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ulCDtbKRY6 54eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6ntGO0/7Gcrjyvd7ZWxbWr oulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyldI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1 Zmne3yzxbrww2ywkEtvrNTVokMsAsJchPXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJui GMx1I4S+6+JNM3GOGvDC+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8w HQYDVR0OBBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8EBTAD AQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBlMQswCQYDVQQGEwJT RTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEw HwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxt ZBsfzQ3duQH6lmM0MkhHma6X7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0Ph iVYrqW9yTkkz43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJlpz/+0WatC7xr mYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOAWiFeIc9TVPC6b4nbqKqVz4vj ccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk= -----END CERTIFICATE----- AddTrust External Root ====================== -----BEGIN CERTIFICATE----- MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEUMBIGA1UEChML QWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYD VQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEw NDgzOFowbzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRU cnVzdCBFeHRlcm5hbCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0Eg Um9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvtH7xsD821 +iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9uMq/NzgtHj6RQa1wVsfw Tz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzXmk6vBbOmcZSccbNQYArHE504B4YCqOmo aSYYkKtMsE8jqzpPhNjfzp/haW+710LXa0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy 2xSoRcRdKn23tNbE7qzNE0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv7 7+ldU9U0WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYDVR0P BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0Jvf6xCZU7wO94CTL VBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEmMCQGA1UECxMdQWRk VHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsxIjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENB IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZl j7DYd7usQWxHYINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvCNr4TDea9Y355 e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEXc4g/VhsxOBi0cQ+azcgOno4u G+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5amnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= -----END CERTIFICATE----- AddTrust Public Services Root ============================= -----BEGIN CERTIFICATE----- MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEUMBIGA1UEChML QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSAwHgYDVQQDExdBZGRU cnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAxMDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJ BgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5l dHdvcmsxIDAeBgNVBAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV6tsfSlbu nyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nXGCwwfQ56HmIexkvA/X1i d9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnPdzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSG Aa2Il+tmzV7R/9x98oTaunet3IAIx6eH1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAw HM+A+WD+eeSI8t0A65RF62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0G A1UdDgQWBBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB /zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDELMAkGA1UEBhMCU0Ux FDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRUcnVzdCBUVFAgTmV0d29yazEgMB4G A1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4 JNojVhaTdt02KLmuG7jD8WS6IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL +YPoRNWyQSW/iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh4SINhwBk/ox9 Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQmXiLsks3/QppEIW1cxeMiHV9H EufOX1362KqxMy3ZdvJOOjMMK7MtkAY= -----END CERTIFICATE----- AddTrust Qualified Certificates Root ==================================== -----BEGIN CERTIFICATE----- MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEUMBIGA1UEChML QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSMwIQYDVQQDExpBZGRU cnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcx CzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQ IE5ldHdvcmsxIzAhBgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwqxBb/4Oxx 64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G87B4pfYOQnrjfxvM0PC3 KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i2O+tCBGaKZnhqkRFmhJePp1tUvznoD1o L/BLcHwTOK28FSXx1s6rosAx1i+f4P8UWfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GR wVY18BTcZTYJbqukB8c10cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HU MIHRMB0GA1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/ BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6FrpGkwZzELMAkGA1UE BhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRUcnVzdCBUVFAgTmV0d29y azEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlmaWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQAD ggEBABmrder4i2VhlRO6aQTvhsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxG GuoYQ992zPlmhpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3P6CxB9bpT9ze RXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9YiQBCYz95OdBEsIJuQRno3eDB iFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5noxqE= -----END CERTIFICATE----- Entrust Root Certification Authority ==================================== -----BEGIN CERTIFICATE----- MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMCVVMxFjAUBgNV BAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0Lm5ldC9DUFMgaXMgaW5jb3Jw b3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMWKGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsG A1UEAxMkRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0 MloXDTI2MTEyNzIwNTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMu MTkwNwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSByZWZlcmVu Y2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNVBAMTJEVudHJ1c3QgUm9v dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ALaVtkNC+sZtKm9I35RMOVcF7sN5EUFoNu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYsz A9u3g3s+IIRe7bJWKKf44LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOww Cj0Yzfv9KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGIrb68 j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi94DkZfs0Nw4pgHBN rziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOBsDCBrTAOBgNVHQ8BAf8EBAMCAQYw DwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAigA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1 MzQyWjAfBgNVHSMEGDAWgBRokORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DH hmak8fdLQ/uEvW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9tO1KzKtvn1ISM Y/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6ZuaAGAT/3B+XxFNSRuzFVJ7yVTa v52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTS W3iDVuycNsMm4hH2Z0kdkquM++v/eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0 tHuu2guQOHXvgR1m0vdXcDazv/wor3ElhVsT/h5/WrQ8 -----END CERTIFICATE----- GeoTrust Global CA ================== -----BEGIN CERTIFICATE----- MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVTMRYwFAYDVQQK Ew1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9iYWwgQ0EwHhcNMDIwNTIxMDQw MDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5j LjEbMBkGA1UEAxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjo BbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDviS2Aelet 8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU1XupGc1V3sjs0l44U+Vc T4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagU vTLrGAMoUgRx5aszPeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTAD AQH/MB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVk DBF9qn1luMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKInZ57Q zxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfStQWVYrmm3ok9Nns4 d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcFPseKUgzbFbS9bZvlxrFUaKnjaZC2 mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Unhw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6p XE0zX5IJL4hmXXeXxx12E6nV5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvm Mw== -----END CERTIFICATE----- GeoTrust Global CA 2 ==================== -----BEGIN CERTIFICATE----- MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN R2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFsIENBIDIwHhcNMDQwMzA0MDUw MDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5j LjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDvPE1APRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/ NTL8Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hLTytCOb1k LUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL5mkWRxHCJ1kDs6ZgwiFA Vvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7S4wMcoKK+xfNAGw6EzywhIdLFnopsk/b HdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQF MAMBAf8wHQYDVR0OBBYEFHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNH K266ZUapEBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6tdEPx7 srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv/NgdRN3ggX+d6Yvh ZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywNA0ZF66D0f0hExghAzN4bcLUprbqL OzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkC x1YAzUm5s2x7UwQa4qjJqhIFI8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqF H4z1Ir+rzoPz4iIprn2DQKi6bA== -----END CERTIFICATE----- GeoTrust Universal CA ===================== -----BEGIN CERTIFICATE----- MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN R2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVyc2FsIENBMB4XDTA0MDMwNDA1 MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IElu Yy4xHjAcBgNVBAMTFUdlb1RydXN0IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIP ADCCAgoCggIBAKYVVaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9t JPi8cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTTQjOgNB0e RXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFhF7em6fgemdtzbvQKoiFs 7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2vc7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d 8Lsrlh/eezJS/R27tQahsiFepdaVaH/wmZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7V qnJNk22CDtucvc+081xdVHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3Cga Rr0BHdCXteGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZf9hB Z3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfReBi9Fi1jUIxaS5BZu KGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+nhutxx9z3SxPGWX9f5NAEC7S8O08 ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0 XG0D08DYj3rWMB8GA1UdIwQYMBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIB hjANBgkqhkiG9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fXIwjhmF7DWgh2 qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzynANXH/KttgCJwpQzgXQQpAvvL oJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0zuzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsK xr2EoyNB3tZ3b4XUhRxQ4K5RirqNPnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxF KyDuSN/n3QmOGKjaQI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2 DFKWkoRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9ER/frslK xfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQtDF4JbAiXfKM9fJP/P6EU p8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/SfuvmbJxPgWp6ZKy7PtXny3YuxadIwVyQD8vI P/rmMuGNG2+k5o7Y+SlIis5z/iw= -----END CERTIFICATE----- GeoTrust Universal CA 2 ======================= -----BEGIN CERTIFICATE----- MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN R2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVyc2FsIENBIDIwHhcNMDQwMzA0 MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3Qg SW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUA A4ICDwAwggIKAoICAQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0 DE81WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUGFF+3Qs17 j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdqXbboW0W63MOhBW9Wjo8Q JqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxLse4YuU6W3Nx2/zu+z18DwPw76L5GG//a QMJS9/7jOvdqdzXQ2o3rXhhqMcceujwbKNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2 WP0+GfPtDCapkzj4T8FdIgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP 20gaXT73y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRthAAn ZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgocQIgfksILAAX/8sgC SqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4Lt1ZrtmhN79UNdxzMk+MBB4zsslG 8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2 +/CfXGJx7Tz0RzgQKzAfBgNVHSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8E BAMCAYYwDQYJKoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQL1EuxBRa3ugZ 4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgrFg5fNuH8KrUwJM/gYwx7WBr+ mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSoag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpq A1Ihn0CoZ1Dy81of398j9tx4TuaYT1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpg Y+RdM4kX2TGq2tbzGDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiP pm8m1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJVOCiNUW7d FGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH6aLcr34YEoP9VhdBLtUp gn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwXQMAJKOSLakhT2+zNVVXxxvjpoixMptEm X36vWkzaH6byHCx+rgIW0lbQL1dTR+iS -----END CERTIFICATE----- Visa eCommerce Root =================== -----BEGIN CERTIFICATE----- MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBrMQswCQYDVQQG EwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2Ug QXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2 WhcNMjIwNjI0MDAxNjEyWjBrMQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMm VmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv bW1lcmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h2mCxlCfL F9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4ElpF7sDPwsRROEW+1QK8b RaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdVZqW1LS7YgFmypw23RuwhY/81q6UCzyr0 TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI /k4+oKsGGelT84ATB+0tvz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzs GHxBvfaLdXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG MB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUFAAOCAQEAX/FBfXxc CLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcRzCSs00Rsca4BIGsDoo8Ytyk6feUW YFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pz zkWKsKZJ/0x9nXGIxHYdkFsd7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBu YQa7FkKMcPcw++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt 398znM/jra6O1I7mT1GvFpLgXPYHDw== -----END CERTIFICATE----- Certum Root CA ============== -----BEGIN CERTIFICATE----- MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQK ExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBDQTAeFw0wMjA2MTExMDQ2Mzla Fw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8u by4xEjAQBgNVBAMTCUNlcnR1bSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6x wS7TT3zNJc4YPk/EjG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdL kKWoePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GIULdtlkIJ 89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapuOb7kky/ZR6By6/qmW6/K Uz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUgAKpoC6EahQGcxEZjgoi2IrHu/qpGWX7P NSzVttpd90gzFFS269lvzs2I1qsb2pY7HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkq hkiG9w0BAQUFAAOCAQEAuI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+ GXYkHAQaTOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTgxSvg GrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1qCjqTE5s7FCMTY5w/ 0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5xO/fIR/RpbxXyEV6DHpx8Uq79AtoS qFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs6GAqm4VKQPNriiTsBhYscw== -----END CERTIFICATE----- Comodo AAA Services root ======================== -----BEGIN CERTIFICATE----- MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg TGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAw MFoXDTI4MTIzMTIzNTk1OVowezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hl c3RlcjEQMA4GA1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQuaBtDFcCLNSS1UY8y2bmhG C1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe3M/vg4aijJRPn2jymJBGhCfHdr/jzDUs i14HZGWCwEiwqJH5YZ92IFCokcdmtet4YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszW Y19zjNoFmag4qMsXeDZRrOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjH Ypy+g8cmez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQUoBEK Iz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wewYDVR0f BHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNl cy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29tb2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2Vz LmNybDANBgkqhkiG9w0BAQUFAAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm 7l3sAg9g1o1QGE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2G9w84FoVxp7Z 8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsil2D4kF501KKaU73yqWjgom7C 12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== -----END CERTIFICATE----- Comodo Secure Services root =========================== -----BEGIN CERTIFICATE----- MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg TGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAw MDAwMFoXDTI4MTIzMTIzNTk1OVowfjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFu Y2hlc3RlcjEQMA4GA1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAi BgNVBAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPMcm3ye5drswfxdySRXyWP 9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3SHpR7LZQdqnXXs5jLrLxkU0C8j6ysNstc rbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rC oznl2yY4rYsK7hljxxwk3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3V p6ea5EQz6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNVHQ4E FgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w gYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1NlY3VyZUNlcnRpZmlj YXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRwOi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlm aWNhdGVTZXJ2aWNlcy5jcmwwDQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm 4J4oqF7Tt/Q05qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtIgKvcnDe4IRRL DXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJaD61JlfutuC23bkpgHl9j6Pw pCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDlizeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1H RR3B7Hzs/Sk= -----END CERTIFICATE----- Comodo Trusted Services root ============================ -----BEGIN CERTIFICATE----- MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg TGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEw MDAwMDBaFw0yODEyMzEyMzU5NTlaMH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1h bmNoZXN0ZXIxEDAOBgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUw IwYDVQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWWfnJSoBVC21ndZHoa0Lh7 3TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMtTGo87IvDktJTdyR0nAducPy9C1t2ul/y /9c3S0pgePfw+spwtOpZqqPOSC+pw7ILfhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6 juljatEPmsbS9Is6FARW1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsS ivnkBbA7kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0GA1Ud DgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB /zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21vZG9jYS5jb20vVHJ1c3RlZENlcnRp ZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRodHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENl cnRpZmljYXRlU2VydmljZXMuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8Ntw uleGFTQQuS9/HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32 pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxISjBc/lDb+XbDA BHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+xqFx7D+gIIxmOom0jtTYsU0l R+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/AtyjcndBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O 9y5Xt5hwXsjEeLBi -----END CERTIFICATE----- QuoVadis Root CA ================ -----BEGIN CERTIFICATE----- MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJCTTEZMBcGA1UE ChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAz MTkxODMzMzNaFw0yMTAzMTcxODMzMzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRp cyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQD EyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Ypli4kVEAkOPcahdxYTMuk J0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2DrOpm2RgbaIr1VxqYuvXtdj182d6UajtL F8HVj71lODqV0D1VNk7feVcxKh7YWWVJWCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeL YzcS19Dsw3sgQUSj7cugF+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWen AScOospUxbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCCAk4w PQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVvdmFkaXNvZmZzaG9y ZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREwggENMIIBCQYJKwYBBAG+WAABMIH7 MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNlIG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmlj YXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJs ZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYIKwYBBQUHAgEW Fmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3TKbkGGew5Oanwl4Rqy+/fMIGu BgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rqy+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkw FwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0 aG9yaXR5MS4wLAYDVQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6 tlCLMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSkfnIYj9lo fFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf87C9TqnN7Az10buYWnuul LsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1RcHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2x gI4JVrmcGmD+XcHXetwReNDWXcG31a0ymQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi 5upZIof4l/UO/erMkqQWxFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi 5nrQNiOKSnQ2+Q== -----END CERTIFICATE----- QuoVadis Root CA 2 ================== -----BEGIN CERTIFICATE----- MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoT EFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0wNjExMjQx ODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM aW1pdGVkMRswGQYDVQQDExJRdW9WYWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4IC DwAwggIKAoICAQCaGMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6 XJxgFyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55JWpzmM+Yk lvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bBrrcCaoF6qUWD4gXmuVbB lDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp+ARz8un+XJiM9XOva7R+zdRcAitMOeGy lZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt 66/3FsvbzSUr5R/7mp/iUcw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1Jdxn wQ5hYIizPtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og/zOh D7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UHoycR7hYQe7xFSkyy BNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuIyV77zGHcizN300QyNQliBJIWENie J0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1Ud DgQWBBQahGK8SEwzJQTU7tD2A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGU a6FJpEcwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2fBluornFdLwUv Z+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzng/iN/Ae42l9NLmeyhP3ZRPx3 UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2BlfF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodm VjB3pjd4M1IQWK4/YY7yarHvGH5KWWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK +JDSV6IZUaUtl0HaB0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrW IozchLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPRTUIZ3Ph1 WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWDmbA4CD/pXvk1B+TJYm5X f6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0ZohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II 4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8 VCLAAVBpQ570su9t+Oza8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u -----END CERTIFICATE----- QuoVadis Root CA 3 ================== -----BEGIN CERTIFICATE----- MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoT EFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMzAeFw0wNjExMjQx OTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM aW1pdGVkMRswGQYDVQQDExJRdW9WYWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4IC DwAwggIKAoICAQDMV0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNgg DhoB4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUrH556VOij KTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd8lyyBTNvijbO0BNO/79K DDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9CabwvvWhDFlaJKjdhkf2mrk7AyxRllDdLkgbv BNDInIjbC3uBr7E9KsRlOni27tyAsdLTmZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwp p5ijJUMv7/FfJuGITfhebtfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8 nT8KKdjcT5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDtWAEX MJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZc6tsgLjoC2SToJyM Gf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A4iLItLRkT9a6fUg+qGkM17uGcclz uD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYDVR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHT BgkrBgEEAb5YAAMwgcUwgZMGCCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmlj YXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVudC4wLQYIKwYB BQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2NwczALBgNVHQ8EBAMCAQYwHQYD VR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4GA1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4 ywLQoUmkRzBFMQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UE AxMSUXVvVmFkaXMgUm9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZV qyM07ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSemd1o417+s hvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd+LJ2w/w4E6oM3kJpK27z POuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2 Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadNt54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp 8kokUvd0/bpO5qgdAm6xDYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBC bjPsMZ57k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6szHXu g/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0jWy10QJLZYxkNc91p vGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeTmJlglFwjz1onl14LBQaTNx47aTbr qZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK4SVhM7JZG+Ju1zdXtg2pEto= -----END CERTIFICATE----- Security Communication Root CA ============================== -----BEGIN CERTIFICATE----- MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMP U0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEw HhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMP U0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw 8yl89f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJDKaVv0uM DPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9Ms+k2Y7CI9eNqPPYJayX 5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/NQV3Is00qVUarH9oe4kA92819uZKAnDfd DJZkndwi92SL32HeFZRSFaB9UslLqCHJxrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2 JChzAgMBAAGjPzA9MB0GA1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYw DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vGkl3g 0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfrUj94nK9NrvjVT8+a mCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5Bw+SUEmK3TGXX8npN6o7WWWXlDLJ s58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJUJRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ 6rBK+1YWc26sTfcioU+tHXotRSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAi FL39vmwLAw== -----END CERTIFICATE----- Sonera Class 2 Root CA ====================== -----BEGIN CERTIFICATE----- MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEPMA0GA1UEChMG U29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAxMDQwNjA3Mjk0MFoXDTIxMDQw NjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNVBAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJh IENsYXNzMiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3 /Ei9vX+ALTU74W+oZ6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybT dXnt5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s3TmVToMG f+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2EjvOr7nQKV0ba5cTppCD8P tOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu8nYybieDwnPz3BjotJPqdURrBGAgcVeH nfO+oJAjPYok4doh28MCAwEAAaMzMDEwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITT XjwwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt 0jSv9zilzqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/3DEI cbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvDFNr450kkkdAdavph Oe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6Tk6ezAyNlNzZRZxe7EJQY670XcSx EtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLH llpwrN9M -----END CERTIFICATE----- UTN USERFirst Hardware Root CA ============================== -----BEGIN CERTIFICATE----- MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCBlzELMAkGA1UE BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAd BgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgx OTIyWjCBlzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0 eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVz ZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdhcmUwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlI wrthdBKWHTxqctU8EGc6Oe0rE81m65UJM6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFd tqdt++BxF2uiiPsA3/4aMXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8 i4fDidNdoI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqIDsjf Pe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9KsyoUhbAgMBAAGjgbkw gbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFKFyXyYbKJhDlV0HN9WF lp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNF UkZpcnN0LUhhcmR3YXJlLmNybDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUF BwMGBggrBgEFBQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM //bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28GpgoiskliCE7/yMgUsogW XecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gECJChicsZUN/KHAG8HQQZexB2 lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kn iCrVWFCVH/A7HFe7fRQ5YiuayZSSKqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67 nfhmqA== -----END CERTIFICATE----- Camerfirma Chambers of Commerce Root ==================================== -----BEGIN CERTIFICATE----- MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEnMCUGA1UEChMe QUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1i ZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAx NjEzNDNaFw0zNzA5MzAxNjEzNDRaMH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZp cm1hIFNBIENJRiBBODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3Jn MSIwIAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0BAQEFAAOC AQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtbunXF/KGIJPov7coISjlU xFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0dBmpAPrMMhe5cG3nCYsS4No41XQEMIwRH NaqbYE6gZj3LJgqcQKH0XZi/caulAGgq7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jW DA+wWFjbw2Y3npuRVDM30pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFV d9oKDMyXroDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIGA1Ud EwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5jaGFtYmVyc2lnbi5v cmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p26EpW1eLTXYGduHRooowDgYDVR0P AQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hh bWJlcnNpZ24ub3JnMCcGA1UdEgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYD VR0gBFEwTzBNBgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEBAAxBl8IahsAi fJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZdp0AJPaxJRUXcLo0waLIJuvvD L8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wN UPf6s+xCX6ndbcj0dc97wXImsQEcXCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/n ADydb47kMgkdTXg0eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1 erfutGWaIZDgqtCYvDi1czyL+Nw= -----END CERTIFICATE----- Camerfirma Global Chambersign Root ================================== -----BEGIN CERTIFICATE----- MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEnMCUGA1UEChMe QUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1i ZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYx NDE4WhcNMzcwOTMwMTYxNDE4WjB9MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJt YSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEg MB4GA1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUAA4IBDQAw ggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0Mi+ITaFgCPS3CU6gSS9J 1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/sQJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8O by4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpVeAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl 6DJWk0aJqCWKZQbua795B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c 8lCrEqWhz0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0TAQH/ BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1iZXJzaWduLm9yZy9j aGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4wTcbOX60Qq+UDpfqpFDAOBgNVHQ8B Af8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBj aGFtYmVyc2lnbi5vcmcwKgYDVR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9y ZzBbBgNVHSAEVDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0BAQUFAAOCAQEA PDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUMbKGKfKX0j//U2K0X1S0E0T9Y gOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXiryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJ PJ7oKXqJ1/6v/2j1pReQvayZzKWGVwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4 IBHNfTIzSJRUTN3cecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREes t2d/AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== -----END CERTIFICATE----- XRamp Global CA Root ==================== -----BEGIN CERTIFICATE----- MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UE BhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2Vj dXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB dXRob3JpdHkwHhcNMDQxMTAxMTcxNDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMx HjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkg U2VydmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3Jp dHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS638eMpSe2OAtp87ZOqCwu IR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCPKZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMx foArtYzAQDsRhtDLooY2YKTVMIJt2W7QDxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FE zG+gSqmUsE3a56k0enI4qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqs AxcZZPRaJSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNViPvry xS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1Ud EwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASsjVy16bYbMDYGA1UdHwQvMC0wK6Ap oCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMC AQEwDQYJKoZIhvcNAQEFBQADggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc /Kh4ZzXxHfARvbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLaIR9NmXmd4c8n nxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSyi6mx5O+aGtA9aZnuqCij4Tyz 8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQO+7ETPTsJ3xCwnR8gooJybQDJbw= -----END CERTIFICATE----- Go Daddy Class 2 CA =================== -----BEGIN CERTIFICATE----- MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMY VGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRp ZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkG A1UEBhMCVVMxITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28g RGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQAD ggENADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCAPVYYYwhv 2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6wwdhFJ2+qN1j3hybX2C32 qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXiEqITLdiOr18SPaAIBQi2XKVlOARFmR6j YGB0xUGlcmIbYsUfb18aQr4CUWWoriMYavx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmY vLEHZ6IVDd2gWMZEewo+YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0O BBYEFNLEsNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h/t2o atTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMu MTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwG A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wim PQoZ+YeAEW5p5JYXMP80kWNyOO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKt I3lpjbi2Tc7PTMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mERdEr/VxqHD3VI Ls9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5CufReYNnyicsbkqWletNw+vHX/b vZ8= -----END CERTIFICATE----- Starfield Class 2 CA ==================== -----BEGIN CERTIFICATE----- MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzElMCMGA1UEChMc U3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZpZWxkIENsYXNzIDIg Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQwNjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBo MQswCQYDVQQGEwJVUzElMCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAG A1UECxMpU3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqG SIb3DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf8MOh2tTY bitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN+lq2cwQlZut3f+dZxkqZ JRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVm epsZGD3/cVE8MC5fvj13c7JdBmzDI1aaK4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSN F4Azbl5KXZnJHoe0nRrA1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HF MIHCMB0GA1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fRzt0f hvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNo bm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBDbGFzcyAyIENlcnRpZmljYXRpb24g QXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGs afPzWdqbAYcaT1epoXkJKtv3L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLM PUxA2IGvd56Deruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynpVSJYACPq4xJD KVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEYWQPJIrSPnNVeKtelttQKbfi3 QBFGmh95DmK/D5fs4C8fF5Q= -----END CERTIFICATE----- StartCom Certification Authority ================================ -----BEGIN CERTIFICATE----- MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMN U3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmlu ZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0 NjM2WhcNMzYwOTE3MTk0NjM2WjB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRk LjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMg U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw ggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZkpMyONvg45iPwbm2xPN1y o4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rfOQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/ Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/CJi/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/d eMotHweXMAEtcnn6RtYTKqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt 2PZE4XNiHzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMMAv+Z 6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w+2OqqGwaVLRcJXrJ osmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/ untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVc UjyJthkqcwEKDwOzEmDyei+B26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT 37uMdBNSSwIDAQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9jZXJ0LnN0YXJ0 Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3JsLnN0YXJ0Y29tLm9yZy9zZnNj YS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFMBgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUH AgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRw Oi8vY2VydC5zdGFydGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYg U3RhcnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlhYmlsaXR5 LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2YgdGhlIFN0YXJ0Q29tIENl cnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFpbGFibGUgYXQgaHR0cDovL2NlcnQuc3Rh cnRjb20ub3JnL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilT dGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOC AgEAFmyZ9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8jhvh 3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUWFjgKXlf2Ysd6AgXm vB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJzewT4F+irsfMuXGRuczE6Eri8sxHk fY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3 fsNrarnDy0RLrHiQi+fHLB5LEUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZ EoalHmdkrQYuL6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuCO3NJo2pXh5Tl 1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6Vum0ABj6y6koQOdjQK/W/7HW/ lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkyShNOsF/5oirpt9P/FlUQqmMGqz9IgcgA38coro g14= -----END CERTIFICATE----- Taiwan GRCA =========== -----BEGIN CERTIFICATE----- MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/MQswCQYDVQQG EwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4X DTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1owPzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dv dmVybm1lbnQgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQAD ggIPADCCAgoCggIBAJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qN w8XRIePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1qgQdW8or5 BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKyyhwOeYHWtXBiCAEuTk8O 1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAtsF/tnyMKtsc2AtJfcdgEWFelq16TheEfO htX7MfP6Mb40qij7cEwdScevLJ1tZqa2jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wov J5pGfaENda1UhhXcSTvxls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7 Q3hub/FCVGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHKYS1t B6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoHEgKXTiCQ8P8NHuJB O9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThNXo+EHWbNxWCWtFJaBYmOlXqYwZE8 lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1UdDgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNV HRMEBTADAQH/MDkGBGcqBwAEMTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg2 09yewDL7MTqKUWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyfqzvS/3WXy6Tj Zwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaKZEk9GhiHkASfQlK3T8v+R0F2 Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFEJPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlU D7gsL0u8qV1bYH+Mh6XgUmMqvtg7hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6Qz DxARvBMB1uUO07+1EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+Hbk Z6MmnD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WXudpVBrkk 7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44VbnzssQwmSNOXfJIoRIM3BKQ CZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDeLMDDav7v3Aun+kbfYNucpllQdSNpc5Oy +fwC00fmcc4QAu4njIT/rEUNE1yDMuAlpYYsfPQS -----END CERTIFICATE----- Swisscom Root CA 1 ================== -----BEGIN CERTIFICATE----- MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQG EwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2VydGlmaWNhdGUgU2Vy dmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3QgQ0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4 MTgyMjA2MjBaMGQxCzAJBgNVBAYTAmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGln aXRhbCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIIC IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9m2BtRsiM MW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdihFvkcxC7mlSpnzNApbjyF NDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/TilftKaNXXsLmREDA/7n29uj/x2lzZAe AR81sH8A25Bvxn570e56eqeqDFdvpG3FEzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkC b6dJtDZd0KTeByy2dbcokdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn 7uHbHaBuHYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNFvJbN cA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo19AOeCMgkckkKmUp WyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjCL3UcPX7ape8eYIVpQtPM+GP+HkM5 haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJWbjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNY MUJDLXT5xp6mig/p/r+D5kNXJLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYw HQYDVR0hBBYwFDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzcK6FptWfUjNP9 MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzfky9NfEBWMXrrpA9gzXrzvsMn jgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7IkVh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQ MbFamIp1TpBcahQq4FJHgmDmHtqBsfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4H VtA4oJVwIHaM190e3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtl vrsRls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ipmXeascCl OS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HHb6D0jqTsNFFbjCYDcKF3 1QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksfrK/7DZBaZmBwXarNeNQk7shBoJMBkpxq nvy5JMWzFYJ+vq6VK+uxwNrjAWALXmmshFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCy x/yP2FS1k2Kdzs9Z+z0YzirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMW NY6E0F/6MBr1mmz0DlP5OlvRHA== -----END CERTIFICATE----- DigiCert Assured ID Root CA =========================== -----BEGIN CERTIFICATE----- MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQG EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQw IgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzEx MTEwMDAwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQL ExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0Ew ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7cJpSIqvTO 9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYPmDI2dsze3Tyoou9q+yHy UmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW /lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpy oeb6pNnVFzF1roV9Iq4/AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whf GHdPAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRF 66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzANBgkq hkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRCdWKuh+vy1dneVrOfzM4UKLkNl2Bc EkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTffwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38Fn SbNd67IJKusm7Xi+fT8r87cmNW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i 8b5QZ7dsvfPxH2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe +o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g== -----END CERTIFICATE----- DigiCert Global Root CA ======================= -----BEGIN CERTIFICATE----- MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQG EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAw HgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAw MDAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3 dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOn TjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5 BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H 4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y 7vrTC0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQAB o2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbRTLtm 8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEF BQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/EsrhMAtudXH/vTBH1jLuG2cenTnmCmr EbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIt tep3Sp+dWOIrWcBAI+0tKIJFPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886 UAb3LujEV0lsYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= -----END CERTIFICATE----- DigiCert High Assurance EV Root CA ================================== -----BEGIN CERTIFICATE----- MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQG EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSsw KQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAw MFoXDTMxMTExMDAwMDAwMFowbDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZ MBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFu Y2UgRVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm+9S75S0t Mqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTWPNt0OKRKzE0lgvdKpVMS OO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEMxChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3 MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFBIk5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQ NAQTXKFx01p8VdteZOE3hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUe h10aUAsgEsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSY JhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3NecnzyIZgYIVyHbIUf4KmeqvxgydkAQ V8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6zeM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFp myPInngiK3BD41VHMWEZ71jFhS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkK mNEVX58Svnw2Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep+OkuE6N36B9K -----END CERTIFICATE----- Certplus Class 2 Primary CA =========================== -----BEGIN CERTIFICATE----- MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UE BhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFzcyAyIFByaW1hcnkgQ0EwHhcN OTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2Vy dHBsdXMxGzAZBgNVBAMTEkNsYXNzIDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANxQltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR 5aiRVhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyLkcAbmXuZ Vg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCdEgETjdyAYveVqUSISnFO YFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yasH7WLO7dDWWuwJKZtkIvEcupdM5i3y95e e++U8Rs+yskhwcWYAqqi9lt3m/V+llU0HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRME CDAGAQH/AgEKMAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJ YIZIAYb4QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMuY29t L0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/AN9WM2K191EBkOvD P9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8yfFC82x/xXp8HVGIutIKPidd3i1R TtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMRFcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+ 7UCmnYR0ObncHoUW2ikbhiMAybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW //1IMwrh3KWBkJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7 l7+ijrRU -----END CERTIFICATE----- DST Root CA X3 ============== -----BEGIN CERTIFICATE----- MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/MSQwIgYDVQQK ExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4X DTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVowPzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1 cmUgVHJ1c3QgQ28uMRcwFQYDVQQDEw5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmT rE4Orz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEqOLl5CjH9 UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9bxiqKqy69cK3FCxolkHRy xXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40d utolucbY38EVAjqr2m7xPi71XAicPNaDaeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0T AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQ MA0GCSqGSIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69ikug dB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXrAvHRAosZy5Q6XkjE GB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZzR8srzJmwN0jP41ZL9c8PDHIyh8bw RLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubS fZGL+T0yjWW06XyxV3bqxbYoOb8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ -----END CERTIFICATE----- DST ACES CA X6 ============== -----BEGIN CERTIFICATE----- MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBbMQswCQYDVQQG EwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QxETAPBgNVBAsTCERTVCBBQ0VT MRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0wMzExMjAyMTE5NThaFw0xNzExMjAyMTE5NTha MFsxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UE CxMIRFNUIEFDRVMxFzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPuktKe1jzI DZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7gLFViYsx+tC3dr5BPTCa pCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZHfAjIgrrep4c9oW24MFbCswKBXy314pow GCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4aahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPy MjwmR/onJALJfh1biEITajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1Ud EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rkc3Qu Y29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjtodHRwOi8vd3d3LnRy dXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMtaW5kZXguaHRtbDAdBgNVHQ4EFgQU CXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZIhvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V2 5FYrnJmQ6AgwbN99Pe7lv7UkQIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6t Fr8hlxCBPeP/h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpRrscL9yuwNwXs vFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf29w4LTJxoeHtxMcfrHuBnQfO3 oKfN5XozNmr6mis= -----END CERTIFICATE----- SwissSign Gold CA - G2 ====================== -----BEGIN CERTIFICATE----- MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkNIMRUw EwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2lnbiBHb2xkIENBIC0gRzIwHhcN MDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBFMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dp c3NTaWduIEFHMR8wHQYDVQQDExZTd2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0B AQEFAAOCAg8AMIICCgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUq t2/876LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+bbqBHH5C jCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c6bM8K8vzARO/Ws/BtQpg vd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqEemA8atufK+ze3gE/bk3lUIbLtK/tREDF ylqM2tIrfKjuvqblCqoOpd8FUrdVxyJdMmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvR AiTysybUa9oEVeXBCsdtMDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuend jIj3o02yMszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69yFGkO peUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPiaG59je883WX0XaxR 7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxMgI93e2CaHt+28kgeDrpOVG2Y4OGi GqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUw AwEB/zAdBgNVHQ4EFgQUWyV7lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64 OfPAeGZe6Drn8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe645R88a7A3hfm 5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczOUYrHUDFu4Up+GC9pWbY9ZIEr 44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOf Mke6UiI0HTJ6CVanfCU2qT1L2sCCbwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6m Gu6uLftIdxf+u+yvGPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxp mo/a77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCChdiDyyJk vC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid392qgQmwLOM7XdVAyksLf KzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEppLd6leNcG2mqeSz53OiATIgHQv2ieY2Br NU0LbbqhPcCT4H8js1WtciVORvnSFu+wZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6Lqj viOvrv1vA+ACOzB2+httQc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ -----END CERTIFICATE----- SwissSign Silver CA - G2 ======================== -----BEGIN CERTIFICATE----- MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCQ0gxFTAT BgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMB4X DTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0NlowRzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3 aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644 N0MvFz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7brYT7QbNHm +/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieFnbAVlDLaYQ1HTWBCrpJH 6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH6ATK72oxh9TAtvmUcXtnZLi2kUpCe2Uu MGoM9ZDulebyzYLs2aFK7PayS+VFheZteJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5h qAaEuSh6XzjZG6k4sIN/c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5 FZGkECwJMoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRHHTBs ROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTfjNFusB3hB48IHpmc celM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb65i/4z3GcRm25xBWNOHkDRUjvxF3X CO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOBrDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ BAUwAwEB/zAdBgNVHQ4EFgQUF6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRB tjpbO8tFnb0cwpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0 cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBAHPGgeAn0i0P 4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShpWJHckRE1qTodvBqlYJ7YH39F kWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L 3XWgwF15kIwb4FDm3jH+mHtwX6WQ2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx /uNncqCxv1yL5PqZIseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFa DGi8aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2Xem1ZqSqP e97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQRdAtq/gsD/KNVV4n+Ssuu WxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJ DIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ub DgEj8Z+7fNzcbBGXJbLytGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u -----END CERTIFICATE----- GeoTrust Primary Certification Authority ======================================== -----BEGIN CERTIFICATE----- MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQG EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMoR2VvVHJ1c3QgUHJpbWFyeSBD ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjExMjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgx CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQ cmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9AWbK7hWN b6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjAZIVcFU2Ix7e64HXprQU9 nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE07e9GceBrAqg1cmuXm2bgyxx5X9gaBGge RwLmnWDiNpcB3841kt++Z8dtd1k7j53WkBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGt tm/81w7a4DSwDRp35+MImO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTAD AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJKoZI hvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ16CePbJC/kRYkRj5K Ts4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl4b7UVXGYNTq+k+qurUKykG/g/CFN NWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6KoKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHa Floxt/m0cYASSJlyc1pZU8FjUjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG 1riR/aYNKxoUAT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk= -----END CERTIFICATE----- thawte Primary Root CA ====================== -----BEGIN CERTIFICATE----- MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCBqTELMAkGA1UE BhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhv cml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3 MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwg SW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMv KGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMT FnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs oPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ 1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGc q/gcfomk6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/K aAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR32HuHUETVPm4p afs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYD VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUF AAOCAQEAeRHAS7ORtvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2/qxAeeWsEG89 jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVH z7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA== -----END CERTIFICATE----- VeriSign Class 3 Public Primary Certification Authority - G5 ============================================================ -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO ZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVk IHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRp ZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCB yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2ln biBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBh dXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmlt YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKz j/i5Vbext0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhD Y2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/ Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNHiDxpg8v+R70r fk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/ BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2Uv Z2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqG SIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzEp6B4Eq1iDkVwZMXnl2YtmAl+ X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKE KQsTb47bDN0lAtukixlE0kF6BWlKWE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiC Km0oHw0LxOXnGiYZ4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vE ZV8NhnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq -----END CERTIFICATE----- SecureTrust CA ============== -----BEGIN CERTIFICATE----- MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBIMQswCQYDVQQG EwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xFzAVBgNVBAMTDlNlY3VyZVRy dXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIzMTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAe BgNVBAoTF1NlY3VyZVRydXN0IENvcnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQX OZEzZum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO0gMdA+9t DWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIaowW8xQmxSPmjL8xk037uH GFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b 01k/unK8RCSc43Oz969XL0Imnal0ugBS8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmH ursCAwEAAaOBnTCBmjATBgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/ BAUwAwEB/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCegJYYj aHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQAwDQYJ KoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt36Z3q059c4EVlew3KW+JwULKUBRSu SceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHf mbx8IVQr5Fiiu1cprp6poxkmD5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZ nMUFdAvnZyPSCPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR 3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE= -----END CERTIFICATE----- Secure Global CA ================ -----BEGIN CERTIFICATE----- MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQG EwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBH bG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkxMjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEg MB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwg Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jx YDiJiQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa/FHtaMbQ bqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJjnIFHovdRIWCQtBJwB1g 8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnIHmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYV HDGA76oYa8J719rO+TMg1fW9ajMtgQT7sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi 0XPnj3pDAgMBAAGjgZ0wgZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1Ud EwEB/wQFMAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCswKaAn oCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsGAQQBgjcVAQQDAgEA MA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0LURYD7xh8yOOvaliTFGCRsoTciE6+ OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXOH0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cn CDpOGR86p1hcF895P4vkp9MmI50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/5 3CYNv6ZHdAbYiNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW -----END CERTIFICATE----- COMODO Certification Authority ============================== -----BEGIN CERTIFICATE----- MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCBgTELMAkGA1UE BhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgG A1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNVBAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1 dGhvcml0eTAeFw0wNjEyMDEwMDAwMDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEb MBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFD T01PRE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3UcEbVASY06m/weaKXTuH +7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI2GqGd0S7WWaXUF601CxwRM/aN5VCaTww xHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV 4EajcNxo2f8ESIl33rXp+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA 1KGzqSX+DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5OnKVI rLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW/zAOBgNVHQ8BAf8E BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vY3JsLmNvbW9k b2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOC AQEAPpiem/Yb6dc5t3iuHXIYSdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CP OGEIqB6BCsAvIC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/ RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4zJVSk/BwJVmc IGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5ddBA6+C4OmF4O5MBKgxTMVBbkN +8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IBZQ== -----END CERTIFICATE----- Network Solutions Certificate Authority ======================================= -----BEGIN CERTIFICATE----- MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQG EwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydOZXR3b3Jr IFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMx MjM1OTU5WjBiMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwzc7MEL7xx jOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPPOCwGJgl6cvf6UDL4wpPT aaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rlmGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXT crA/vGp97Eh/jcOrqnErU2lBUzS1sLnFBgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc /Qzpf14Dl847ABSHJ3A4qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMB AAGjgZcwgZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIBBjAP BgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwubmV0c29sc3NsLmNv bS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3JpdHkuY3JsMA0GCSqGSIb3DQEBBQUA A4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc86fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q 4LqILPxFzBiwmZVRDuwduIj/h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/ GGUsyfJj4akH/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHNpGxlaKFJdlxD ydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey -----END CERTIFICATE----- WellsSecure Public Root Certificate Authority ============================================= -----BEGIN CERTIFICATE----- MIIEvTCCA6WgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoM F1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYw NAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcN MDcxMjEzMTcwNzU0WhcNMjIxMjE0MDAwNzU0WjCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoMF1dl bGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYD VQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDub7S9eeKPCCGeOARBJe+rWxxTkqxtnt3CxC5FlAM1 iGd0V+PfjLindo8796jE2yljDpFoNoqXjopxaAkH5OjUDk/41itMpBb570OYj7OeUt9tkTmPOL13 i0Nj67eT/DBMHAGTthP796EfvyXhdDcsHqRePGj4S78NuR4uNuip5Kf4D8uCdXw1LSLWwr8L87T8 bJVhHlfXBIEyg1J55oNjz7fLY4sR4r1e6/aN7ZVyKLSsEmLpSjPmgzKuBXWVvYSV2ypcm44uDLiB K0HmOFafSZtsdvqKXfcBeYF8wYNABf5x/Qw/zE5gCQ5lRxAvAcAFP4/4s0HvWkJ+We/SlwxlAgMB AAGjggE0MIIBMDAPBgNVHRMBAf8EBTADAQH/MDkGA1UdHwQyMDAwLqAsoCqGKGh0dHA6Ly9jcmwu cGtpLndlbGxzZmFyZ28uY29tL3dzcHJjYS5jcmwwDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBQm lRkQ2eihl5H/3BnZtQQ+0nMKajCBsgYDVR0jBIGqMIGngBQmlRkQ2eihl5H/3BnZtQQ+0nMKaqGB i6SBiDCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRww GgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMg Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmCAQEwDQYJKoZIhvcNAQEFBQADggEBALkVsUSRzCPI K0134/iaeycNzXK7mQDKfGYZUMbVmO2rvwNa5U3lHshPcZeG1eMd/ZDJPHV3V3p9+N701NX3leZ0 bh08rnyd2wIDBSxxSyU+B+NemvVmFymIGjifz6pBA4SXa5M4esowRBskRDPQ5NHcKDj0E0M1NSlj qHyita04pO2t/caaH/+Xc/77szWnk4bGdpEA5qxRFsQnMlzbc9qlk1eOPm01JghZ1edE13YgY+es E2fDbbFwRnzVlhE9iW9dqKHrjQrawx0zbKPqZxmamX9LPYNRKh3KL4YMon4QLSvUFpULB6ouFJJJ tylv2G0xffX8oRAHh84vWdw+WNs= -----END CERTIFICATE----- COMODO ECC Certification Authority ================================== -----BEGIN CERTIFICATE----- MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTELMAkGA1UEBhMC R0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UE ChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBB dXRob3JpdHkwHhcNMDgwMzA2MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0Ix GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRo b3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSRFtSrYpn1PlILBs5BAH+X 4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0JcfRK9ChQtP6IHG4/bC8vCVlbpVsLM5ni wz2J+Wos77LTBumjQjBAMB0GA1UdDgQWBBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8E BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VG FAkK+qDmfQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdvGDeA U/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY= -----END CERTIFICATE----- Security Communication EV RootCA1 ================================= -----BEGIN CERTIFICATE----- MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDElMCMGA1UEChMc U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMhU2VjdXJpdHkgQ29tbXVuaWNh dGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIzMloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UE BhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNl Y3VyaXR5IENvbW11bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSERMqm4miO /VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gOzXppFodEtZDkBp2uoQSX WHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4z ZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDFMxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4 bepJz11sS6/vmsJWXMY1VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK 9U2vP9eCOKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqG SIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HWtWS3irO4G8za+6xm iEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZq51ihPZRwSzJIxXYKLerJRO1RuGG Av8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDbEJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnW mHyojf6GPgcWkuF75x3sM3Z+Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEW T1MKZPlO9L9OVL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490 -----END CERTIFICATE----- OISTE WISeKey Global Root GA CA =============================== -----BEGIN CERTIFICATE----- MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCBijELMAkGA1UE BhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHlyaWdodCAoYykgMjAwNTEiMCAG A1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBH bG9iYWwgUm9vdCBHQSBDQTAeFw0wNTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYD VQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIw IAYDVQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5 IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0+zAJs9 Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxRVVuuk+g3/ytr6dTqvirdqFEr12bDYVxg Asj1znJ7O7jyTmUIms2kahnBAbtzptf2w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbD d50kc3vkDIzh2TbhmYsFmQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ /yxViJGg4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t94B3R LoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw AwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQwEAYJKwYBBAGCNxUBBAMCAQAwDQYJ KoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOxSPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vIm MMkQyh2I+3QZH4VFvbBsUfk2ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4 +vg1YFkCExh8vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXa hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZiFj4A4xylNoEY okxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ/L7fCg0= -----END CERTIFICATE----- Microsec e-Szigno Root CA ========================= -----BEGIN CERTIFICATE----- MIIHqDCCBpCgAwIBAgIRAMy4579OKRr9otxmpRwsDxEwDQYJKoZIhvcNAQEFBQAwcjELMAkGA1UE BhMCSFUxETAPBgNVBAcTCEJ1ZGFwZXN0MRYwFAYDVQQKEw1NaWNyb3NlYyBMdGQuMRQwEgYDVQQL EwtlLVN6aWdubyBDQTEiMCAGA1UEAxMZTWljcm9zZWMgZS1Temlnbm8gUm9vdCBDQTAeFw0wNTA0 MDYxMjI4NDRaFw0xNzA0MDYxMjI4NDRaMHIxCzAJBgNVBAYTAkhVMREwDwYDVQQHEwhCdWRhcGVz dDEWMBQGA1UEChMNTWljcm9zZWMgTHRkLjEUMBIGA1UECxMLZS1Temlnbm8gQ0ExIjAgBgNVBAMT GU1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDtyADVgXvNOABHzNuEwSFpLHSQDCHZU4ftPkNEU6+r+ICbPHiN1I2uuO/TEdyB5s87lozWbxXG d36hL+BfkrYn13aaHUM86tnsL+4582pnS4uCzyL4ZVX+LMsvfUh6PXX5qqAnu3jCBspRwn5mS6/N oqdNAoI/gqyFxuEPkEeZlApxcpMqyabAvjxWTHOSJ/FrtfX9/DAFYJLG65Z+AZHCabEeHXtTRbjc QR/Ji3HWVBTji1R4P770Yjtb9aPs1ZJ04nQw7wHb4dSrmZsqa/i9phyGI0Jf7Enemotb9HI6QMVJ PqW+jqpx62z69Rrkav17fVVA71hu5tnVvCSrwe+3AgMBAAGjggQ3MIIEMzBnBggrBgEFBQcBAQRb MFkwKAYIKwYBBQUHMAGGHGh0dHBzOi8vcmNhLmUtc3ppZ25vLmh1L29jc3AwLQYIKwYBBQUHMAKG IWh0dHA6Ly93d3cuZS1zemlnbm8uaHUvUm9vdENBLmNydDAPBgNVHRMBAf8EBTADAQH/MIIBcwYD VR0gBIIBajCCAWYwggFiBgwrBgEEAYGoGAIBAQEwggFQMCgGCCsGAQUFBwIBFhxodHRwOi8vd3d3 LmUtc3ppZ25vLmh1L1NaU1ovMIIBIgYIKwYBBQUHAgIwggEUHoIBEABBACAAdABhAG4A+gBzAO0A dAB2AOEAbgB5ACAA6QByAHQAZQBsAG0AZQB6AOkAcwDpAGgAZQB6ACAA6QBzACAAZQBsAGYAbwBn AGEAZADhAHMA4QBoAG8AegAgAGEAIABTAHoAbwBsAGcA4QBsAHQAYQB0APMAIABTAHoAbwBsAGcA 4QBsAHQAYQB0AOEAcwBpACAAUwB6AGEAYgDhAGwAeQB6AGEAdABhACAAcwB6AGUAcgBpAG4AdAAg AGsAZQBsAGwAIABlAGwAagDhAHIAbgBpADoAIABoAHQAdABwADoALwAvAHcAdwB3AC4AZQAtAHMA egBpAGcAbgBvAC4AaAB1AC8AUwBaAFMAWgAvMIHIBgNVHR8EgcAwgb0wgbqggbeggbSGIWh0dHA6 Ly93d3cuZS1zemlnbm8uaHUvUm9vdENBLmNybIaBjmxkYXA6Ly9sZGFwLmUtc3ppZ25vLmh1L0NO PU1pY3Jvc2VjJTIwZS1Temlnbm8lMjBSb290JTIwQ0EsT1U9ZS1Temlnbm8lMjBDQSxPPU1pY3Jv c2VjJTIwTHRkLixMPUJ1ZGFwZXN0LEM9SFU/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdDtiaW5h cnkwDgYDVR0PAQH/BAQDAgEGMIGWBgNVHREEgY4wgYuBEGluZm9AZS1zemlnbm8uaHWkdzB1MSMw IQYDVQQDDBpNaWNyb3NlYyBlLVN6aWduw7MgUm9vdCBDQTEWMBQGA1UECwwNZS1TemlnbsOzIEhT WjEWMBQGA1UEChMNTWljcm9zZWMgS2Z0LjERMA8GA1UEBxMIQnVkYXBlc3QxCzAJBgNVBAYTAkhV MIGsBgNVHSMEgaQwgaGAFMegSXUWYYTbMUuE0vE3QJDvTtz3oXakdDByMQswCQYDVQQGEwJIVTER MA8GA1UEBxMIQnVkYXBlc3QxFjAUBgNVBAoTDU1pY3Jvc2VjIEx0ZC4xFDASBgNVBAsTC2UtU3pp Z25vIENBMSIwIAYDVQQDExlNaWNyb3NlYyBlLVN6aWdubyBSb290IENBghEAzLjnv04pGv2i3Gal HCwPETAdBgNVHQ4EFgQUx6BJdRZhhNsxS4TS8TdAkO9O3PcwDQYJKoZIhvcNAQEFBQADggEBANMT nGZjWS7KXHAM/IO8VbH0jgdsZifOwTsgqRy7RlRw7lrMoHfqaEQn6/Ip3Xep1fvj1KcExJW4C+FE aGAHQzAxQmHl7tnlJNUb3+FKG6qfx1/4ehHqE5MAyopYse7tDk2016g2JnzgOsHVV4Lxdbb9iV/a 86g4nzUGCM4ilb7N1fy+W955a9x6qWVmvrElWl/tftOsRm1M9DKHtCAE4Gx4sHfRhUZLphK3dehK yVZs15KrnfVJONJPU+NVkBHbmJbGSfI+9J8b4PeI3CVimUTYc78/MPMMNz7UwiiAc7EBt51alhQB S6kRnSlqLtBdgcDPsiBDxwPgN05dCtxZICU= -----END CERTIFICATE----- Certigna ======== -----BEGIN CERTIFICATE----- MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNVBAYTAkZSMRIw EAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4XDTA3MDYyOTE1MTMwNVoXDTI3 MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwI Q2VydGlnbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7q XOEm7RFHYeGifBZ4QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyH GxnygQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbwzBfsV1/p ogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q130yGLMLLGq/jj8UEYkg DncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKf Irjxwo1p3Po6WAbfAgMBAAGjgbwwgbkwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQ tCRZvgHyUtVF9lo53BEwZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJ BgNVBAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzjAQ/J SP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG9w0BAQUFAAOCAQEA hQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8hbV6lUmPOEvjvKtpv6zf+EwLHyzs+ ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFncfca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1klu PBS1xp81HlDQwY9qcEQCYsuuHWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY 1gkIl2PlwS6wt0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== -----END CERTIFICATE----- Deutsche Telekom Root CA 2 ========================== -----BEGIN CERTIFICATE----- MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEcMBoGA1UEChMT RGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2VjIFRydXN0IENlbnRlcjEjMCEG A1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENBIDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5 MjM1OTAwWjBxMQswCQYDVQQGEwJERTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0G A1UECxMWVC1UZWxlU2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBS b290IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEUha88EOQ5 bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhCQN/Po7qCWWqSG6wcmtoI KyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1MjwrrFDa1sPeg5TKqAyZMg4ISFZbavva4VhY AUlfckE8FQYBjl2tqriTtM2e66foai1SNNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aK Se5TBY8ZTNXeWHmb0mocQqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTV jlsB9WoHtxa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAPBgNV HRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAlGRZrTlk5ynr E/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756AbrsptJh6sTtU6zkXR34ajgv8HzFZMQSy zhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpaIzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8 rZ7/gFnkm0W09juwzTkZmDLl6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4G dyd1Lx+4ivn+xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU Cm26OWMohpLzGITY+9HPBVZkVw== -----END CERTIFICATE----- Cybertrust Global Root ====================== -----BEGIN CERTIFICATE----- MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYGA1UEChMPQ3li ZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBSb290MB4XDTA2MTIxNTA4 MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQD ExZDeWJlcnRydXN0IEdsb2JhbCBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +Mi8vRRQZhP/8NN57CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW 0ozSJ8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2yHLtgwEZL AfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iPt3sMpTjr3kfb1V05/Iin 89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNzFtApD0mpSPCzqrdsxacwOUBdrsTiXSZT 8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAYXSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAP BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2 MDSgMqAwhi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3JsMB8G A1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUAA4IBAQBW7wojoFRO lZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMjWqd8BfP9IjsO0QbE2zZMcwSO5bAi 5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUxXOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2 hO0j9n0Hq0V+09+zv+mKts2oomcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+T X3EJIrduPuocA06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW WL1WMRJOEcgh4LMRkWXbtKaIOM5V -----END CERTIFICATE----- ePKI Root Certification Authority ================================= -----BEGIN CERTIFICATE----- MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQG EwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0ZC4xKjAoBgNVBAsMIWVQS0kg Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMx MjdaMF4xCzAJBgNVBAYTAlRXMSMwIQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEq MCgGA1UECwwhZVBLSSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0B AQEFAAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAHSyZbCUNs IZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAhijHyl3SJCRImHJ7K2RKi lTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3XDZoTM1PRYfl61dd4s5oz9wCGzh1NlDiv qOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX 12ruOzjjK9SXDrkb5wdJfzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0O WQqraffAsgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uUWH1+ ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLSnT0IFaUQAS2zMnao lQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pHdmX2Os+PYhcZewoozRrSgx4hxyy/ vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJipNiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXi Zo1jDiVN1Rmy5nk3pyKdVDECAwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/Qkqi MAwGA1UdEwQFMAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGBuvl2ICO1J2B0 1GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6YlPwZpVnPDimZI+ymBV3QGypzq KOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkPJXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdV xrsStZf0X4OFunHB2WyBEXYKCrC/gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEP NXubrjlpC2JgQCA2j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+r GNm65ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUBo2M3IUxE xJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS/jQ6fbjpKdx2qcgw+BRx gMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2zGp1iro2C6pSe3VkQw63d4k3jMdXH7Ojy sP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTEW9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmOD BCEIZ43ygknQW/2xzQ+DhNQ+IIX3Sj0rnP0qCglN6oH4EZw= -----END CERTIFICATE----- T\xc3\x9c\x42\xC4\xB0TAK UEKAE K\xC3\xB6k Sertifika Hizmet Sa\xC4\x9Flay\xc4\xb1\x63\xc4\xb1s\xc4\xb1 - S\xC3\xBCr\xC3\xBCm 3 ============================================================================================================================= -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRSMRgwFgYDVQQH DA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJpbGltc2VsIHZlIFRla25vbG9q aWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSwVEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ry b25payB2ZSBLcmlwdG9sb2ppIEFyYcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNV BAsMGkthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUg S8O2ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAeFw0wNzA4 MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIxGDAWBgNVBAcMD0dlYnpl IC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmlsaW1zZWwgdmUgVGVrbm9sb2ppayBBcmHF n3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBUQUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZl IEtyaXB0b2xvamkgQXJhxZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2Ft dSBTZXJ0aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7ZrIFNl cnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4hgb46ezzb8R1Sf1n68yJMlaCQvEhO Eav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yKO7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1 xnnRFDDtG1hba+818qEhTsXOfJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR 6Oqeyjh1jmKwlZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQIDAQABo0IwQDAd BgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmPNOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4 N5EY3ATIZJkrGG2AA1nJrvhY0D7twyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLT y9LQQfMmNkqblWwM7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYh LBOhgLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5noN+J1q2M dqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUsyZyQ2uypQjyttgI= -----END CERTIFICATE----- certSIGN ROOT CA ================ -----BEGIN CERTIFICATE----- MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYTAlJPMREwDwYD VQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTAeFw0wNjA3MDQxNzIwMDRa Fw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UE CxMQY2VydFNJR04gUk9PVCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7I JUqOtdu0KBuqV5Do0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHH rfAQUySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5dRdY4zTW2 ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQOA7+j0xbm0bqQfWwCHTD 0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwvJoIQ4uNllAoEwF73XVv4EOLQunpL+943 AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B Af8EBAMCAcYwHQYDVR0OBBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IB AQA+0hyJLjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecYMnQ8 SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ44gx+FkagQnIl6Z0 x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6IJd1hJyMctTEHBDa0GpC9oHRxUIlt vBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNwi/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7Nz TogVZ96edhBiIL5VaZVDADlN9u6wWk5JRFRYX0KD -----END CERTIFICATE----- CNNIC ROOT ========== -----BEGIN CERTIFICATE----- MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJDTjEOMAwGA1UE ChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2MDcwOTE0WhcNMjcwNDE2MDcw OTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1Qw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzD o+/hn7E7SIX1mlwhIhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tiz VHa6dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZOV/kbZKKT VrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrCGHn2emU1z5DrvTOTn1Or czvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gNv7Sg2Ca+I19zN38m5pIEo3/PIKe38zrK y5nLAgMBAAGjczBxMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscC wQ7vptU7ETAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991S lgrHAsEO76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnKOOK5 Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvHugDnuL8BV8F3RTIM O/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7HgviyJA/qIYM/PmLXoXLT1tLYhFHxUV8 BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fLbuXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2 G8kS1sHNzYDzAgE8yGnLRUhj2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5m mxE= -----END CERTIFICATE----- ApplicationCA - Japanese Government =================================== -----BEGIN CERTIFICATE----- MIIDoDCCAoigAwIBAgIBMTANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQGEwJKUDEcMBoGA1UEChMT SmFwYW5lc2UgR292ZXJubWVudDEWMBQGA1UECxMNQXBwbGljYXRpb25DQTAeFw0wNzEyMTIxNTAw MDBaFw0xNzEyMTIxNTAwMDBaMEMxCzAJBgNVBAYTAkpQMRwwGgYDVQQKExNKYXBhbmVzZSBHb3Zl cm5tZW50MRYwFAYDVQQLEw1BcHBsaWNhdGlvbkNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAp23gdE6Hj6UG3mii24aZS2QNcfAKBZuOquHMLtJqO8F6tJdhjYq+xpqcBrSGUeQ3DnR4 fl+Kf5Sk10cI/VBaVuRorChzoHvpfxiSQE8tnfWuREhzNgaeZCw7NCPbXCbkcXmP1G55IrmTwcrN wVbtiGrXoDkhBFcsovW8R0FPXjQilbUfKW1eSvNNcr5BViCH/OlQR9cwFO5cjFW6WY2H/CPek9AE jP3vbb3QesmlOmpyM8ZKDQUXKi17safY1vC+9D/qDihtQWEjdnjDuGWk81quzMKq2edY3rZ+nYVu nyoKb58DKTCXKB28t89UKU5RMfkntigm/qJj5kEW8DOYRwIDAQABo4GeMIGbMB0GA1UdDgQWBBRU WssmP3HMlEYNllPqa0jQk/5CdTAOBgNVHQ8BAf8EBAMCAQYwWQYDVR0RBFIwUKROMEwxCzAJBgNV BAYTAkpQMRgwFgYDVQQKDA/ml6XmnKzlm73mlL/lupwxIzAhBgNVBAsMGuOCouODl+ODquOCseOD vOOCt+ODp+ODs0NBMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADlqRHZ3ODrs o2dGD/mLBqj7apAxzn7s2tGJfHrrLgy9mTLnsCTWw//1sogJhyzjVOGjprIIC8CFqMjSnHH2HZ9g /DgzE+Ge3Atf2hZQKXsvcJEPmbo0NI2VdMV+eKlmXb3KIXdCEKxmJj3ekav9FfBv7WxfEPjzFvYD io+nEhEMy/0/ecGc/WLuo89UDNErXxc+4z6/wCs+CZv+iKZ+tJIX/COUgb1up8WMwusRRdv4QcmW dupwX3kSa+SjB1oF7ydJzyGfikwJcGapJsErEU4z0g781mzSDjJkaP+tBXhfAx2o45CsJOAPQKdL rosot4LKGAfmt1t06SAZf7IbiVQ= -----END CERTIFICATE----- GeoTrust Primary Certification Authority - G3 ============================================= -----BEGIN CERTIFICATE----- MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UE BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChjKSAyMDA4IEdlb1RydXN0 IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFy eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIz NTk1OVowgZgxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAo YykgMjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNVBAMT LUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz+uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5j K/BGvESyiaHAKAxJcCGVn2TAppMSAmUmhsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdE c5IiaacDiGydY8hS2pgn5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3C IShwiP/WJmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exALDmKu dlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZChuOl1UcCAwEAAaNC MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMR5yo6hTgMdHNxr 2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IBAQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9 cr5HqQ6XErhK8WTTOd8lNNTBzU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbE Ap7aDHdlDkQNkv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUHSJsMC8tJP33s t/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2Gspki4cErx5z481+oghLrGREt -----END CERTIFICATE----- thawte Primary Root CA - G2 =========================== -----BEGIN CERTIFICATE----- MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDELMAkGA1UEBhMC VVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMpIDIwMDcgdGhhd3RlLCBJbmMu IC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3Qg Q0EgLSBHMjAeFw0wNzExMDUwMDAwMDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEV MBMGA1UEChMMdGhhd3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBG b3IgYXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAt IEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/BebfowJPDQfGAFG6DAJS LSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6papu+7qzcMBniKI11KOasf2twu8x+qi5 8/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU mtgAMADna3+FGO6Lts6KDPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUN G4k8VIZ3KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41oxXZ3K rr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg== -----END CERTIFICATE----- thawte Primary Root CA - G3 =========================== -----BEGIN CERTIFICATE----- MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCBrjELMAkGA1UE BhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhv cml6ZWQgdXNlIG9ubHkxJDAiBgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0w ODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh d3RlLCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYD VQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEkMCIG A1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAsr8nLPvb2FvdeHsbnndmgcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2At P0LMqmsywCPLLEHd5N/8YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC +BsUa0Lfb1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS99irY 7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2SzhkGcuYMXDhpxwTW vGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUkOQIDAQABo0IwQDAPBgNVHRMBAf8E BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJ KoZIhvcNAQELBQADggEBABpA2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweK A3rD6z8KLFIWoCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7cKUGRIjxpp7sC 8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fMm7v/OeZWYdMKp8RcTGB7BXcm er/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZuMdRAGmI0Nj81Aa6sY6A= -----END CERTIFICATE----- GeoTrust Primary Certification Authority - G2 ============================================= -----BEGIN CERTIFICATE----- MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDELMAkGA1UEBhMC VVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChjKSAyMDA3IEdlb1RydXN0IElu Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBD ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1 OVowgZgxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg MjAwNyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNVBAMTLUdl b1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjB2MBAGByqGSM49AgEG BSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcLSo17VDs6bl8VAsBQps8lL33KSLjHUGMc KiEIfJo22Av+0SbFWDEwKCXzXV2juLaltJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYD VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+ EVXVMAoGCCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGTqQ7m ndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBuczrD6ogRLQy7rQkgu2 npaqBA+K -----END CERTIFICATE----- VeriSign Universal Root Certification Authority =============================================== -----BEGIN CERTIFICATE----- MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCBvTELMAkGA1UE BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO ZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVk IHVzZSBvbmx5MTgwNgYDVQQDEy9WZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9u IEF1dGhvcml0eTAeFw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJV UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv cmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl IG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNhbCBSb290IENlcnRpZmljYXRpb24gQXV0 aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj 1mCOkdeQmIN65lgZOIzF9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGP MiJhgsWHH26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+HLL72 9fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN/BMReYTtXlT2NJ8I AfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPTrJ9VAMf2CGqUuV/c4DPxhGD5WycR tPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0G CCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2O a8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4sAPmLGd75JR3 Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+seQxIcaBlVZaDrHC1LGmWazx Y8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTx P/jgdFcrGJ2BtMQo2pSXpXDrrB2+BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+P wGZsY6rp2aQW9IHRlRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4 mJO37M2CYfE45k+XmCpajQ== -----END CERTIFICATE----- VeriSign Class 3 Public Primary Certification Authority - G4 ============================================================ -----BEGIN CERTIFICATE----- MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjELMAkGA1UEBhMC VVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3 b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVz ZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmlj YXRpb24gQXV0aG9yaXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjEL MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBU cnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRo b3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5 IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8 Utpkmw4tXNherJI9/gHmGUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGz rl0Bp3vefLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEw HzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24u Y29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMWkf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMD A2gAMGUCMGYhDBgmYFo4e1ZC4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIx AJw9SDkjOVgaFRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA== -----END CERTIFICATE----- NetLock Arany (Class Gold) Főtanúsítvány ======================================== -----BEGIN CERTIFICATE----- MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQGEwJIVTERMA8G A1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610 dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNlcnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBB cmFueSAoQ2xhc3MgR29sZCkgRsWRdGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgx MjA2MTUwODIxWjCBpzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxO ZXRMb2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlmaWNhdGlv biBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNzIEdvbGQpIEbFkXRhbsO6 c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCRec75LbRTDofTjl5Bu 0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrTlF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw /HpYzY6b7cNGbIRwXdrzAZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAk H3B5r9s5VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRGILdw fzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2BJtr+UBdADTHLpl1 neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAGAQH/AgEEMA4GA1UdDwEB/wQEAwIB BjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2MU9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwW qZw8UQCgwBEIBaeZ5m8BiFRhbvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTta YtOUZcTh5m2C+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2FuLjbvrW5Kfna NwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2XjG4Kvte9nHfRCaexOYNkbQu dZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E= -----END CERTIFICATE----- Staat der Nederlanden Root CA - G2 ================================== -----BEGIN CERTIFICATE----- MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJOTDEeMBwGA1UE CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFhdCBkZXIgTmVkZXJsYW5kZW4g Um9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oXDTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMC TkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5l ZGVybGFuZGVuIFJvb3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ 5291qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8SpuOUfiUtn vWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPUZ5uW6M7XxgpT0GtJlvOj CwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvEpMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiil e7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCR OME4HYYEhLoaJXhena/MUGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpI CT0ugpTNGmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy5V65 48r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv6q012iDTiIJh8BIi trzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEKeN5KzlW/HdXZt1bv8Hb/C3m1r737 qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMB AAGjgZcwgZQwDwYDVR0TAQH/BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcC ARYxaHR0cDovL3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqGSIb3DQEBCwUA A4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLySCZa59sCrI2AGeYwRTlHSeYAz +51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwj f/ST7ZwaUb7dRUG/kSS0H4zpX897IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaN kqbG9AclVMwWVxJKgnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfk CpYL+63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxLvJxxcypF URmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkmbEgeqmiSBeGCc1qb3Adb CG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvkN1trSt8sV4pAWja63XVECDdCcAz+3F4h oKOKwJCcaNpQ5kUQR3i2TtJlycM33+FCY7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoV IPVVYpbtbZNQvOSqeK3Zywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm 66+KAQ== -----END CERTIFICATE----- Hongkong Post Root CA 1 ======================= -----BEGIN CERTIFICATE----- MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsxFjAUBgNVBAoT DUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBDQSAxMB4XDTAzMDUx NTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkGA1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25n IFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1 ApzQjVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEnPzlTCeqr auh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjhZY4bXSNmO7ilMlHIhqqh qZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9nnV0ttgCXjqQesBCNnLsak3c78QA3xMY V18meMjWCnl3v/evt3a5pQuEF10Q6m/hq5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNV HRMBAf8ECDAGAQH/AgEDMA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7i h9legYsCmEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI37pio l7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clBoiMBdDhViw+5Lmei IAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJsEhTkYY2sEJCehFC78JZvRZ+K88ps T/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpOfMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilT c4afU9hDDl3WY4JxHYB0yvbiAmvZWg== -----END CERTIFICATE----- SecureSign RootCA11 =================== -----BEGIN CERTIFICATE----- MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDErMCkGA1UEChMi SmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoGA1UEAxMTU2VjdXJlU2lnbiBS b290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSsw KQYDVQQKEyJKYXBhbiBDZXJ0aWZpY2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1 cmVTaWduIFJvb3RDQTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvL TJszi1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8h9uuywGO wvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOVMdrAG/LuYpmGYz+/3ZMq g6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rP O7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitA bpSACW22s293bzUIUPsCh8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZX t94wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAKCh OBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xmKbabfSVSSUOrTC4r bnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQX5Ucv+2rIrVls4W6ng+4reV6G4pQ Oh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWrQbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01 y8hSyn+B/tlr0/cR7SXf+Of5pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061 lgeLKBObjBmNQSdJQO7e5iNEOdyhIta6A/I= -----END CERTIFICATE----- ACEDICOM Root ============= -----BEGIN CERTIFICATE----- MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UEAwwNQUNFRElD T00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00xCzAJBgNVBAYTAkVTMB4XDTA4 MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEWMBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoG A1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEF AAOCAg8AMIICCgKCAgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHk WLn709gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7XBZXehuD YAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5PGrjm6gSSrj0RuVFCPYew MYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAKt0SdE3QrwqXrIhWYENiLxQSfHY9g5QYb m8+5eaA9oiM/Qj9r+hwDezCNzmzAv+YbX79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbk HQl/Sog4P75n/TSW9R28MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTT xKJxqvQUfecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI2Sf2 3EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyHK9caUPgn6C9D4zq9 2Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEaeZAwUswdbxcJzbPEHXEUkFDWug/Fq TYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz 4SsrSbbXc6GqlPUB53NlTKxQMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU 9QHnc2VMrFAwRAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWImfQwng4/F9tqg aHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3gvoFNTPhNahXwOf9jU8/kzJP eGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKeI6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1Pwk zQSulgUV1qzOMPPKC8W64iLgpq0i5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1 ThCojz2GuHURwCRiipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oI KiMnMCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZo5NjEFIq nxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6zqylfDJKZ0DcMDQj3dcE I2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacNGHk0vFQYXlPKNFHtRQrmjseCNj6nOGOp MCwXEGCSn1WHElkQwg9naRHMTh5+Spqtr0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3o tkYNbn5XOmeUwssfnHdKZ05phkOTOPu220+DkdRgfks+KzgHVZhepA== -----END CERTIFICATE----- Microsec e-Szigno Root CA 2009 ============================== -----BEGIN CERTIFICATE----- MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYDVQQGEwJIVTER MA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jv c2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o dTAeFw0wOTA2MTYxMTMwMThaFw0yOTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UE BwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUt U3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvPkd6mJviZpWNwrZuuyjNA fW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tccbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG 0IMZfcChEhyVbUr02MelTTMuhTlAdX4UfIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKA pxn1ntxVUwOXewdI/5n7N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm 1HxdrtbCxkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1+rUC AwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTLD8bf QkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAbBgNVHREE FDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqGSIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0o lZMEyL/azXm4Q5DwpL7v8u8hmLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfX I/OMn74dseGkddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775 tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c2Pm2G2JwCz02 yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5tHMN1Rq41Bab2XD0h7lbwyYIi LXpUq3DDfSJlgnCW -----END CERTIFICATE----- GlobalSign Root CA - R3 ======================= -----BEGIN CERTIFICATE----- MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4GA1UECxMXR2xv YmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2Jh bFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxT aWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2ln bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWt iHL8RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsTgHeMCOFJ 0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmmKPZpO/bLyCiR5Z2KYVc3 rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zdQQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjl OCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZXriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2 xmmFghcCAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE FI/wS3+oLkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZURUm7 lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMpjjM5RcOO5LlXbKr8 EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK6fBdRoyV3XpYKBovHd7NADdBj+1E bddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQXmcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18 YIvDQVETI53O9zJrlAGomecsMx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7r kpeDMdmztcpHWD9f -----END CERTIFICATE----- Autoridad de Certificacion Firmaprofesional CIF A62634068 ========================================================= -----BEGIN CERTIFICATE----- MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UEBhMCRVMxQjBA BgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2 MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEyMzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIw QAYDVQQDDDlBdXRvcmlkYWQgZGUgQ2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBB NjI2MzQwNjgwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDD Utd9thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQMcas9UX4P B99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefGL9ItWY16Ck6WaVICqjaY 7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15iNA9wBj4gGFrO93IbJWyTdBSTo3OxDqqH ECNZXyAFGUftaI6SEspd/NYrspI8IM/hX68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyI plD9amML9ZMWGxmPsu2bm8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctX MbScyJCyZ/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirjaEbsX LZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/TKI8xWVvTyQKmtFLK bpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF6NkBiDkal4ZkQdU7hwxu+g/GvUgU vzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVhOSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1Ud EwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNH DhpkLzCBpgYDVR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBvACAAZABlACAA bABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBlAGwAbwBuAGEAIAAwADgAMAAx ADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx 51tkljYyGOylMnfX40S2wBEqgLk9am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qk R71kMrv2JYSiJ0L1ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaP T481PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS3a/DTg4f Jl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5kSeTy36LssUzAKh3ntLFl osS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF3dvd6qJ2gHN99ZwExEWN57kci57q13XR crHedUTnQn3iV2t93Jm8PYMo6oCTjcVMZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoR saS8I8nkvof/uZS2+F0gStRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTD KCOM/iczQ0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQBjLMi 6Et8Vcad+qMUu2WFbm5PEn4KPJ2V -----END CERTIFICATE----- Izenpe.com ========== -----BEGIN CERTIFICATE----- MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4MQswCQYDVQQG EwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5jb20wHhcNMDcxMjEz MTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMu QS4xEzARBgNVBAMMCkl6ZW5wZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ 03rKDx6sp4boFmVqscIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAK ClaOxdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6HLmYRY2xU +zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFXuaOKmMPsOzTFlUFpfnXC PCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQDyCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxT OTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbK F7jJeodWLBoBHmy+E60QrLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK 0GqfvEyNBjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8Lhij+ 0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIBQFqNeb+Lz0vPqhbB leStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+HMh3/1uaD7euBUbl8agW7EekFwID AQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2luZm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+ SVpFTlBFIFMuQS4gLSBDSUYgQTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBG NjIgUzgxQzBBBgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O BBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUAA4ICAQB4pgwWSp9MiDrAyw6l Fn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWblaQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbga kEyrkgPH7UIBzg/YsfqikuFgba56awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8q hT/AQKM6WfxZSzwoJNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Cs g1lwLDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCTVyvehQP5 aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGkLhObNA5me0mrZJfQRsN5 nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJbUjWumDqtujWTI6cfSN01RpiyEGjkpTHC ClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZo Q0iy2+tzJOeRf1SktoA+naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1Z WrOZyGlsQyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw== -----END CERTIFICATE----- Chambers of Commerce Root - 2008 ================================ -----BEGIN CERTIFICATE----- MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYDVQQGEwJFVTFD MEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNv bS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMu QS4xKTAnBgNVBAMTIENoYW1iZXJzIG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEy Mjk1MFoXDTM4MDczMTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNl ZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQF EwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJl cnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC AQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW928sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKA XuFixrYp4YFs8r/lfTJqVKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorj h40G072QDuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR5gN/ ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfLZEFHcpOrUMPrCXZk NNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05aSd+pZgvMPMZ4fKecHePOjlO+Bd5g D2vlGts/4+EhySnB8esHnFIbAURRPHsl18TlUlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331 lubKgdaX8ZSD6e2wsWsSaR6s+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ 0wlf2eOKNcx5Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAxhduub+84Mxh2 EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNVHQ4EFgQU+SSsD7K1+HnA+mCI G8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJ BgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNh bWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENh bWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDiC CQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUH AgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZIhvcNAQEFBQADggIBAJASryI1 wqM58C7e6bXpeHxIvj99RZJe6dqxGfwWPJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH 3qLPaYRgM+gQDROpI9CF5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbU RWpGqOt1glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaHFoI6 M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2pSB7+R5KBWIBpih1 YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MDxvbxrN8y8NmBGuScvfaAFPDRLLmF 9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QGtjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcK zBIKinmwPQN/aUv0NCB9szTqjktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvG nrDQWzilm1DefhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZd0jQ -----END CERTIFICATE----- Global Chambersign Root - 2008 ============================== -----BEGIN CERTIFICATE----- MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYDVQQGEwJFVTFD MEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNv bS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMu QS4xJzAlBgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMx NDBaFw0zODA3MzExMjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUg Y3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJ QTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD aGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMDf VtPkOpt2RbQT2//BthmLN0EYlVJH6xedKYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXf XjaOcNFccUMd2drvXNL7G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0 ZJJ0YPP2zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4ddPB /gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyGHoiMvvKRhI9lNNgA TH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2Id3UwD2ln58fQ1DJu7xsepeY7s2M H/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3VyJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfe Ox2YItaswTXbo6Al/3K1dh3ebeksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSF HTynyQbehP9r6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsogzCtLkykPAgMB AAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQWBBS5CcqcHtvTbDprru1U8VuT BjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDprru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UE BhMCRVUxQzBBBgNVBAcTOk1hZHJpZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJm aXJtYS5jb20vYWRkcmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJm aXJtYSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiCCQDJzdPp 1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0 dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZIhvcNAQEFBQADggIBAICIf3DekijZBZRG /5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZUohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6 ReAJ3spED8IXDneRRXozX1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/s dZ7LoR/xfxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVza2Mg 9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yydYhz2rXzdpjEetrHH foUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMdSqlapskD7+3056huirRXhOukP9Du qqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9OAP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETr P3iZ8ntxPjzxmKfFGBI/5rsoM0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVq c5iJWzouE4gev8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z 09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B -----END CERTIFICATE----- Go Daddy Root Certificate Authority - G2 ======================================== -----BEGIN CERTIFICATE----- MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMu MTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8G A1UEAxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKDE6bFIEMBO4Tx5oVJnyfq 9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD +qK+ihVqf94Lw7YZFAXK6sOoBJQ7RnwyDfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutd fMh8+7ArU6SSYmlRJQVhGkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMl NAJWJwGRtDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEAAaNC MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFDqahQcQZyi27/a9 BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmXWWcDYfF+OwYxdS2hII5PZYe096ac vNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r 5N9ss4UXnT3ZJE95kTXWXwTrgIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYV N8Gb5DKj7Tjo2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI4uJEvlz36hz1 -----END CERTIFICATE----- Starfield Root Certificate Authority - G2 ========================================= -----BEGIN CERTIFICATE----- MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9s b2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVsZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0 eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAw DgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQg VGVjaG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZpY2F0ZSBB dXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3twQP89o/8ArFv W59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMgnLRJdzIpVv257IzdIvpy3Cdhl+72WoTs bhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNk N3mSwOxGXn/hbVNMYq/NHwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7Nf ZTD4p7dNdloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0HZbU JtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC AQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0GCSqGSIb3DQEBCwUAA4IBAQARWfol TwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjUsHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx 4mcujJUDJi5DnUox9g61DLu34jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUw F5okxBDgBPfg8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1mMpYjn0q7pBZ c2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 -----END CERTIFICATE----- Starfield Services Root Certificate Authority - G2 ================================================== -----BEGIN CERTIFICATE----- MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9s b2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRl IEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNV BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxT dGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2VydmljZXMg Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20pOsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2 h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm28xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4Pa hHQUw2eeBGg6345AWh1KTs9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLP LJGmpufehRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk6mFB rMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAwDwYDVR0TAQH/BAUw AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMA0GCSqG SIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMIbw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPP E95Dz+I0swSdHynVv/heyNXBve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTy xQGjhdByPq1zqwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn0q23KXB56jza YyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCNsSi6 -----END CERTIFICATE----- AffirmTrust Commercial ====================== -----BEGIN CERTIFICATE----- MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UEBhMCVVMxFDAS BgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBDb21tZXJjaWFsMB4XDTEw MDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmly bVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6Eqdb DuKPHx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yrba0F8PrV C8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPALMeIrJmqbTFeurCA+ukV6 BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1yHp52UKqK39c/s4mT6NmgTWvRLpUHhww MmWd5jyTXlBOeuM61G7MGvv50jeuJCqrVwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNV HQ4EFgQUnZPGU4teyq8/nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC AQYwDQYJKoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYGXUPG hi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNjvbz4YYCanrHOQnDi qX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivtZ8SOyUOyXGsViQK8YvxO8rUzqrJv 0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9gN53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0kh sUlHRUe072o0EclNmsxZt9YCnlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8= -----END CERTIFICATE----- AffirmTrust Networking ====================== -----BEGIN CERTIFICATE----- MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UEBhMCVVMxFDAS BgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBOZXR3b3JraW5nMB4XDTEw MDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmly bVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SE Hi3yYJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbuakCNrmreI dIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRLQESxG9fhwoXA3hA/Pe24 /PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gb h+0t+nvujArjqWaJGctB+d1ENmHP4ndGyH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNV HQ4EFgQUBx/S55zawm6iQLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC AQYwDQYJKoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfOtDIu UFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzuQY0x2+c06lkh1QF6 12S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZLgo/bNjR9eUJtGxUAArgFU2HdW23 WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4uolu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9 /ZFvgrG+CJPbFEfxojfHRZ48x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s= -----END CERTIFICATE----- AffirmTrust Premium =================== -----BEGIN CERTIFICATE----- MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UEBhMCVVMxFDAS BgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVzdCBQcmVtaXVtMB4XDTEwMDEy OTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRy dXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A MIICCgKCAgEAxBLfqV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtn BKAQJG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ+jjeRFcV 5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrSs8PhaJyJ+HoAVt70VZVs +7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmd GPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d770O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5R p9EixAqnOEhss/n/fauGV+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NI S+LI+H+SqHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S5u04 6uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4IaC1nEWTJ3s7xgaVY5 /bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TXOwF0lkLgAOIua+rF7nKsu7/+6qqo +Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYEFJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB /wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByv MiPIs0laUZx2KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B8OWycvpEgjNC 6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQMKSOyARiqcTtNd56l+0OOF6S L5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK +4w1IX2COPKpVJEZNZOUbWo6xbLQu4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmV BtWVyuEklut89pMFu+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFg IxpHYoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8GKa1qF60 g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaORtGdFNrHF+QFlozEJLUb zxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6eKeC2uAloGRwYQw== -----END CERTIFICATE----- AffirmTrust Premium ECC ======================= -----BEGIN CERTIFICATE----- MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMCVVMxFDASBgNV BAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQcmVtaXVtIEVDQzAeFw0xMDAx MjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1U cnVzdDEgMB4GA1UEAwwXQWZmaXJtVHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQA IgNiAAQNMF4bFZ0D0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQ N8O9ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0GA1UdDgQW BBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAK BggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/VsaobgxCd05DhT1wV/GzTjxi+zygk8N53X 57hG8f2h4nECMEJZh0PUUd+60wkyWs6Iflc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKM eQ== -----END CERTIFICATE----- Certum Trusted Network CA ========================= -----BEGIN CERTIFICATE----- MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBMMSIwIAYDVQQK ExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlv biBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBUcnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIy MTIwNzM3WhcNMjkxMjMxMTIwNzM3WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBU ZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 MSIwIAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rHUV+rpDKmYYe2bg+G0jAC l/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LMTXPb865Px1bVWqeWifrzq2jUI4ZZJ88J J7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVUBBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4 fOQtf/WsX+sWn7Et0brMkUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0 cvW0QM8xAcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNVHRMB Af8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNVHQ8BAf8EBAMCAQYw DQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15ysHhE49wcrwn9I0j6vSrEuVUEtRCj jSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfLI9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1 mS1FhIrlQgnXdAIv94nYmem8J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5aj Zt3hrvJBW8qYVoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI 03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= -----END CERTIFICATE----- Certinomis - Autorité Racine ============================ -----BEGIN CERTIFICATE----- MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjETMBEGA1UEChMK Q2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAkBgNVBAMMHUNlcnRpbm9taXMg LSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkG A1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYw JAYDVQQDDB1DZXJ0aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQAD ggIPADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jYF1AMnmHa wE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N8y4oH3DfVS9O7cdxbwly Lu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWerP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw 2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92N jMD2AR5vpTESOH2VwnHu7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9q c1pkIuVC28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6lSTC lrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1Enn1So2+WLhl+HPNb xxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB0iSVL1N6aaLwD4ZFjliCK0wi1F6g 530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql095gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna 4NH4+ej9Uji29YnfAgMBAAGjWzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G A1UdDgQWBBQNjLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9sov3/4gbIOZ/x WqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZMOH8oMDX/nyNTt7buFHAAQCva R6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40 nJ+U8/aGH88bc62UeYdocMMzpXDn2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1B CxMjidPJC+iKunqjo3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjv JL1vnxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG5ERQL1TE qkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWqpdEdnV1j6CTmNhTih60b WfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZbdsLLO7XSAPCjDuGtbkD326C00EauFddE wk01+dIL8hf2rGbVJLJP0RyZwG71fet0BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/ vgt2Fl43N+bYdJeimUV5 -----END CERTIFICATE----- TWCA Root Certification Authority ================================= -----BEGIN CERTIFICATE----- MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJ VEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlmaWNh dGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMzWhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQG EwJUVzESMBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NB IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFEAcK0HMMx QhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HHK3XLfJ+utdGdIzdjp9xC oi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeXRfwZVzsrb+RH9JlF/h3x+JejiB03HFyP 4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/zrX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1r y+UPizgN7gr8/g+YnzAx3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIB BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkqhkiG 9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeCMErJk/9q56YAf4lC mtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdlsXebQ79NqZp4VKIV66IIArB6nCWlW QtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62Dlhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVY T0bf+215WfKEIlKuD8z7fDvnaspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocny Yh0igzyXxfkZYiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw== -----END CERTIFICATE----- Security Communication RootCA2 ============================== -----BEGIN CERTIFICATE----- MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDElMCMGA1UEChMc U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNh dGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoXDTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMC SlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3Vy aXR5IENvbW11bmljYXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ANAVOVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGrzbl+dp++ +T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVMVAX3NuRFg3sUZdbcDE3R 3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQhNBqyjoGADdH5H5XTz+L62e4iKrFvlNV spHEfbmwhRkGeC7bYRr6hfVKkaHnFtWOojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1K EOtOghY6rCcMU/Gt1SSwawNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8 QIH4D5csOPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEB CwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpFcoJxDjrSzG+ntKEj u/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXcokgfGT+Ok+vx+hfuzU7jBBJV1uXk 3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6q tnRGEmyR7jTV7JqR50S+kDFy1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29 mvVXIwAHIRc/SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03 -----END CERTIFICATE----- EC-ACC ====== -----BEGIN CERTIFICATE----- MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB8zELMAkGA1UE BhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2VydGlmaWNhY2lvIChOSUYgUS0w ODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYD VQQLEyxWZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UE CxMsSmVyYXJxdWlhIEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMT BkVDLUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQGEwJFUzE7 MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8gKE5JRiBRLTA4MDExNzYt SSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZl Z2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQubmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJh cnF1aWEgRW50aXRhdHMgZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUND MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R85iK w5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm4CgPukLjbo73FCeT ae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaVHMf5NLWUhdWZXqBIoH7nF2W4onW4 HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNdQlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0a E9jD2z3Il3rucO2n5nzbcc8tlGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw 0JDnJwIDAQABo4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4opvpXY0wfwYD VR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBodHRwczovL3d3dy5jYXRjZXJ0 Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidWZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5l dC92ZXJhcnJlbCAwDQYJKoZIhvcNAQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJ lF7W2u++AVtd0x7Y/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNa Al6kSBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhyRp/7SNVe l+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOSAgu+TGbrIP65y7WZf+a2 E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xlnJ2lYJU6Un/10asIbvPuW/mIPX64b24D 5EI= -----END CERTIFICATE----- Hellenic Academic and Research Institutions RootCA 2011 ======================================================= -----BEGIN CERTIFICATE----- MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1IxRDBCBgNVBAoT O0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9y aXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25z IFJvb3RDQSAyMDExMB4XDTExMTIwNjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYT AkdSMUQwQgYDVQQKEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25z IENlcnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNo IEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPzdYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI 1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJfel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa 71HFK9+WXesyHgLacEnsbgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u 8yBRQlqD75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSPFEDH 3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNVHRMBAf8EBTADAQH/ MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp5dgTBCPuQSUwRwYDVR0eBEAwPqA8 MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQub3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQu b3JnMA0GCSqGSIb3DQEBBQUAA4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVt XdMiKahsog2p6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7dIsXRSZMFpGD /md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8AcysNnq/onN694/BtZqhFLKPM58N 7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXIl7WdmplNsDz4SgCbZN2fOUvRJ9e4 -----END CERTIFICATE----- Actalis Authentication Root CA ============================== -----BEGIN CERTIFICATE----- MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCSVQxDjAM BgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzEnMCUGA1UE AwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDky MjExMjIwMlowazELMAkGA1UEBhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlz IFMucC5BLi8wMzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290 IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNvUTufClrJ wkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX4ay8IMKx4INRimlNAJZa by/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9KK3giq0itFZljoZUj5NDKd45RnijMCO6 zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1f YVEiVRvjRuPjPdA1YprbrxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2 oxgkg4YQ51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2Fbe8l EfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxeKF+w6D9Fz8+vm2/7 hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4Fv6MGn8i1zeQf1xcGDXqVdFUNaBr8 EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbnfpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5 jF66CyCU3nuDuP/jVo23Eek7jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLY iDrIn3hm7YnzezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQALe3KHwGCmSUyI WOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70jsNjLiNmsGe+b7bAEzlgqqI0 JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDzWochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKx K3JCaKygvU5a2hi/a5iB0P2avl4VSM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+ Xlff1ANATIGk0k9jpwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC 4yyXX04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+OkfcvHlXHo 2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7RK4X9p2jIugErsWx0Hbhz lefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btUZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXem OR/qnuOf0GZvBeyqdn6/axag67XH/JJULysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9 vwGYT7JZVEc+NHt4bVaTLnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg== -----END CERTIFICATE----- Trustis FPS Root CA =================== -----BEGIN CERTIFICATE----- MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQG EwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQLExNUcnVzdGlzIEZQUyBSb290 IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTExMzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNV BAoTD1RydXN0aXMgTGltaXRlZDEcMBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQ RUN+AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihHiTHcDnlk H5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjjvSkCqPoc4Vu5g6hBSLwa cY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zt o3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlBOrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEA AaNTMFEwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAd BgNVHQ4EFgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01GX2c GE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmWzaD+vkAMXBJV+JOC yinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP41BIy+Q7DsdwyhEQsb8tGD+pmQQ9P 8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZEf1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHV l/9D7S3B2l0pKoU/rGXuhg8FjZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYl iB6XzCGcKQENZetX2fNXlrtIzYE= -----END CERTIFICATE----- StartCom Certification Authority ================================ -----BEGIN CERTIFICATE----- MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMN U3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmlu ZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0 NjM3WhcNMzYwOTE3MTk0NjM2WjB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRk LjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMg U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw ggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZkpMyONvg45iPwbm2xPN1y o4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rfOQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/ Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/CJi/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/d eMotHweXMAEtcnn6RtYTKqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt 2PZE4XNiHzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMMAv+Z 6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w+2OqqGwaVLRcJXrJ osmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/ untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVc UjyJthkqcwEKDwOzEmDyei+B26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT 37uMdBNSSwIDAQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFulF2mHMMo0aEPQ Qa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCCATgwLgYIKwYBBQUHAgEWImh0 dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENv bW1lcmNpYWwgKFN0YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0 aGUgc2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0aWZpY2F0 aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93d3cuc3RhcnRzc2wuY29t L3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBG cmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5 fPGFf59Jb2vKXfuM/gTFwWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWm N3PH/UvSTa0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst0OcN Org+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNcpRJvkrKTlMeIFw6T tn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKlCcWw0bdT82AUuoVpaiF8H3VhFyAX e2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVFP0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA 2MFrLH9ZXF2RsXAiV+uKa0hK1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBs HvUwyKMQ5bLmKhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ8dCAWZvLMdib D4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnmfyWl8kgAwKQB2j8= -----END CERTIFICATE----- StartCom Certification Authority G2 =================================== -----BEGIN CERTIFICATE----- MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMN U3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg RzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UE ChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3Jp dHkgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8O o1XJJZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsDvfOpL9HG 4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnooD/Uefyf3lLE3PbfHkffi Aez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/Q0kGi4xDuFby2X8hQxfqp0iVAXV16iul Q5XqFYSdCI0mblWbq9zSOdIxHWDirMxWRST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbs O+wmETRIjfaAKxojAuuKHDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8H vKTlXcxNnw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM0D4L nMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/iUUjXuG+v+E5+M5iS FGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9Ha90OrInwMEePnWjFqmveiJdnxMa z6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHgTuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8E BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJ KoZIhvcNAQELBQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K 2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfXUfEpY9Z1zRbk J4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl6/2o1PXWT6RbdejF0mCy2wl+ JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG /+gyRr61M3Z3qAFdlsHB1b6uJcDJHgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTc nIhT76IxW1hPkWLIwpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/Xld blhYXzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5lIxKVCCIc l85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoohdVddLHRDiBYmxOlsGOm 7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulrso8uBtjRkcfGEvRM/TAXw8HaOFvjqerm obp573PYtlNXLfbQ4ddI -----END CERTIFICATE----- Buypass Class 2 Root CA ======================= -----BEGIN CERTIFICATE----- MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU QnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3MgQ2xhc3MgMiBSb290IENBMB4X DTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1owTjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1 eXBhc3MgQVMtOTgzMTYzMzI3MSAwHgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1 g1Lr6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPVL4O2fuPn 9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC911K2GScuVr1QGbNgGE41b /+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHxMlAQTn/0hpPshNOOvEu/XAFOBz3cFIqU CqTqc/sLUegTBxj6DvEr0VQVfTzh97QZQmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeff awrbD02TTqigzXsu8lkBarcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgI zRFo1clrUs3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLiFRhn Bkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRSP/TizPJhk9H9Z2vX Uq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN9SG9dKpN6nIDSdvHXx1iY8f93ZHs M+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxPAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD VR0OBBYEFMmAd+BikoL1RpzzuvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF AAOCAgEAU18h9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3tOluwlN5E40EI osHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo+fsicdl9sz1Gv7SEr5AcD48S aq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYd DnkM/crqJIByw5c/8nerQyIKx+u2DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWD LfJ6v9r9jv6ly0UsH8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0 oyLQI+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK75t98biGC wWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h3PFaTWwyI0PurKju7koS CTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPzY11aWOIv4x3kqdbQCtCev9eBCfHJxyYN rJgWVqA= -----END CERTIFICATE----- Buypass Class 3 Root CA ======================= -----BEGIN CERTIFICATE----- MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU QnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3MgQ2xhc3MgMyBSb290IENBMB4X DTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFowTjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1 eXBhc3MgQVMtOTgzMTYzMzI3MSAwHgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRH sJ8YZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3EN3coTRiR 5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9tznDDgFHmV0ST9tD+leh 7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX0DJq1l1sDPGzbjniazEuOQAnFN44wOwZ ZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH 2xc519woe2v1n/MuwU8XKhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV /afmiSTYzIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvSO1UQ RwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D34xFMFbG02SrZvPA Xpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgPK9Dx2hzLabjKSWJtyNBjYt1gD1iq j6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD VR0OBBYEFEe4zf/lb+74suwvTg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF AAOCAgEAACAjQTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXSIGrs/CIBKM+G uIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2HJLw5QY33KbmkJs4j1xrG0aG Q0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsaO5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8 ZORK15FTAaggiG6cX0S5y2CBNOxv033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2 KSb12tjE8nVhz36udmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz 6MkEkbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg413OEMXbug UZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvDu79leNKGef9JOxqDDPDe eOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq4/g7u9xN12TyUb7mqqta6THuBrxzvxNi Cp/HuZc= -----END CERTIFICATE----- T-TeleSec GlobalRoot Class 3 ============================ -----BEGIN CERTIFICATE----- MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoM IlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBU cnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgx MDAxMTAyOTU2WhcNMzMxMDAxMjM1OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lz dGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBD ZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN8ELg63iIVl6bmlQdTQyK 9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/RLyTPWGrTs0NvvAgJ1gORH8EGoel15YU NpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZF iP0Zf3WHHx+xGwpzJFu5ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W 0eDrXltMEnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGjQjBA MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1A/d2O2GCahKqGFPr AyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOyWL6ukK2YJ5f+AbGwUgC4TeQbIXQb fsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzT ucpH9sry9uetuUg/vBa3wW306gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7h P0HHRwA11fXT91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4pTpPDpFQUWw== -----END CERTIFICATE----- EE Certification Centre Root CA =============================== -----BEGIN CERTIFICATE----- MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQG EwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1czEoMCYGA1UEAwwfRUUgQ2Vy dGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYGCSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIw MTAxMDMwMTAxMDMwWhgPMjAzMDEyMTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlB UyBTZXJ0aWZpdHNlZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRy ZSBSb290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUyeuuOF0+W2Ap7kaJjbMeM TC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvObntl8jixwKIy72KyaOBhU8E2lf/slLo2 rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIwWFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw 93X2PaRka9ZP585ArQ/dMtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtN P2MbRMNE1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYDVR0T AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/zQas8fElyalL1BSZ MEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEF BQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEFBQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+Rj xY6hUFaTlrg4wCQiZrxTFGGVv9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqM lIpPnTX/dqQGE5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIWiAYLtqZLICjU 3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/vGVCJYMzpJJUPwssd8m92kMfM dcGWxZ0= -----END CERTIFICATE----- TURKTRUST Certificate Services Provider Root 2007 ================================================= -----BEGIN CERTIFICATE----- MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOcUktUUlVTVCBF bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGEwJUUjEP MA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUg QmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4X DTA3MTIyNTE4MzcxOVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxl a3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMCVFIxDzAN BgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDEsGxldGnFn2ltIHZlIEJp bGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7Fni4gKGMpIEFyYWzEsWsgMjAwNzCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9N YvDdE3ePYakqtdTyuTFYKTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQv KUmi8wUG+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveGHtya KhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6PIzdezKKqdfcYbwnT rqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M733WB2+Y8a+xwXrXgTW4qhe04MsC AwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHkYb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAP BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/s Px+EnWVUXKgWAkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5mxRZNTZPz/OO Xl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsaXRik7r4EW5nVcV9VZWRi1aKb BFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZqxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAK poRq0Tl9 -----END CERTIFICATE----- D-TRUST Root Class 3 CA 2 2009 ============================== -----BEGIN CERTIFICATE----- MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQK DAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTAe Fw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NThaME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxE LVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOAD ER03UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42tSHKXzlA BF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9RySPocq60vFYJfxLLHLGv KZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsMlFqVlNpQmvH/pStmMaTJOKDfHR+4CS7z p+hnUquVH+BGPtikw8paxTGA6Eian5Rp/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUC AwEAAaOCARowggEWMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ 4PGEMA4GA1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVjdG9y eS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUyMENBJTIwMiUyMDIw MDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3QwQ6BBoD+G PWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3JsL2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAw OS5jcmwwDQYJKoZIhvcNAQELBQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm 2H6NMLVwMeniacfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4KzCUqNQT4YJEV dT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8PIWmawomDeCTmGCufsYkl4ph X5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3YJohw1+qRzT65ysCQblrGXnRl11z+o+I= -----END CERTIFICATE----- D-TRUST Root Class 3 CA 2 EV 2009 ================================= -----BEGIN CERTIFICATE----- MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQK DAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAw OTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUwNDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQK DAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAw OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfS egpnljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM03TP1YtHh zRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6ZqQTMFexgaDbtCHu39b+T 7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lRp75mpoo6Kr3HGrHhFPC+Oh25z1uxav60 sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure35 11H3a6UCAwEAAaOCASQwggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyv cop9NteaHNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFwOi8v ZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xhc3MlMjAzJTIwQ0El MjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRp b25saXN0MEagRKBChkBodHRwOi8vd3d3LmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xh c3NfM19jYV8yX2V2XzIwMDkuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+ PPoeUSbrh/Yp3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05 nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNFCSuGdXzfX2lX ANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7naxpeG0ILD5EJt/rDiZE4OJudA NCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqXKVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVv w9y4AyHqnxbxLFS1 -----END CERTIFICATE----- PSCProcert ========== -----BEGIN CERTIFICATE----- MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1dG9yaWRhZCBk ZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9sYW5vMQswCQYDVQQGEwJWRTEQ MA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlzdHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lz dGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBl cmludGVuZGVuY2lhIGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUw IwYJKoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEwMFoXDTIw MTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHByb2NlcnQubmV0LnZlMQ8w DQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGExKjAoBgNVBAsTIVByb3ZlZWRvciBkZSBD ZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZp Y2FjaW9uIEVsZWN0cm9uaWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo97BVC wfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74BCXfgI8Qhd19L3uA 3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38GieU89RLAu9MLmV+QfI4tL3czkkoh RqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmO EO8GqQKJ/+MMbpfg353bIdD0PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG2 0qCZyFSTXai20b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH 0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/6mnbVSKVUyqU td+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1mv6JpIzi4mWCZDlZTOpx+FIyw Bm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvp r2uKGcfLFFb14dq12fy/czja+eevbqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/ AgEBMDcGA1UdEgQwMC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAz Ni0wMB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFDgBStuyId xuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0b3JpZGFkIGRlIENlcnRp ZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xhbm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQH EwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5h Y2lvbmFsIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5k ZW5jaWEgZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkqhkiG 9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQDAgEGME0GA1UdEQRG MESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0wMDAwMDKgGwYFYIZeAgKgEgwQUklG LUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEagRKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52 ZS9sY3IvQ0VSVElGSUNBRE8tUkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNy YWl6LnN1c2NlcnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsGAQUFBwIBFh5o dHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcNAQELBQADggIBACtZ6yKZu4Sq T96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmN g7+mvTV+LFwxNG9s2/NkAZiqlCxB3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4q uxtxj7mkoP3YldmvWb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1 n8GhHVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHmpHmJWhSn FFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXzsOfIt+FTvZLm8wyWuevo 5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bEqCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq 3TNWOByyrYDT13K9mmyZY+gAu0F2BbdbmRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5 poLWccret9W6aAjtmcz9opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3Y eMLEYC/HYvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km -----END CERTIFICATE----- China Internet Network Information Center EV Certificates Root ============================================================== -----BEGIN CERTIFICATE----- MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMCQ04xMjAwBgNV BAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyMUcwRQYDVQQDDD5D aGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMg Um9vdDAeFw0xMDA4MzEwNzExMjVaFw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAG A1UECgwpQ2hpbmEgSW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMM PkNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRpZmljYXRl cyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z7r07eKpkQ0H1UN+U8i6y jUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV 98YPjUesWgbdYavi7NifFy2cyjw1l1VxzUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2H klY0bBoQCxfVWhyXWIQ8hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23 KzhmBsUs4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54ugQEC 7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oYNJKiyoOCWTAPBgNV HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUfHJLOcfA22KlT5uqGDSSosqD glkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd5 0XPFtQO3WKwMVC/GVhMPMdoG52U7HW8228gd+f2ABsqjPWYWqJ1MFn3AlUa1UeTiH9fqBk1jjZaM 7+czV0I664zBechNdn3e9rG3geCg+aF4RhcaVpjwTj2rHO3sOdwHSPdj/gauwqRcalsyiMXHM4Ws ZkJHwlgkmeHlPuV1LI5D1l08eB6olYIpUNHRFrrvwb562bTYzB5MRuF3sTGrvSrIzo9uoV1/A3U0 5K2JRVRevq4opbs/eHnrc7MKDf2+yfdWrPa37S+bISnHOLaVxATywy39FCqQmbkHzJ8= -----END CERTIFICATE----- Swisscom Root CA 2 ================== -----BEGIN CERTIFICATE----- MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQG EwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2VydGlmaWNhdGUgU2Vy dmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3QgQ0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2 MjUwNzM4MTRaMGQxCzAJBgNVBAYTAmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGln aXRhbCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIIC IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvErjw0DzpPM LgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r0rk0X2s682Q2zsKwzxNo ysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJ wDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVPACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpH Wrumnf2U5NGKpV+GY3aFy6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1a SgJA/MTAtukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL6yxS NLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0uPoTXGiTOmekl9Ab mbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrALacywlKinh/LTSlDcX3KwFnUey7QY Ypqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velhk6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3 qPyZ7iVNTA6z00yPhOgpD/0QVAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYw HQYDVR0hBBYwFDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqhb97iEoHF8Twu MA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4RfbgZPnm3qKhyN2abGu2sEzsO v2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ 82YqZh6NM4OKb3xuqFp1mrjX2lhIREeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLz o9v/tdhZsnPdTSpxsrpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcs a0vvaGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciATwoCqISxx OQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99nBjx8Oto0QuFmtEYE3saW mA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5Wt6NlUe07qxS/TFED6F+KBZvuim6c779o +sjaC+NCydAXFJy3SuCvkychVSa1ZC+N8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TC rvJcwhbtkj6EPnNgiLx29CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX 5OfNeOI5wSsSnqaeG8XmDtkx2Q== -----END CERTIFICATE----- Swisscom Root EV CA 2 ===================== -----BEGIN CERTIFICATE----- MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAwZzELMAkGA1UE BhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdpdGFsIENlcnRpZmljYXRlIFNl cnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcN MzEwNjI1MDg0NTA4WjBnMQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsT HERpZ2l0YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYg Q0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7BxUglgRCgz o3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD1ycfMQ4jFrclyxy0uYAy Xhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPHoCE2G3pXKSinLr9xJZDzRINpUKTk4Rti GZQJo/PDvO/0vezbE53PnUgJUmfANykRHvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8Li qG12W0OfvrSdsyaGOx9/5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaH Za0zKcQvidm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHLOdAG alNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaCNYGu+HuB5ur+rPQa m3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f46Fq9mDU5zXNysRojddxyNMkM3Ox bPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCBUWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDi xzgHcgplwLa7JSnaFp6LNYth7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/ BAQDAgGGMB0GA1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWBbj2ITY1x0kbB bkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6xXCX5145v9Ydkn+0UjrgEjihL j6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98TPLr+flaYC/NUn81ETm484T4VvwYmneTwkLbU wp4wLh/vx3rEUMfqe9pQy3omywC0Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7 XwgiG/W9mR4U9s70WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH 59yLGn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm7JFe3VE/ 23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4Snr8PyQUQ3nqjsTzyP6Wq J3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VNvBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyA HmBR3NdUIR7KYndP+tiPsys6DXhyyWhBWkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/gi uMod89a2GQ+fYWVq6nTIfI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuW l8PVP3wbI+2ksx0WckNLIOFZfsLorSa/ovc= -----END CERTIFICATE----- CA Disig Root R1 ================ -----BEGIN CERTIFICATE----- MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNVBAYTAlNLMRMw EQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMuMRkwFwYDVQQDExBDQSBEaXNp ZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQyMDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sx EzARBgNVBAcTCkJyYXRpc2xhdmExEzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERp c2lnIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy 3QRkD2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/oOI7bm+V8 u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3AfQ+lekLZWnDZv6fXARz2 m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJeIgpFy4QxTaz+29FHuvlglzmxZcfe+5nk CiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8noc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTa YVKvJrT1cU/J19IG32PK/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6 vpmumwKjrckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD3AjL LhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE7cderVC6xkGbrPAX ZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkCyC2fg69naQanMVXVz0tv/wQFx1is XxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLdqvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNV HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ 04IwDQYJKoZIhvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaASfX8MPWbTx9B LxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXoHqJPYNcHKfyyo6SdbhWSVhlM CrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpBemOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5Gfb VSUZP/3oNn6z4eGBrxEWi1CXYBmCAMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85 YmLLW1AL14FABZyb7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKS ds+xDzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvkF7mGnjix lAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqFa3qdnom2piiZk4hA9z7N UaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsTQ6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJ a7+h89n07eLw4+1knj0vllJPgFOL -----END CERTIFICATE----- CA Disig Root R2 ================ -----BEGIN CERTIFICATE----- MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNVBAYTAlNLMRMw EQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMuMRkwFwYDVQQDExBDQSBEaXNp ZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQyMDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sx EzARBgNVBAcTCkJyYXRpc2xhdmExEzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERp c2lnIFJvb3QgUjIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbC w3OeNcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNHPWSb6Wia xswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3Ix2ymrdMxp7zo5eFm1tL7 A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbeQTg06ov80egEFGEtQX6sx3dOy1FU+16S GBsEWmjGycT6txOgmLcRK7fWV8x8nhfRyyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqV g8NTEQxzHQuyRpDRQjrOQG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa 5Beny912H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJQfYE koopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUDi/ZnWejBBhG93c+A Ak9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORsnLMOPReisjQS1n6yqEm70XooQL6i Fh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNV HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5u Qu0wDQYJKoZIhvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqfGopTpti72TVV sRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkblvdhuDvEK7Z4bLQjb/D907Je dR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka+elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W8 1k/BfDxujRNt+3vrMNDcTa/F1balTFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjx mHHEt38OFdAlab0inSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01 utI3gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18DrG5gPcFw0 sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3OszMOl6W8KjptlwlCFtaOg UxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8xL4ysEr3vQCj8KWefshNPZiTEUxnpHikV 7+ZtsH8tZ/3zbBt1RqPlShfppNcL -----END CERTIFICATE----- ACCVRAIZ1 ========= -----BEGIN CERTIFICATE----- MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UEAwwJQUNDVlJB SVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQswCQYDVQQGEwJFUzAeFw0xMTA1 MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQBgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwH UEtJQUNDVjENMAsGA1UECgwEQUNDVjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4IC DwAwggIKAoICAQCbqau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gM jmoYHtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWoG2ioPej0 RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpAlHPrzg5XPAOBOp0KoVdD aaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhrIA8wKFSVf+DuzgpmndFALW4ir50awQUZ 0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDG WuzndN9wrqODJerWx5eHk6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs7 8yM2x/474KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMOm3WR 5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpacXpkatcnYGMN285J 9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPluUsXQA+xtrn13k/c4LOsOxFwYIRK Q26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYIKwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRw Oi8vd3d3LmFjY3YuZXMvZmlsZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEu Y3J0MB8GCCsGAQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2 VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeTVfZW6oHlNsyM Hj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIGCCsGAQUFBwICMIIBFB6CARAA QQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUAcgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBh AO0AegAgAGQAZQAgAGwAYQAgAEEAQwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUA YwBuAG8AbABvAGcA7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBj AHQAcgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAAQwBQAFMA IABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUAczAwBggrBgEFBQcCARYk aHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2MuaHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0 dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRtaW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2 MV9kZXIuY3JsMA4GA1UdDwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZI hvcNAQEFBQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdpD70E R9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gUJyCpZET/LtZ1qmxN YEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+mAM/EKXMRNt6GGT6d7hmKG9Ww7Y49 nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepDvV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJ TS+xJlsndQAJxGJ3KQhfnlmstn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3 sCPdK6jT2iWH7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szAh1xA2syVP1Xg Nce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xFd3+YJ5oyXSrjhO7FmGYvliAd 3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2HpPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3p EfbRD0tVNEYqi4Y7 -----END CERTIFICATE----- TWCA Global Root CA =================== -----BEGIN CERTIFICATE----- MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcxEjAQBgNVBAoT CVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMTVFdDQSBHbG9iYWwgUm9vdCBD QTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQK EwlUQUlXQU4tQ0ExEDAOBgNVBAsTB1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3Qg Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2C nJfF10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz0ALfUPZV r2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfChMBwqoJimFb3u/Rk28OKR Q4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbHzIh1HrtsBv+baz4X7GGqcXzGHaL3SekV tTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1W KKD+u4ZqyPpcC1jcxkt2yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99 sy2sbZCilaLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYPoA/p yJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQABDzfuBSO6N+pjWxn kjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcEqYSjMq+u7msXi7Kx/mzhkIyIqJdI zshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMC AQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6g cFGn90xHNcgL1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WFH6vPNOw/KP4M 8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNoRI2T9GRwoD2dKAXDOXC4Ynsg /eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlg lPx4mI88k1HtQJAH32RjJMtOcQWh15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryP A9gK8kxkRr05YuWW6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3m i4TWnsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5jwa19hAM8 EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWzaGHQRiapIVJpLesux+t3 zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmyKwbQBM0= -----END CERTIFICATE----- TeliaSonera Root CA v1 ====================== -----BEGIN CERTIFICATE----- MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAwNzEUMBIGA1UE CgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJvb3QgQ0EgdjEwHhcNMDcxMDE4 MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwW VGVsaWFTb25lcmEgUm9vdCBDQSB2MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+ 6yfwIaPzaSZVfp3FVRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA 3GV17CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+XZ75Ljo1k B1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+/jXh7VB7qTCNGdMJjmhn Xb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxH oLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkmdtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3 F0fUTPHSiXk+TT2YqGHeOh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJ oWjiUIMusDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4pgd7 gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fsslESl1MpWtTwEhDc TwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQarMCpgKIv7NHfirZ1fpoeDVNAgMB AAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qW DNXr+nuqF+gTEjANBgkqhkiG9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNm zqjMDfz1mgbldxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx 0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1TjTQpgcmLNkQfW pb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBedY2gea+zDTYa4EzAvXUYNR0PV G6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpc c41teyWRyu5FrgZLAMzTsVlQ2jqIOylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOT JsjrDNYmiLbAJM+7vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2 qReWt88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcnHL/EVlP6 Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVxSK236thZiNSQvxaz2ems WWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY= -----END CERTIFICATE----- E-Tugra Certification Authority =============================== -----BEGIN CERTIFICATE----- MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNVBAYTAlRSMQ8w DQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamls ZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMw NTEyMDk0OFoXDTIzMDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmEx QDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxl cmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQD DB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8A MIICCgKCAgEA4vU/kwVRHoViVF56C/UYB4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vd hQd2h8y/L5VMzH2nPbxHD5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5K CKpbknSFQ9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEoq1+g ElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3Dk14opz8n8Y4e0ypQ BaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcHfC425lAcP9tDJMW/hkd5s3kc91r0 E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsutdEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gz rt48Ue7LE3wBf4QOXVGUnhMMti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAq jqFGOjGY5RH8zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUXU8u3Zg5mTPj5 dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6Jyr+zE7S6E5UMA8GA1UdEwEB /wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEG MA0GCSqGSIb3DQEBCwUAA4ICAQAFNzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAK kEh47U6YA5n+KGCRHTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jO XKqYGwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c77NCR807 VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3+GbHeJAAFS6LrVE1Uweo a2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WKvJUawSg5TB9D0pH0clmKuVb8P7Sd2nCc dlqMQ1DujjByTd//SffGqWfZbawCEeI6FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEV KV0jq9BgoRJP3vQXzTLlyb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gT Dx4JnW2PAJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpDy4Q0 8ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8dNL/+I5c30jn6PQ0G C7TbO6Orb1wdtn7os4I07QZcJA== -----END CERTIFICATE----- T-TeleSec GlobalRoot Class 2 ============================ -----BEGIN CERTIFICATE----- MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoM IlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBU cnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgx MDAxMTA0MDE0WhcNMzMxMDAxMjM1OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lz dGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBD ZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUdAqSzm1nzHoqvNK38DcLZ SBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiCFoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/F vudocP05l03Sx5iRUKrERLMjfTlH6VJi1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx970 2cu+fjOlbpSD8DT6IavqjnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGV WOHAD3bZwI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGjQjBA MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/WSA2AHmgoCJrjNXy YdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhyNsZt+U2e+iKo4YFWz827n+qrkRk4 r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPACuvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNf vNoBYimipidx5joifsFvHZVwIEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR 3p1m0IvVVGb6g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN 9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlPBSeOE6Fuwg== -----END CERTIFICATE----- Atos TrustedRoot 2011 ===================== -----BEGIN CERTIFICATE----- MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UEAwwVQXRvcyBU cnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQGEwJERTAeFw0xMTA3MDcxNDU4 MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMMFUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsG A1UECgwEQXRvczELMAkGA1UEBhMCREUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV hTuXbyo7LjvPpvMpNb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr 54rMVD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+SZFhyBH+ DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ4J7sVaE3IqKHBAUsR320 HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0Lcp2AMBYHlT8oDv3FdU9T1nSatCQujgKR z3bFmx5VdJx4IbHwLfELn8LVlhgf8FQieowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7R l+lwrrw7GWzbITAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZ bNshMBgGA1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB CwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8jvZfza1zv7v1Apt+h k6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kPDpFrdRbhIfzYJsdHt6bPWHJxfrrh TZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pcmaHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a9 61qn8FYiqTxlVMYVqL2Gns2Dlmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G 3mB/ufNPRJLvKrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed -----END CERTIFICATE----- QuoVadis Root CA 1 G3 ===================== -----BEGIN CERTIFICATE----- MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQELBQAwSDELMAkG A1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJv b3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJN MRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEg RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakE PBtVwedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWerNrwU8lm PNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF34168Xfuw6cwI2H44g4hWf6 Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh4Pw5qlPafX7PGglTvF0FBM+hSo+LdoIN ofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXpUhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/l g6AnhF4EwfWQvTA9xO+oabw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV 7qJZjqlc3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/GKubX 9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSthfbZxbGL0eUQMk1f iyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KOTk0k+17kBL5yG6YnLUlamXrXXAkg t3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOtzCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTAD AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZI hvcNAQELBQADggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2cDMT/uFPpiN3 GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUNqXsCHKnQO18LwIE6PWThv6ct Tr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP +V04ikkwj+3x6xn0dxoxGE1nVGwvb2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh 3jRJjehZrJ3ydlo28hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fa wx/kNSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNjZgKAvQU6 O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhpq1467HxpvMc7hU6eFbm0 FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFtnh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOV hMJKzRwuJIczYOXD -----END CERTIFICATE----- QuoVadis Root CA 2 G3 ===================== -----BEGIN CERTIFICATE----- MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQELBQAwSDELMAkG A1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJv b3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJN MRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIg RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFh ZiFfqq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMWn4rjyduY NM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ymc5GQYaYDFCDy54ejiK2t oIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+O7q414AB+6XrW7PFXmAqMaCvN+ggOp+o MiwMzAkd056OXbxMmO7FGmh77FOm6RQ1o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+l V0POKa2Mq1W/xPtbAd0jIaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZo L1NesNKqIcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz8eQQ sSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43ehvNURG3YBZwjgQQvD 6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l7ZizlWNof/k19N+IxWA1ksB8aRxh lRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALGcC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTAD AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZI hvcNAQELBQADggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RCroijQ1h5fq7K pVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0GaW/ZZGYjeVYg3UQt4XAoeo0L9 x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4nlv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgz dWqTHBLmYF5vHX/JHyPLhGGfHoJE+V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6X U/IyAgkwo1jwDQHVcsaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+Nw mNtddbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNgKCLjsZWD zYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeMHVOyToV7BjjHLPj4sHKN JeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4WSr2Rz0ZiC3oheGe7IUIarFsNMkd7Egr O3jtZsSOeWmD3n+M -----END CERTIFICATE----- QuoVadis Root CA 3 G3 ===================== -----BEGIN CERTIFICATE----- MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQELBQAwSDELMAkG A1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJv b3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJN MRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMg RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286 IxSR/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNuFoM7pmRL Mon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXRU7Ox7sWTaYI+FrUoRqHe 6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+cra1AdHkrAj80//ogaX3T7mH1urPnMNA3 I4ZyYUUpSFlob3emLoG+B01vr87ERRORFHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3U VDmrJqMz6nWB2i3ND0/kA9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f7 5li59wzweyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634RylsSqi Md5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBpVzgeAVuNVejH38DM dyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0QA4XN8f+MFrXBsj6IbGB/kE+V9/Yt rQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTAD AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZI hvcNAQELBQADggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnIFUBhynLWcKzS t/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5WvvoxXqA/4Ti2Tk08HS6IT7SdEQ TXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFgu/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9Du DcpmvJRPpq3t/O5jrFc/ZSXPsoaP0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGib Ih6BJpsQBJFxwAYf3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmD hPbl8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+DhcI00iX 0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HNPlopNLk9hM6xZdRZkZFW dSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ywaZWWDYWGWVjUTR939+J399roD1B0y2 PpxxVJkES/1Y+Zj0 -----END CERTIFICATE----- DigiCert Assured ID Root G2 =========================== -----BEGIN CERTIFICATE----- MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQG EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQw IgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgw MTE1MTIwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQL ExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSAn61UQbVH 35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4HteccbiJVMWWXvdMX0h5i89vq bFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9HpEgjAALAcKxHad3A2m67OeYfcgnDmCXRw VWmvo2ifv922ebPynXApVfSr/5Vh88lAbx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OP YLfykqGxvYmJHzDNw6YuYjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+Rn lTGNAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTO w0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPIQW5pJ6d1Ee88hjZv 0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I0jJmwYrA8y8678Dj1JGG0VDjA9tz d29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4GnilmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAW hsI6yLETcDbYz+70CjTVW0z9B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0M jomZmWzwPDCvON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo IhNzbM8m9Yop5w== -----END CERTIFICATE----- DigiCert Assured ID Root G3 =========================== -----BEGIN CERTIFICATE----- MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQswCQYDVQQGEwJV UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQwIgYD VQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1 MTIwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQ BgcqhkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJfZn4f5dwb RXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17QRSAPWXYQ1qAk8C3eNvJs KTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgF UaFNN6KDec6NHSrkhDAKBggqhkjOPQQDAwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5Fy YZ5eEJJZVrmDxxDnOOlYJjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy 1vUhZscv6pZjamVFkpUBtA== -----END CERTIFICATE----- DigiCert Global Root G2 ======================= -----BEGIN CERTIFICATE----- MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQG EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAw HgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUx MjAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3 dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI2/Ou8jqJ kTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx1x7e/dfgy5SDN67sH0NO 3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQq2EGnI/yuum06ZIya7XzV+hdG82MHauV BJVJ8zUtluNJbd134/tJS7SsVQepj5WztCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyM UNGPHgm+F6HmIcr9g+UQvIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQAB o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV5uNu 5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY1Yl9PMWLSn/pvtsr F9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4NeF22d+mQrvHRAiGfzZ0JFrabA0U WTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NGFdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBH QRFXGU7Aj64GxJUTFy8bJZ918rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/ iyK5S9kJRaTepLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl MrY= -----END CERTIFICATE----- DigiCert Global Root G3 ======================= -----BEGIN CERTIFICATE----- MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQswCQYDVQQGEwJV UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYD VQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAw MDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5k aWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0C AQYFK4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FGfp4tn+6O YwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPOZ9wj/wMco+I+o0IwQDAP BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNp Yim8S8YwCgYIKoZIzj0EAwMDaAAwZQIxAK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y 3maTD/HMsQmP3Wyr+mt/oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34 VOKa5Vt8sycX -----END CERTIFICATE----- DigiCert Trusted Root G4 ======================== -----BEGIN CERTIFICATE----- MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBiMQswCQYDVQQG EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSEw HwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1 MTIwMDAwWjBiMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3yithZwuEp pz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1Ifxp4VpX6+n6lXFllVcq9o k3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDVySAdYyktzuxeTsiT+CFhmzTrBcZe7Fsa vOvJz82sNEBfsXpm7nfISKhmV1efVFiODCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGY QJB5w3jHtrHEtWoYOAMQjdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6 MUSaM0C/CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCiEhtm mnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADMfRyVw4/3IbKyEbe7 f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QYuKZ3AeEPlAwhHbJUKSWJbOUOUlFH dL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXKchYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8 oR7FwI+isX4KJpn15GkvmB0t9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud DwEB/wQEAwIBhjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2SV1EY+CtnJYY ZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd+SeuMIW59mdNOj6PWTkiU0Tr yF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWcfFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy 7zBZLq7gcfJW5GqXb5JQbZaNaHqasjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iah ixTXTBmyUEFxPT9NcCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN 5r5N0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie4u1Ki7wb /UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mIr/OSmbaz5mEP0oUA51Aa 5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tK G48BtieVU+i2iW1bvGjUI+iLUaJW+fCmgKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP 82Z+ -----END CERTIFICATE----- WoSign ====== -----BEGIN CERTIFICATE----- MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQG EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNVBAMTIUNlcnRpZmljYXRpb24g QXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJ BgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNh dGlvbiBBdXRob3JpdHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA vcqNrLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1UfcIiePyO CbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcSccf+Hb0v1naMQFXQoOXXDX 2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2ZjC1vt7tj/id07sBMOby8w7gLJKA84X5 KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4Mx1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR +ScPewavVIMYe+HdVHpRaG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ez EC8wQjchzDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDaruHqk lWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221KmYo0SLwX3OSACCK2 8jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvASh0JWzko/amrzgD5LkhLJuYwTKVY yrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWvHYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0C AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R 8bNLtwYgFP6HEtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1 LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJMuYhOZO9sxXq T2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2eJXLOC62qx1ViC777Y7NhRCOj y+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VNg64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC 2nz4SNAzqfkHx5Xh9T71XXG68pWpdIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes 5cVAWubXbHssw1abR80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/ EaEQPkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGcexGATVdVh mVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+J7x6v+Db9NpSvd4MVHAx kUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMlOtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGi kpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWTee5Ehr7XHuQe+w== -----END CERTIFICATE----- WoSign China ============ -----BEGIN CERTIFICATE----- MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBGMQswCQYDVQQG EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMMEkNBIOayg+mAmuagueiv geS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgwMTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYD VQQKExFXb1NpZ24gQ0EgTGltaXRlZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjAN BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k 8H/rD195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld19AXbbQs5 uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExfv5RxadmWPgxDT74wwJ85 dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnkUkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5 Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+LNVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFy b7Ao65vh4YOhn0pdr8yb+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc 76DbT52VqyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6KyX2m +Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0GAbQOXDBGVWCvOGU6 yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaKJ/kR8slC/k7e3x9cxKSGhxYzoacX GKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwECAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1Ud EwEB/wQFMAMBAf8wHQYDVR0OBBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUA A4ICAQBqinA4WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6 yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj/feTZU7n85iY r83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6jBAyvd0zaziGfjk9DgNyp115 j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0A kLppRQjbbpCBhqcqBT/mhDn4t/lXX0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97 qA4bLJyuQHCH2u2nFoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Y jj4Du9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10lO1Hm13ZB ONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Leie2uPAmvylezkolwQOQv T8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR12KvxAmLBsX5VYc8T1yaw15zLKYs4SgsO kI26oQ== -----END CERTIFICATE----- COMODO RSA Certification Authority ================================== -----BEGIN CERTIFICATE----- MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCBhTELMAkGA1UE BhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgG A1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlv biBBdXRob3JpdHkwHhcNMTAwMTE5MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMC R0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UE ChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBB dXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR6FSS0gpWsawNJN3Fz0Rn dJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8Xpz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZ FGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+ 5eNu/Nio5JIk2kNrYrhV/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pG x8cgoLEfZd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z+pUX 2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7wqP/0uK3pN/u6uPQL OvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZahSL0896+1DSJMwBGB7FY79tOi4lu3 sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVICu9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+C GCe01a60y1Dma/RMhnEw6abfFobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5 WdYgGq/yapiqcrxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w DQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvlwFTPoCWOAvn9sKIN9SCYPBMt rFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+ nq6PK7o9mfjYcwlYRm6mnPTXJ9OV2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSg tZx8jb8uk2IntznaFxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwW sRqZCuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiKboHGhfKp pC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmckejkk9u+UJueBPSZI9FoJA zMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yLS0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHq ZJx64SIDqZxubw5lT2yHh17zbqD5daWbQOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk52 7RH89elWsn2/x20Kk4yl0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7I LaZRfyHBNVOFBkpdn627G190 -----END CERTIFICATE----- USERTrust RSA Certification Authority ===================================== -----BEGIN CERTIFICATE----- MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCBiDELMAkGA1UE BhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQK ExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNh dGlvbiBBdXRob3JpdHkwHhcNMTAwMjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UE BhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQK ExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNh dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCAEmUXNg7D2wiz 0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2j Y0K2dvKpOyuR+OJv0OwWIJAJPuLodMkYtJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFn RghRy4YUVD+8M/5+bJz/Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O +T23LLb2VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT79uq /nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6c0Plfg6lZrEpfDKE Y1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmTYo61Zs8liM2EuLE/pDkP2QKe6xJM lXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97lc6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8 yexDJtC/QV9AqURE9JnnV4eeUB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+ eLf8ZxXhyVeEHg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF MAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPFUp/L+M+ZBn8b2kMVn54CVVeW FPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KOVWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ 7l8wXEskEVX/JJpuXior7gtNn3/3ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQ Eg9zKC7F4iRO/Fjs8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM 8WcRiQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYzeSf7dNXGi FSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZXHlKYC6SQK5MNyosycdi yA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9c J2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRBVXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGw sAvgnEzDHNb842m1R0aBL6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gx Q+6IHdfGjjxDah2nGN59PRbxYvnKkKj9 -----END CERTIFICATE----- USERTrust ECC Certification Authority ===================================== -----BEGIN CERTIFICATE----- MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDELMAkGA1UEBhMC VVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlv biBBdXRob3JpdHkwHhcNMTAwMjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMC VVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlv biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqfloI+d61SRvU8Za2EurxtW2 0eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinngo4N+LZfQYcTxmdwlkWOrfzCjtHDix6Ez nPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0GA1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNV HQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBB HU6+4WMBzzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbWRNZu 9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= -----END CERTIFICATE----- GlobalSign ECC Root CA - R4 =========================== -----BEGIN CERTIFICATE----- MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEkMCIGA1UECxMb R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD EwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoXDTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMb R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD EwpHbG9iYWxTaWduMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprl OQcJFspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAwDgYDVR0P AQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61FuOJAf/sKbvu+M8k8o4TV MAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGXkPoUVy0D7O48027KqGx2vKLeuwIgJ6iF JzWbVsaj8kfSt24bAgAXqmemFZHe+pTsewv4n4Q= -----END CERTIFICATE----- GlobalSign ECC Root CA - R5 =========================== -----BEGIN CERTIFICATE----- MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEkMCIGA1UECxMb R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD EwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoXDTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMb R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD EwpHbG9iYWxTaWduMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6 SFkc8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8kehOvRnkmS h5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAd BgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYIKoZIzj0EAwMDaAAwZQIxAOVpEslu28Yx uglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7 yFz9SO8NdCKoCOJuxUnOxwy8p2Fp8fc74SrL+SvzZpA3 -----END CERTIFICATE----- Staat der Nederlanden Root CA - G3 ================================== -----BEGIN CERTIFICATE----- MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJOTDEeMBwGA1UE CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFhdCBkZXIgTmVkZXJsYW5kZW4g Um9vdCBDQSAtIEczMB4XDTEzMTExNDExMjg0MloXDTI4MTExMzIzMDAwMFowWjELMAkGA1UEBhMC TkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5l ZGVybGFuZGVuIFJvb3QgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL4y olQPcPssXFnrbMSkUeiFKrPMSjTysF/zDsccPVMeiAho2G89rcKezIJnByeHaHE6n3WWIkYFsO2t x1ueKt6c/DrGlaf1F2cY5y9JCAxcz+bMNO14+1Cx3Gsy8KL+tjzk7FqXxz8ecAgwoNzFs21v0IJy EavSgWhZghe3eJJg+szeP4TrjTgzkApyI/o1zCZxMdFyKJLZWyNtZrVtB0LrpjPOktvA9mxjeM3K Tj215VKb8b475lRgsGYeCasH/lSJEULR9yS6YHgamPfJEf0WwTUaVHXvQ9Plrk7O53vDxk5hUUur mkVLoR9BvUhTFXFkC4az5S6+zqQbwSmEorXLCCN2QyIkHxcE1G6cxvx/K2Ya7Irl1s9N9WMJtxU5 1nus6+N86U78dULI7ViVDAZCopz35HCz33JvWjdAidiFpNfxC95DGdRKWCyMijmev4SH8RY7Ngzp 07TKbBlBUgmhHbBqv4LvcFEhMtwFdozL92TkA1CvjJFnq8Xy7ljY3r735zHPbMk7ccHViLVlvMDo FxcHErVc0qsgk7TmgoNwNsXNo42ti+yjwUOH5kPiNL6VizXtBznaqB16nzaeErAMZRKQFWDZJkBE 41ZgpRDUajz9QdwOWke275dhdU/Z/seyHdTtXUmzqWrLZoQT1Vyg3N9udwbRcXXIV2+vD3dbAgMB AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRUrfrHkleu yjWcLhL75LpdINyUVzANBgkqhkiG9w0BAQsFAAOCAgEAMJmdBTLIXg47mAE6iqTnB/d6+Oea31BD U5cqPco8R5gu4RV78ZLzYdqQJRZlwJ9UXQ4DO1t3ApyEtg2YXzTdO2PCwyiBwpwpLiniyMMB8jPq KqrMCQj3ZWfGzd/TtiunvczRDnBfuCPRy5FOCvTIeuXZYzbB1N/8Ipf3YF3qKS9Ysr1YvY2WTxB1 v0h7PVGHoTx0IsL8B3+A3MSs/mrBcDCw6Y5p4ixpgZQJut3+TcCDjJRYwEYgr5wfAvg1VUkvRtTA 8KCWAg8zxXHzniN9lLf9OtMJgwYh/WA9rjLA0u6NpvDntIJ8CsxwyXmA+P5M9zWEGYox+wrZ13+b 8KKaa8MFSu1BYBQw0aoRQm7TIwIEC8Zl3d1Sd9qBa7Ko+gE4uZbqKmxnl4mUnrzhVNXkanjvSr0r mj1AfsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq4BZ+Extq 1z7XnvwtdbLBFNUjA9tbbws+eC8N3jONFrdI54OagQ97wUNNVQQXOEpR1VmiiXTTn74eS9fGbbeI JG9gkaSChVtWQbzQRKtqE77RLFi3EjNYsjdj3BP1lB0/QFH1T/U67cjF68IeHRaVesd+QnGTbksV tzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM94B7IWcnMFk= -----END CERTIFICATE----- Staat der Nederlanden EV Root CA ================================ -----BEGIN CERTIFICATE----- MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJOTDEeMBwGA1UE CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFhdCBkZXIgTmVkZXJsYW5kZW4g RVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0yMjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5M MR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRl cmxhbmRlbiBFViBSb290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkk SzrSM4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nCUiY4iKTW O0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3dZ//BYY1jTw+bbRcwJu+r 0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46prfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8 Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13lpJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gV XJrm0w912fxBmJc+qiXbj5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr 08C+eKxCKFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS/ZbV 0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0XcgOPvZuM5l5Tnrmd 74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH1vI4gnPah1vlPNOePqc7nvQDs/nx fRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrPpx9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNC MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwa ivsnuL8wbqg7MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u2dfOWBfoqSmu c0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHSv4ilf0X8rLiltTMMgsT7B/Zq 5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTCwPTxGfARKbalGAKb12NMcIxHowNDXLldRqAN b/9Zjr7dn3LDWyvfjFvO5QxGbJKyCqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tN f1zuacpzEPuKqf2evTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi 5Dp6Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIaGl6I6lD4 WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeLeG9QgkRQP2YGiqtDhFZK DyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGy eUN51q1veieQA6TqJIc/2b3Z6fJfUEkc7uzXLg== -----END CERTIFICATE----- IdenTrust Commercial Root CA 1 ============================== -----BEGIN CERTIFICATE----- MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBKMQswCQYDVQQG EwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBS b290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQwMTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzES MBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENB IDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ld hNlT3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU+ehcCuz/ mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gpS0l4PJNgiCL8mdo2yMKi 1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1bVoE/c40yiTcdCMbXTMTEl3EASX2MN0C XZ/g1Ue9tOsbobtJSdifWwLziuQkkORiT0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl 3ZBWzvurpWCdxJ35UrCLvYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzy NeVJSQjKVsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZKdHzV WYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHTc+XvvqDtMwt0viAg xGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hvl7yTmvmcEpB4eoCHFddydJxVdHix uuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5NiGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMC AQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZI hvcNAQELBQADggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH 6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwtLRvM7Kqas6pg ghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93nAbowacYXVKV7cndJZ5t+qnt ozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3+wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmV YjzlVYA211QC//G5Xc7UI2/YRYRKW2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUX feu+h1sXIFRRk0pTAwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/ro kTLql1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG4iZZRHUe 2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZmUlO+KWA2yUPHGNiiskz Z2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7R cGzM7vRX+Bi6hG6H -----END CERTIFICATE----- IdenTrust Public Sector Root CA 1 ================================= -----BEGIN CERTIFICATE----- MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQG EwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3Rv ciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcNMzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJV UzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBS b290IENBIDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTy P4o7ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGyRBb06tD6 Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlSbdsHyo+1W/CD80/HLaXI rcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF/YTLNiCBWS2ab21ISGHKTN9T0a9SvESf qy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoS mJxZZoY+rfGwyj4GD3vwEUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFn ol57plzy9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9VGxyh LrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ2fjXctscvG29ZV/v iDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsVWaFHVCkugyhfHMKiq3IXAAaOReyL 4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gDW/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8B Af8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMw DQYJKoZIhvcNAQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHVDRDtfULAj+7A mgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9TaDKQGXSc3z1i9kKlT/YPyNt GtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8GlwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFt m6/n6J91eEyrRjuazr8FGF1NFTwWmhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMx NRF4eKLg6TCMf4DfWN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4 Mhn5+bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJtshquDDI ajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhAGaQdp/lLQzfcaFpPz+vC ZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ 3Wl9af0AVqW3rLatt8o+Ae+c -----END CERTIFICATE----- Entrust Root Certification Authority - G2 ========================================= -----BEGIN CERTIFICATE----- MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMCVVMxFjAUBgNV BAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVy bXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ug b25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIw HhcNMDkwNzA3MTcyNTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoT DUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMx OTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25s eTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP /vaCeb9zYQYKpSfYs1/TRU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXz HHfV1IWNcCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hWwcKU s/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1U1+cPvQXLOZprE4y TGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0jaWvYkxN4FisZDQSA/i2jZRjJKRx AgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ6 0B7vfec7aVHUbI2fkBJmqzANBgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5Z iXMRrEPR9RP/jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v1fN2D807iDgi nWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4RnAuknZoh8/CbCzB428Hch0P+ vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmHVHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xO e4pIb4tF9g== -----END CERTIFICATE----- Entrust Root Certification Authority - EC1 ========================================== -----BEGIN CERTIFICATE----- MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkGA1UEBhMCVVMx FjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVn YWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXpl ZCB1c2Ugb25seTEzMDEGA1UEAxMqRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 IC0gRUMxMB4XDTEyMTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYw FAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2Fs LXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQg dXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt IEVDMTB2MBAGByqGSM49AgEGBSuBBAAiA2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHy AsWfoPZb1YsGGYZPUxBtByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef 9eNi1KlHBz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE FLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVCR98crlOZF7ZvHH3h vxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nXhTcGtXsI/esni0qU+eH6p44mCOh8 kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G -----END CERTIFICATE----- CFCA EV ROOT ============ -----BEGIN CERTIFICATE----- MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJDTjEwMC4GA1UE CgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNB IEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkxMjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEw MC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQD DAxDRkNBIEVWIFJPT1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnV BU03sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpLTIpTUnrD 7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5/ZOkVIBMUtRSqy5J35DN uF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp7hZZLDRJGqgG16iI0gNyejLi6mhNbiyW ZXvKWfry4t3uMCz7zEasxGPrb382KzRzEpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7 xzbh72fROdOXW3NiGUgthxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9f py25IGvPa931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqotaK8K gWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNgTnYGmE69g60dWIol hdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfVPKPtl8MeNPo4+QgO48BdK4PRVmrJ tqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hvcWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAf BgNVHSMEGDAWgBTj/i39KNALtbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB /wQEAwIBBjAdBgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObTej/tUxPQ4i9q ecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdLjOztUmCypAbqTuv0axn96/Ua 4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBSESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sG E5uPhnEFtC+NiWYzKXZUmhH4J/qyP5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfX BDrDMlI1Dlb4pd19xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjn aH9dCi77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN5mydLIhy PDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe/v5WOaHIz16eGWRGENoX kbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+ZAAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3C ekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su -----END CERTIFICATE----- TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5 ==================================================== -----BEGIN CERTIFICATE----- MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UEBhMCVFIxDzAN BgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxnaSDEsGxldGnFn2ltIHZlIEJp bGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7Fni4xQjBABgNVBAMMOVTDnFJLVFJVU1Qg RWxla3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINTAeFw0xMzA0MzAw ODA3MDFaFw0yMzA0MjgwODA3MDFaMIGxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0w SwYDVQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnE n2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBFbGVrdHJvbmlrIFNlcnRp ZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEApCUZ4WWe60ghUEoI5RHwWrom/4NZzkQqL/7hzmAD/I0Dpe3/a6i6zDQGn1k19uwsu537 jVJp45wnEFPzpALFp/kRGml1bsMdi9GYjZOHp3GXDSHHmflS0yxjXVW86B8BSLlg/kJK9siArs1m ep5Fimh34khon6La8eHBEJ/rPCmBp+EyCNSgBbGM+42WAA4+Jd9ThiI7/PS98wl+d+yG6w8z5UNP 9FR1bSmZLmZaQ9/LXMrI5Tjxfjs1nQ/0xVqhzPMggCTTV+wVunUlm+hkS7M0hO8EuPbJbKoCPrZV 4jI3X/xml1/N1p7HIL9Nxqw/dV8c7TKcfGkAaZHjIxhT6QIDAQABo0IwQDAdBgNVHQ4EFgQUVpkH HtOsDGlktAxQR95DLL4gwPswDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI hvcNAQELBQADggEBAJ5FdnsXSDLyOIspve6WSk6BGLFRRyDN0GSxDsnZAdkJzsiZ3GglE9Rc8qPo BP5yCccLqh0lVX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nfpeYVhDfwwvJl lpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CFYv4HAqGEVka+lgqaE9chTLd8 B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW+qtB4Uu2NQvAmxU= -----END CERTIFICATE----- TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6 ==================================================== -----BEGIN CERTIFICATE----- MIIEJjCCAw6gAwIBAgIGfaHyZeyKMA0GCSqGSIb3DQEBCwUAMIGxMQswCQYDVQQGEwJUUjEPMA0G A1UEBwwGQW5rYXJhMU0wSwYDVQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmls acWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBF bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg2MB4XDTEzMTIxODA5 MDQxMFoXDTIzMTIxNjA5MDQxMFowgbExCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExTTBL BgNVBAoMRFTDnFJLVFJVU1QgQmlsZ2kgxLBsZXRpxZ9pbSB2ZSBCaWxpxZ9pbSBHw7x2ZW5sacSf aSBIaXptZXRsZXJpIEEuxZ4uMUIwQAYDVQQDDDlUw5xSS1RSVVNUIEVsZWt0cm9uaWsgU2VydGlm aWthIEhpem1ldCBTYcSfbGF5xLFjxLFzxLEgSDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCdsGjW6L0UlqMACprx9MfMkU1xeHe59yEmFXNRFpQJRwXiM/VomjX/3EsvMsew7eKC5W/a 2uqsxgbPJQ1BgfbBOCK9+bGlprMBvD9QFyv26WZV1DOzXPhDIHiTVRZwGTLmiddk671IUP320EED wnS3/faAz1vFq6TWlRKb55cTMgPp1KtDWxbtMyJkKbbSk60vbNg9tvYdDjTu0n2pVQ8g9P0pu5Fb HH3GQjhtQiht1AH7zYiXSX6484P4tZgvsycLSF5W506jM7NE1qXyGJTtHB6plVxiSvgNZ1GpryHV +DKdeboaX+UEVU0TRv/yz3THGmNtwx8XEsMeED5gCLMxAgMBAAGjQjBAMB0GA1UdDgQWBBTdVRcT 9qzoSCHK77Wv0QAy7Z6MtTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG 9w0BAQsFAAOCAQEAb1gNl0OqFlQ+v6nfkkU/hQu7VtMMUszIv3ZnXuaqs6fvuay0EBQNdH49ba3R fdCaqaXKGDsCQC4qnFAUi/5XfldcEQlLNkVS9z2sFP1E34uXI9TDwe7UU5X+LEr+DXCqu4svLcsy o4LyVN/Y8t3XSHLuSqMplsNEzm61kod2pLv0kmzOLBQJZo6NrRa1xxsJYTvjIKIDgI6tflEATseW hvtDmHd9KMeP2Cpu54Rvl0EpABZeTeIT6lnAY2c6RPuY/ATTMHKm9ocJV612ph1jmv3XZch4gyt1 O6VbuA1df74jrlZVlFjvH4GMKrLN5ptjnhi85WsGtAuYSyher4hYyw== -----END CERTIFICATE----- Certinomis - Root CA ==================== -----BEGIN CERTIFICATE----- MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjETMBEGA1UEChMK Q2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAbBgNVBAMTFENlcnRpbm9taXMg LSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMzMTAyMTA5MTcxOFowWjELMAkGA1UEBhMCRlIx EzARBgNVBAoTCkNlcnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRD ZXJ0aW5vbWlzIC0gUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANTMCQos P5L2fxSeC5yaah1AMGT9qt8OHgZbn1CF6s2Nq0Nn3rD6foCWnoR4kkjW4znuzuRZWJflLieY6pOo d5tK8O90gC3rMB+12ceAnGInkYjwSond3IjmFPnVAy//ldu9n+ws+hQVWZUKxkd8aRi5pwP5ynap z8dvtF4F/u7BUrJ1Mofs7SlmO/NKFoL21prbcpjp3vDFTKWrteoB4owuZH9kb/2jJZOLyKIOSY00 8B/sWEUuNKqEUL3nskoTuLAPrjhdsKkb5nPJWqHZZkCqqU2mNAKthH6yI8H7KsZn9DS2sJVqM09x RLWtwHkziOC/7aOgFLScCbAK42C++PhmiM1b8XcF4LVzbsF9Ri6OSyemzTUK/eVNfaoqoynHWmgE 6OXWk6RiwsXm9E/G+Z8ajYJJGYrKWUM66A0ywfRMEwNvbqY/kXPLynNvEiCL7sCCeN5LLsJJwx3t FvYk9CcbXFcx3FXuqB5vbKziRcxXV4p1VxngtViZSTYxPDMBbRZKzbgqg4SGm/lg0h9tkQPTYKbV PZrdd5A9NaSfD171UkRpucC63M9933zZxKyGIjK8e2uR73r4F2iw4lNVYC2vPsKD2NkJK/DAZNuH i5HMkesE/Xa0lZrmFAYb1TQdvtj/dBxThZngWVJKYe2InmtJiUZ+IFrZ50rlau7SZRFDAgMBAAGj YzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTvkUz1pcMw6C8I 6tNxIqSSaHh02TAfBgNVHSMEGDAWgBTvkUz1pcMw6C8I6tNxIqSSaHh02TANBgkqhkiG9w0BAQsF AAOCAgEAfj1U2iJdGlg+O1QnurrMyOMaauo++RLrVl89UM7g6kgmJs95Vn6RHJk/0KGRHCwPT5iV WVO90CLYiF2cN/z7ZMF4jIuaYAnq1fohX9B0ZedQxb8uuQsLrbWwF6YSjNRieOpWauwK0kDDPAUw Pk2Ut59KA9N9J0u2/kTO+hkzGm2kQtHdzMjI1xZSg081lLMSVX3l4kLr5JyTCcBMWwerx20RoFAX lCOotQqSD7J6wWAsOMwaplv/8gzjqh8c3LigkyfeY+N/IZ865Z764BNqdeuWXGKRlI5nU7aJ+BIJ y29SWwNyhlCVCNSNh4YVH5Uk2KRvms6knZtt0rJ2BobGVgjF6wnaNsIbW0G+YSrjcOa4pvi2WsS9 Iff/ql+hbHY5ZtbqTFXhADObE5hjyW/QASAJN1LnDE8+zbz1X5YnpyACleAu6AdBBR8Vbtaw5Bng DwKTACdyxYvRVB9dSsNAl35VpnzBMwQUAR1JIGkLGZOdblgi90AMRgwjY/M50n92Uaf0yKHxDHYi I0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nM cyrDflOR1m749fPH0FFNjkulW+YZFzvWgQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVr hkIGuUE= -----END CERTIFICATE----- OISTE WISeKey Global Root GB CA =============================== -----BEGIN CERTIFICATE----- MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBtMQswCQYDVQQG EwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNl ZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAw MzJaFw0zOTEyMDExNTEwMzFaMG0xCzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYD VQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEds b2JhbCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3HEokKtaX scriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGxWuR51jIjK+FTzJlFXHtP rby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk 9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNku7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4o Qnc/nSMbsrY9gBQHTC5P99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvg GUpuuy9rM2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB /zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZI hvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrghcViXfa43FK8+5/ea4n32cZiZBKpD dHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0 VQreUGdNZtGn//3ZwLWoo4rOZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEui HZeeevJuQHHfaPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM= -----END CERTIFICATE----- Certification Authority of WoSign G2 ==================================== -----BEGIN CERTIFICATE----- MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQG EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNVBAMTJENlcnRpZmljYXRpb24g QXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgx CzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlm aWNhdGlvbiBBdXRob3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPXJYY1kBai XW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgOgHzKtB0TiGsOqCR3A9Du W/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg9 5k4ot+vElbGs/V6r+kHLXZ1L3PR8du9nfwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BK v0mUYQs4kI9dJGwlezt52eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMC AQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJKoZI hvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8fHulwqZm46qwtyeY P0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G3CE4Q3RM+zD4F3LBMvzIkRfEzFg3 TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yySrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu +sif/a+RZQp4OBXllxcU3fngLDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+ 7Q9LGOHSJDy7XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg= -----END CERTIFICATE----- CA WoSign ECC Root ================== -----BEGIN CERTIFICATE----- MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQswCQYDVQQGEwJD TjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMTEkNBIFdvU2lnbiBFQ0MgUm9v dDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQK ExFXb1NpZ24gQ0EgTGltaXRlZDEbMBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZI zj0CAQYFK4EEACIDYgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiU t5v8KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES1ns2o0Iw QDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUqv3VWqP2h4syhf3R MluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0 Daupn75OcsqF1NnstTJFGG+rrQIwfcf3aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYu a/GRspBl9JrmkO5K -----END CERTIFICATE----- SZAFIR ROOT CA2 =============== -----BEGIN CERTIFICATE----- MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQELBQAwUTELMAkG A1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6ZW5pb3dhIFMuQS4xGDAWBgNV BAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkwNzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJ BgNVBAYTAlBMMSgwJgYDVQQKDB9LcmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYD VQQDDA9TWkFGSVIgUk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5Q qEvNQLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT3PSQ1hNK DJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw3gAeqDRHu5rr/gsUvTaE 2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr63fE9biCloBK0TXC5ztdyO4mTp4CEHCdJ ckm1/zuVnsHMyAHs6A6KCpbns6aH5db5BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwi ieDhZNRnvDF5YTy7ykHNXGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsFAAOC AQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw8PRBEew/R40/cof5 O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOGnXkZ7/e7DDWQw4rtTw/1zBLZpD67 oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCPoky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul 4+vJhaAlIDf7js4MNIThPIGyd05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6 +/NNIxuZMzSgLvWpCz/UXeHPhJ/iGcJfitYgHuNztw== -----END CERTIFICATE----- Certum Trusted Network CA 2 =========================== -----BEGIN CERTIFICATE----- MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCBgDELMAkGA1UE BhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMuQS4xJzAlBgNVBAsTHkNlcnR1 bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIGA1UEAxMbQ2VydHVtIFRydXN0ZWQgTmV0d29y ayBDQSAyMCIYDzIwMTExMDA2MDgzOTU2WhgPMjA0NjEwMDYwODM5NTZaMIGAMQswCQYDVQQGEwJQ TDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENl cnRpZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENB IDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9+Xj45tWADGSdhhuWZGc/IjoedQF9 7/tcZ4zJzFxrqZHmuULlIEub2pt7uZld2ZuAS9eEQCsn0+i6MLs+CRqnSZXvK0AkwpfHp+6bJe+o CgCXhVqqndwpyeI1B+twTUrWwbNWuKFBOJvR+zF/j+Bf4bE/D44WSWDXBo0Y+aomEKsq09DRZ40b Rr5HMNUuctHFY9rnY3lEfktjJImGLjQ/KUxSiyqnwOKRKIm5wFv5HdnnJ63/mgKXwcZQkpsCLL2p uTRZCr+ESv/f/rOf69me4Jgj7KZrdxYq28ytOxykh9xGc14ZYmhFV+SQgkK7QtbwYeDBoz1mo130 GO6IyY0XRSmZMnUCMe4pJshrAua1YkV/NxVaI2iJ1D7eTiew8EAMvE0Xy02isx7QBlrd9pPPV3WZ 9fqGGmd4s7+W/jTcvedSVuWz5XV710GRBdxdaeOVDUO5/IOWOZV7bIBaTxNyxtd9KXpEulKkKtVB Rgkg/iKgtlswjbyJDNXXcPiHUv3a76xRLgezTv7QCdpw75j6VuZt27VXS9zlLCUVyJ4ueE742pye hizKV/Ma5ciSixqClnrDvFASadgOWkaLOusm+iPJtrCBvkIApPjW/jAux9JG9uWOdf3yzLnQh1vM BhBgu4M1t15n3kfsmUjxpKEV/q2MYo45VU85FrmxY53/twIDAQABo0IwQDAPBgNVHRMBAf8EBTAD AQH/MB0GA1UdDgQWBBS2oVQ5AsOgP46KvPrU+Bym0ToO/TAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZI hvcNAQENBQADggIBAHGlDs7k6b8/ONWJWsQCYftMxRQXLYtPU2sQF/xlhMcQSZDe28cmk4gmb3DW Al45oPePq5a1pRNcgRRtDoGCERuKTsZPpd1iHkTfCVn0W3cLN+mLIMb4Ck4uWBzrM9DPhmDJ2vuA L55MYIR4PSFk1vtBHxgP58l1cb29XN40hz5BsA72udY/CROWFC/emh1auVbONTqwX3BNXuMp8SMo clm2q8KMZiYcdywmdjWLKKdpoPk79SPdhRB0yZADVpHnr7pH1BKXESLjokmUbOe3lEu6LaTaM4tM pkT/WjzGHWTYtTHkpjx6qFcL2+1hGsvxznN3Y6SHb0xRONbkX8eftoEq5IVIeVheO/jbAoJnwTnb w3RLPTYe+SmTiGhbqEQZIfCn6IENLOiTNrQ3ssqwGyZ6miUfmpqAnksqP/ujmv5zMnHCnsZy4Ypo J/HkD7TETKVhk/iXEAcqMCWpuchxuO9ozC1+9eB+D4Kob7a6bINDd82Kkhehnlt4Fj1F4jNy3eFm ypnTycUm/Q1oBEauttmbjL4ZvrHG8hnjXALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLX is7VmFxWlgPF7ncGNf/P5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7 zAYspsbiDrW5viSP -----END CERTIFICATE----- Hellenic Academic and Research Institutions RootCA 2015 ======================================================= -----BEGIN CERTIFICATE----- MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1IxDzANBgNVBAcT BkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0 aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl YXJjaCBJbnN0aXR1dGlvbnMgUm9vdENBIDIwMTUwHhcNMTUwNzA3MTAxMTIxWhcNNDAwNjMwMTAx MTIxWjCBpjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMg QWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNV BAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgUm9vdENBIDIw MTUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDC+Kk/G4n8PDwEXT2QNrCROnk8Zlrv bTkBSRq0t89/TSNTt5AA4xMqKKYx8ZEA4yjsriFBzh/a/X0SWwGDD7mwX5nh8hKDgE0GPt+sr+eh iGsxr/CL0BgzuNtFajT0AoAkKAoCFZVedioNmToUW/bLy1O8E00BiDeUJRtCvCLYjqOWXjrZMts+ 6PAQZe104S+nfK8nNLspfZu2zwnI5dMK/IhlZXQK3HMcXM1AsRzUtoSMTFDPaI6oWa7CJ06CojXd FPQf/7J31Ycvqm59JCfnxssm5uX+Zwdj2EUN3TpZZTlYepKZcj2chF6IIbjV9Cz82XBST3i4vTwr i5WY9bPRaM8gFH5MXF/ni+X1NYEZN9cRCLdmvtNKzoNXADrDgfgXy5I2XdGj2HUb4Ysn6npIQf1F GQatJ5lOwXBH3bWfgVMS5bGMSF0xQxfjjMZ6Y5ZLKTBOhE5iGV48zpeQpX8B653g+IuJ3SWYPZK2 fu/Z8VFRfS0myGlZYeCsargqNhEEelC9MoS+L9xy1dcdFkfkR2YgP/SWxa+OAXqlD3pk9Q0Yh9mu iNX6hME6wGkoLfINaFGq46V3xqSQDqE3izEjR8EJCOtu93ib14L8hCCZSRm2Ekax+0VVFqmjZayc Bw/qa9wfLgZy7IaIEuQt218FL+TwA9MmM+eAws1CoRc0CwIDAQABo0IwQDAPBgNVHRMBAf8EBTAD AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUcRVnyMjJvXVdctA4GGqd83EkVAswDQYJKoZI hvcNAQELBQADggIBAHW7bVRLqhBYRjTyYtcWNl0IXtVsyIe9tC5G8jH4fOpCtZMWVdyhDBKg2mF+ D1hYc2Ryx+hFjtyp8iY/xnmMsVMIM4GwVhO+5lFc2JsKT0ucVlMC6U/2DWDqTUJV6HwbISHTGzrM d/K4kPFox/la/vot9L/J9UUbzjgQKjeKeaO04wlshYaT/4mWJ3iBj2fjRnRUjtkNaeJK9E10A/+y d+2VZ5fkscWrv2oj6NSU4kQoYsRL4vDY4ilrGnB+JGGTe08DMiUNRSQrlrRGar9KC/eaj8GsGsVn 82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnhX9izjFk0WaSrT2y7Hxjb davYy5LNlDhhDgcGH0tGEPEVvo2FXDtKK4F5D7Rpn0lQl033DlZdwJVqwjbDG2jJ9SrcR5q+ss7F Jej6A7na+RZukYT1HCjI/CbM1xyQVqdfbzoEvM14iQuODy+jqk+iGxI9FghAD/FGTNeqewjBCvVt J94Cj8rDtSvK6evIIVM4pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGa JI7ZjnHKe7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0vm9q p/UsQu0yrbYhnr68 -----END CERTIFICATE----- Hellenic Academic and Research Institutions ECC RootCA 2015 =========================================================== -----BEGIN CERTIFICATE----- MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0 aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9u cyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJj aCBJbnN0aXR1dGlvbnMgRUNDIFJvb3RDQSAyMDE1MB4XDTE1MDcwNzEwMzcxMloXDTQwMDYzMDEw MzcxMlowgaoxCzAJBgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmlj IEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUQwQgYD VQQDEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIEVDQyBSb290 Q0EgMjAxNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJKgQehLgoRc4vgxEZmGZE4JJS+dQS8KrjVP dJWyUWRrjWvmP3CV8AVER6ZyOFB2lQJajq4onvktTpnvLEhvTCUp6NFxW98dwXU3tNf6e3pCnGoK Vlp8aQuqgAkkbH7BRqNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O BBYEFLQiC4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaeplSTA GiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7SofTUwJCA3sS61kFyjn dc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR -----END CERTIFICATE----- Certplus Root CA G1 =================== -----BEGIN CERTIFICATE----- MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUAMD4xCzAJBgNV BAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMTAe Fw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhD ZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMTCCAiIwDQYJKoZIhvcNAQEBBQAD ggIPADCCAgoCggIBANpQh7bauKk+nWT6VjOaVj0W5QOVsjQcmm1iBdTYj+eJZJ+622SLZOZ5KmHN r49aiZFluVj8tANfkT8tEBXgfs+8/H9DZ6itXjYj2JizTfNDnjl8KvzsiNWI7nC9hRYt6kuJPKNx Qv4c/dMcLRC4hlTqQ7jbxofaqK6AJc96Jh2qkbBIb6613p7Y1/oA/caP0FG7Yn2ksYyy/yARujVj BYZHYEMzkPZHogNPlk2dT8Hq6pyi/jQu3rfKG3akt62f6ajUeD94/vI4CTYd0hYCyOwqaK/1jpTv LRN6HkJKHRUxrgwEV/xhc/MxVoYxgKDEEW4wduOU8F8ExKyHcomYxZ3MVwia9Az8fXoFOvpHgDm2 z4QTd28n6v+WZxcIbekN1iNQMLAVdBM+5S//Ds3EC0pd8NgAM0lm66EYfFkuPSi5YXHLtaW6uOrc 4nBvCGrch2c0798wct3zyT8j/zXhviEpIDCB5BmlIOklynMxdCm+4kLV87ImZsdo/Rmz5yCTmehd 4F6H50boJZwKKSTUzViGUkAksnsPmBIgJPaQbEfIDbsYIC7Z/fyL8inqh3SV4EJQeIQEQWGw9CEj jy3LKCHyamz0GqbFFLQ3ZU+V/YDI+HLlJWvEYLF7bY5KinPOWftwenMGE9nTdDckQQoRb5fc5+R+ ob0V8rqHDz1oihYHAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0G A1UdDgQWBBSowcCbkahDFXxdBie0KlHYlwuBsTAfBgNVHSMEGDAWgBSowcCbkahDFXxdBie0KlHY lwuBsTANBgkqhkiG9w0BAQ0FAAOCAgEAnFZvAX7RvUz1isbwJh/k4DgYzDLDKTudQSk0YcbX8ACh 66Ryj5QXvBMsdbRX7gp8CXrc1cqh0DQT+Hern+X+2B50ioUHj3/MeXrKls3N/U/7/SMNkPX0XtPG YX2eEeAC7gkE2Qfdpoq3DIMku4NQkv5gdRE+2J2winq14J2by5BSS7CTKtQ+FjPlnsZlFT5kOwQ/ 2wyPX1wdaR+v8+khjPPvl/aatxm2hHSco1S1cE5j2FddUyGbQJJD+tZ3VTNPZNX70Cxqjm0lpu+F 6ALEUz65noe8zDUa3qHpimOHZR4RKttjd5cUvpoUmRGywO6wT/gUITJDT5+rosuoD6o7BlXGEilX CNQ314cnrUlZp5GrRHpejXDbl85IULFzk/bwg2D5zfHhMf1bfHEhYxQUqq/F3pN+aLHsIqKqkHWe tUNy6mSjhEv9DKgma3GX7lZjZuhCVPnHHd/Qj1vfyDBviP4NxDMcU6ij/UgQ8uQKTuEVV/xuZDDC VRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5g4VCXA9DO2pJNdWY9BW/ +mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl++O/QmueD6i9a5jc2NvLi6Td11n0bt3+ qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo= -----END CERTIFICATE----- Certplus Root CA G2 =================== -----BEGIN CERTIFICATE----- MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4xCzAJBgNVBAYT AkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMjAeFw0x NDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0 cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMjB2MBAGByqGSM49AgEGBSuBBAAiA2IA BM0PW1aC3/BFGtat93nwHcmsltaeTpwftEIRyoa/bfuFo8XlGVzX7qY/aWfYeOKmycTbLXku54uN Am8xIk0G42ByRZ0OQneezs/lf4WbGOT8zC5y0xaTTsqZY1yhBSpsBqNjMGEwDgYDVR0PAQH/BAQD AgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMB8GA1Ud IwQYMBaAFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMAoGCCqGSM49BAMDA2gAMGUCMHD+sAvZ94OX7PNV HdTcswYO/jOYnYs5kGuUIe22113WTNchp+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjl vPl5adytRSv3tjFzzAalU5ORGpOucGpnutee5WEaXw== -----END CERTIFICATE----- OpenTrust Root CA G1 ==================== -----BEGIN CERTIFICATE----- MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUAMEAxCzAJBgNV BAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5UcnVzdCBSb290IENBIEcx MB4XDTE0MDUyNjA4NDU1MFoXDTM4MDExNTAwMDAwMFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoM CU9wZW5UcnVzdDEdMBsGA1UEAwwUT3BlblRydXN0IFJvb3QgQ0EgRzEwggIiMA0GCSqGSIb3DQEB AQUAA4ICDwAwggIKAoICAQD4eUbalsUwXopxAy1wpLuwxQjczeY1wICkES3d5oeuXT2R0odsN7fa Yp6bwiTXj/HbpqbfRm9RpnHLPhsxZ2L3EVs0J9V5ToybWL0iEA1cJwzdMOWo010hOHQX/uMftk87 ay3bfWAfjH1MBcLrARYVmBSO0ZB3Ij/swjm4eTrwSSTilZHcYTSSjFR077F9jAHiOH3BX2pfJLKO YheteSCtqx234LSWSE9mQxAGFiQD4eCcjsZGT44ameGPuY4zbGneWK2gDqdkVBFpRGZPTBKnjix9 xNRbxQA0MMHZmf4yzgeEtE7NCv82TWLxp2NX5Ntqp66/K7nJ5rInieV+mhxNaMbBGN4zK1FGSxyO 9z0M+Yo0FMT7MzUj8czxKselu7Cizv5Ta01BG2Yospb6p64KTrk5M0ScdMGTHPjgniQlQ/GbI4Kq 3ywgsNw2TgOzfALU5nsaqocTvz6hdLubDuHAk5/XpGbKuxs74zD0M1mKB3IDVedzagMxbm+WG+Oi n6+Sx+31QrclTDsTBM8clq8cIqPQqwWyTBIjUtz9GVsnnB47ev1CI9sjgBPwvFEVVJSmdz7QdFG9 URQIOTfLHzSpMJ1ShC5VkLG631UAC9hWLbFJSXKAqWLXwPYYEQRVzXR7z2FwefR7LFxckvzluFqr TJOVoSfupb7PcSNCupt2LQIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB /zAdBgNVHQ4EFgQUl0YhVyE12jZVx/PxN3DlCPaTKbYwHwYDVR0jBBgwFoAUl0YhVyE12jZVx/Px N3DlCPaTKbYwDQYJKoZIhvcNAQELBQADggIBAB3dAmB84DWn5ph76kTOZ0BP8pNuZtQ5iSas000E PLuHIT839HEl2ku6q5aCgZG27dmxpGWX4m9kWaSW7mDKHyP7Rbr/jyTwyqkxf3kfgLMtMrpkZ2Cv uVnN35pJ06iCsfmYlIrM4LvgBBuZYLFGZdwIorJGnkSI6pN+VxbSFXJfLkur1J1juONI5f6ELlgK n0Md/rcYkoZDSw6cMoYsYPXpSOqV7XAp8dUv/TW0V8/bhUiZucJvbI/NeJWsZCj9VrDDb8O+WVLh X4SPgPL0DTatdrOjteFkdjpY3H1PXlZs5VVZV6Xf8YpmMIzUUmI4d7S+KNfKNsSbBfD4Fdvb8e80 nR14SohWZ25g/4/Ii+GOvUKpMwpZQhISKvqxnUOOBZuZ2mKtVzazHbYNeS2WuOvyDEsMpZTGMKcm GS3tTAZQMPH9WD25SxdfGbRqhFS0OE85og2WaMMolP3tLR9Ka0OWLpABEPs4poEL0L9109S5zvE/ bw4cHjdx5RiHdRk/ULlepEU0rbDK5uUTdg8xFKmOLZTW1YVNcxVPS/KyPu1svf0OnWZzsD2097+o 4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJAwSQiumPv+i2tCqjI40cHLI5kqiPAlxA OXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj1oxx -----END CERTIFICATE----- OpenTrust Root CA G2 ==================== -----BEGIN CERTIFICATE----- MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUAMEAxCzAJBgNV BAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5UcnVzdCBSb290IENBIEcy MB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoM CU9wZW5UcnVzdDEdMBsGA1UEAwwUT3BlblRydXN0IFJvb3QgQ0EgRzIwggIiMA0GCSqGSIb3DQEB AQUAA4ICDwAwggIKAoICAQDMtlelM5QQgTJT32F+D3Y5z1zCU3UdSXqWON2ic2rxb95eolq5cSG+ Ntmh/LzubKh8NBpxGuga2F8ORAbtp+Dz0mEL4DKiltE48MLaARf85KxP6O6JHnSrT78eCbY2albz 4e6WiWYkBuTNQjpK3eCasMSCRbP+yatcfD7J6xcvDH1urqWPyKwlCm/61UWY0jUJ9gNDlP7ZvyCV eYCYitmJNbtRG6Q3ffyZO6v/v6wNj0OxmXsWEH4db0fEFY8ElggGQgT4hNYdvJGmQr5J1WqIP7wt UdGejeBSzFfdNTVY27SPJIjki9/ca1TSgSuyzpJLHB9G+h3Ykst2Z7UJmQnlrBcUVXDGPKBWCgOz 3GIZ38i1MH/1PCZ1Eb3XG7OHngevZXHloM8apwkQHZOJZlvoPGIytbU6bumFAYueQ4xncyhZW+vj 3CzMpSZyYhK05pyDRPZRpOLAeiRXyg6lPzq1O4vldu5w5pLeFlwoW5cZJ5L+epJUzpM5ChaHvGOz 9bGTXOBut9Dq+WIyiET7vycotjCVXRIouZW+j1MY5aIYFuJWpLIsEPUdN6b4t/bQWVyJ98LVtZR0 0dX+G7bw5tYee9I8y6jj9RjzIR9u701oBnstXW5DiabA+aC/gh7PU3+06yzbXfZqfUAkBXKJOAGT y3HCOV0GEfZvePg3DTmEJwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB /zAdBgNVHQ4EFgQUajn6QiL35okATV59M4PLuG53hq8wHwYDVR0jBBgwFoAUajn6QiL35okATV59 M4PLuG53hq8wDQYJKoZIhvcNAQENBQADggIBAJjLq0A85TMCl38th6aP1F5Kr7ge57tx+4BkJamz Gj5oXScmp7oq4fBXgwpkTx4idBvpkF/wrM//T2h6OKQQbA2xx6R3gBi2oihEdqc0nXGEL8pZ0keI mUEiyTCYYW49qKgFbdEfwFFEVn8nNQLdXpgKQuswv42hm1GqO+qTRmTFAHneIWv2V6CG1wZy7HBG S4tz3aAhdT7cHcCP009zHIXZ/n9iyJVvttN7jLpTwm+bREx50B1ws9efAvSyB7DH5fitIw6mVskp EndI2S9G/Tvw/HRwkqWOOAgfZDC2t0v7NqwQjqBSM2OdAzVWxWm9xiNaJ5T2pBL4LTM8oValX9YZ 6e18CL13zSdkzJTaTkZQh+D5wVOAHrut+0dSixv9ovneDiK3PTNZbNTe9ZUGMg1RGUFcPk8G97kr gCf2o6p6fAbhQ8MTOWIaNr3gKC6UAuQpLmBVrkA9sHSSXvAgZJY/X0VdiLWK2gKgW0VU3jg9CcCo SmVGFvyqv1ROTVu+OEO3KMqLM6oaJbolXCkvW0pujOotnCr2BXbgd5eAiN1nE28daCSLT7d0geX0 YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14fWKGVyasvc0rQLW6aWQ9VGHgtPFGml4vm u7JwqkwR3v98KzfUetF3NI/n+UL3PIEMS1IK -----END CERTIFICATE----- OpenTrust Root CA G3 ==================== -----BEGIN CERTIFICATE----- MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAxCzAJBgNVBAYT AkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5UcnVzdCBSb290IENBIEczMB4X DTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9w ZW5UcnVzdDEdMBsGA1UEAwwUT3BlblRydXN0IFJvb3QgQ0EgRzMwdjAQBgcqhkjOPQIBBgUrgQQA IgNiAARK7liuTcpm3gY6oxH84Bjwbhy6LTAMidnW7ptzg6kjFYwvWYpa3RTqnVkrQ7cG7DK2uu5B ta1doYXM6h0UZqNnfkbilPPntlahFVmhTzeXuSIevRHr9LIfXsMUmuXZl5mjYzBhMA4GA1UdDwEB /wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAf BgNVHSMEGDAWgBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAKBggqhkjOPQQDAwNpADBmAjEAj6jcnboM BBf6Fek9LykBl7+BFjNAk2z8+e2AcG+qj9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta 3U1fJAuwACEl74+nBCZx4nxp5V2a+EEfOzmTk51V6s2N8fvB -----END CERTIFICATE----- ISRG Root X1 ============ -----BEGIN CERTIFICATE----- MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UE BhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQD EwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQG EwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMT DElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54r Vygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj1 3Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8K b4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCN Aymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ 4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf 1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFu hjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQH usEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/r OPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4G A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY 9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV 0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwt hDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJw TdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nx e5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZA JzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahD YVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9n JEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJ m+kXQ99b21/+jh5Xos1AnX5iItreGCc= -----END CERTIFICATE----- AC RAIZ FNMT-RCM ================ -----BEGIN CERTIFICATE----- MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsxCzAJBgNVBAYT AkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTTAeFw0wODEw MjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJD TTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC ggIBALpxgHpMhm5/yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcf qQgfBBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAzWHFctPVr btQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxFtBDXaEAUwED653cXeuYL j2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z374jNUUeAlz+taibmSXaXvMiwzn15Cou 08YfxGyqxRxqAQVKL9LFwag0Jl1mpdICIfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mw WsXmo8RZZUc1g16p6DULmbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnT tOmlcYF7wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peSMKGJ 47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2ZSysV4999AeU14EC ll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMetUqIJ5G+GR4of6ygnXYMgrwTJbFaa i0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE FPd9xf3E6Jobd2Sn9R2gzL+HYJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1o dHRwOi8vd3d3LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQsFAAOCAgEAB5BK3/MjTvDD nFFlm5wioooMhfNzKWtN/gHiqQxjAb8EZ6WdmF/9ARP67Jpi6Yb+tmLSbkyU+8B1RXxlDPiyN8+s D8+Nb/kZ94/sHvJwnvDKuO+3/3Y3dlv2bojzr2IyIpMNOmqOFGYMLVN0V2Ue1bLdI4E7pWYjJ2cJ j+F3qkPNZVEI7VFY/uY5+ctHhKQV8Xa7pO6kO8Rf77IzlhEYt8llvhjho6Tc+hj507wTmzl6NLrT Qfv6MooqtyuGC2mDOL7Nii4LcK2NJpLuHvUBKwrZ1pebbuCoGRw6IYsMHkCtA+fdZn71uSANA+iW +YJF1DngoABd15jmfZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7 Ixjp6o7RTUaN8Tvkasq6+yO3m/qZASlaWFot4/nUbQ4mrcFuNLwy+AwF+mWj2zs3gyLp1txyM/1d 8iC9djwj2ij3+RvrWWTV3F9yfiD8zYm1kGdNYno/Tq0dwzn+evQoFt9B9kiABdcPUXmsEKvU7ANm 5mqwujGSQkBqvjrTcuFqN1W8rB2Vt2lh8kORdOag0wokRqEIr9baRRmW1FMdW4R58MD3R++Lj8UG rp1MYp3/RgT408m2ECVAdf4WqslKYIYvuu8wd+RU4riEmViAqhOLUTpPSPaLtrM= -----END CERTIFICATE----- Amazon Root CA 1 ================ -----BEGIN CERTIFICATE----- MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsFADA5MQswCQYD VQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAxMB4XDTE1 MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpv bjEZMBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALJ4gHHKeNXjca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgH FzZM9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qwIFAGbHrQ gLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6VOujw5H5SNz/0egwLX0t dHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L93FcXmn/6pUCyziKrlA4b9v7LWIbxcce VOF34GfID5yHI9Y/QCB/IIDEgEw+OyQmjgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3 DQEBCwUAA4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDIU5PM CCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUsN+gDS63pYaACbvXy 8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vvo/ufQJVtMVT8QtPHRh8jrdkPSHCa 2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2 xJNDd2ZhwLnoQdeXeGADbkpyrqXRfboQnoZsG4q5WTP468SQvvG5 -----END CERTIFICATE----- Amazon Root CA 2 ================ -----BEGIN CERTIFICATE----- MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwFADA5MQswCQYD VQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAyMB4XDTE1 MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpv bjEZMBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC ggIBAK2Wny2cSkxKgXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4 kHbZW0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg1dKmSYXp N+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K8nu+NQWpEjTj82R0Yiw9 AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvd fLC6HM783k81ds8P+HgfajZRRidhW+mez/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAEx kv8LV/SasrlX6avvDXbR8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSS btqDT6ZjmUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz7Mt0 Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6+XUyo05f7O0oYtlN c/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI0u1ufm8/0i2BWSlmy5A5lREedCf+ 3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSw DPBMMPQFWAJI/TPlUq9LhONmUjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oA A7CXDpO8Wqj2LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY +gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kSk5Nrp+gvU5LE YFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl7uxMMne0nxrpS10gxdr9HIcW xkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygmbtmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQ gj9sAq+uEjonljYE1x2igGOpm/HlurR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbW aQbLU8uz/mtBzUF+fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoV Yh63n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE76KlXIx3 KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H9jVlpNMKVv/1F2Rs76gi JUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT4PsJYGw= -----END CERTIFICATE----- Amazon Root CA 3 ================ -----BEGIN CERTIFICATE----- MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5MQswCQYDVQQG EwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAzMB4XDTE1MDUy NjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZ MBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZB f8ANm+gBG1bG8lKlui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjr Zt6jQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSrttvXBp43 rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkrBqWTrBqYaGFy+uGh0Psc eGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteMYyRIHN8wfdVoOw== -----END CERTIFICATE----- Amazon Root CA 4 ================ -----BEGIN CERTIFICATE----- MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5MQswCQYDVQQG EwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSA0MB4XDTE1MDUy NjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZ MBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN /sGKe0uoe0ZLY7Bi9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri 83BkM6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV HQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WBMAoGCCqGSM49BAMDA2gA MGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlwCkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1 AE47xDqUEpHJWEadIRNyp4iciuRMStuW1KyLa2tJElMzrdfkviT8tQp21KW8EA== -----END CERTIFICATE----- LuxTrust Global Root 2 ====================== -----BEGIN CERTIFICATE----- MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQELBQAwRjELMAkG A1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNVBAMMFkx1eFRydXN0IEdsb2Jh bCBSb290IDIwHhcNMTUwMzA1MTMyMTU3WhcNMzUwMzA1MTMyMTU3WjBGMQswCQYDVQQGEwJMVTEW MBQGA1UECgwNTHV4VHJ1c3QgUy5BLjEfMB0GA1UEAwwWTHV4VHJ1c3QgR2xvYmFsIFJvb3QgMjCC AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANeFl78RmOnwYoNMPIf5U2o3C/IPPIfOb9wm Kb3FibrJgz337spbxm1Jc7TJRqMbNBM/wYlFV/TZsfs2ZUv7COJIcRHIbjuend+JZTemhfY7RBi2 xjcwYkSSl2l9QjAk5A0MiWtj3sXh306pFGxT4GHO9hcvHTy95iJMHZP1EMShduxq3sVs35a0VkBC wGKSMKEtFZSg0iAGCW5qbeXrt77U8PEVfIvmTroTzEsnXpk8F12PgX8zPU/TPxvsXD/wPEx1bvKm 1Z3aLQdjAsZy6ZS8TEmVT4hSyNvoaYL4zDRbIvCGp4m9SAptZoFtyMhk+wHh9OHe2Z7d21vUKpkm FRseTJIpgp7VkoGSQXAZ96Tlk0u8d2cx3Rz9MXANF5kM+Qw5GSoXtTBxVdUPrljhPS80m8+f9niF wpN6cj5mj5wWEWCPnolvZ77gR1o7DJpni89Gxq44o/KnvObWhWszJHAiS8sIm7vI+AIpHb4gDEa/ a4ebsypmQjVGbKq6rfmYe+lQVRQxv7HaLe2ArWgk+2mr2HETMOZns4dA/Yl+8kPREd8vZS9kzl8U ubG/Mb2HeFpZZYiq/FkySIbWTLkpS5XTdvN3JW1CHDiDTf2jX5t/Lax5Gw5CMZdjpPuKadUiDTSQ MC6otOBttpSsvItO13D8xTiOZCXhTTmQzsmHhFhxAgMBAAGjgagwgaUwDwYDVR0TAQH/BAUwAwEB /zBCBgNVHSAEOzA5MDcGByuBKwEBAQowLDAqBggrBgEFBQcCARYeaHR0cHM6Ly9yZXBvc2l0b3J5 Lmx1eHRydXN0Lmx1MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBT/GCh2+UgFLKGu8SsbK7JT +Et8szAdBgNVHQ4EFgQU/xgodvlIBSyhrvErGyuyU/hLfLMwDQYJKoZIhvcNAQELBQADggIBAGoZ FO1uecEsh9QNcH7X9njJCwROxLHOk3D+sFTAMs2ZMGQXvw/l4jP9BzZAcg4atmpZ1gDlaCDdLnIN H2pkMSCEfUmmWjfrRcmF9dTHF5kH5ptV5AzoqbTOjFu1EVzPig4N1qx3gf4ynCSecs5U89BvolbW 7MM3LGVYvlcAGvI1+ut7MV3CwRI9loGIlonBWVx65n9wNOeD4rHh4bhY79SV5GCc8JaXcozrhAIu ZY+kt9J/Z93I055cqqmkoCUUBpvsT34tC38ddfEz2O3OuHVtPlu5mB0xDVbYQw8wkbIEa91WvpWA VWe+2M2D2RjuLg+GLZKecBPs3lHJQ3gCpU3I+V/EkVhGFndadKpAvAefMLmx9xIX3eP/JEAdemrR TxgKqpAd60Ae36EeRJIQmvKN4dFLRp7oRUKX6kWZ8+xm1QL68qZKJKrezrnK+T+Tb/mjuuqlPpmt /f97mfVl7vBZKGfXkJWkE4SphMHozs51k2MavDzq1WQfLSoSOcbDWjLtR5EWDrw4wVDej8oqkDQc 7kGUnF4ZLvhFSZl0kbAEb+MEWrGrKqv+x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31I iyBMz2TWuJdGsE7RKlY6oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr -----END CERTIFICATE----- |
Added scriptlibs/softwareupdate/curl/bin/curl.exe.
cannot compute difference between binary files
Added scriptlibs/softwareupdate/curl/bin/libcurl.dll.
cannot compute difference between binary files
Added scriptlibs/softwareupdate/curl/docs/BINDINGS.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 | libcurl bindings ================ Creative people have written bindings or interfaces for various environments and programming languages. Using one of these allows you to take advantage of curl powers from within your favourite language or system. This is a list of all known interfaces as of this writing. The bindings listed below are not part of the curl/libcurl distribution archives, but must be downloaded and installed separately. [Ada95](http://www.almroth.com/adacurl/index.html) Written by Andreas Almroth [Basic](http://scriptbasic.com/) ScriptBasic bindings written by Peter Verhas [C++](http://curlpp.org/) Written by Jean-Philippe Barrette-LaPierre [Ch](https://chcurl.sourceforge.io/) Written by Stephen Nestinger and Jonathan Rogado Cocoa: [BBHTTP](https://github.com/brunodecarvalho/BBHTTP) written by Bruno de Carvalho [curlhandle](https://github.com/karelia/curlhandle) Written by Dan Wood [D](https://dlang.org/library/std/net/curl.html) Written by Kenneth Bogert [Dylan](https://dylanlibs.sourceforge.io/) Written by Chris Double [Eiffel](https://room.eiffel.com/library/curl) Written by Eiffel Software [Euphoria](http://rays-web.com/eulibcurl.htm) Written by Ray Smith [Falcon](http://www.falconpl.org/index.ftd?page_id=prjs&prj_id=curl) [Ferite](http://www.ferite.org/) Written by Paul Querna [Gambas](https://gambas.sourceforge.io/) [glib/GTK+](http://atterer.net/glibcurl/) Written by Richard Atterer [Guile](http://www.lonelycactus.com/guile-curl.html) Written by Michael L. Gran [Harbour](https://github.com/vszakats/harbour-core/tree/master/contrib/hbcurl) Written by Viktor Szakáts [Haskell](https://hackage.haskell.org/cgi-bin/hackage-scripts/package/curl) Written by Galois, Inc [Java](https://github.com/pjlegato/curl-java) [Julia](https://github.com/forio/Curl.jl) Written by Paul Howe [Lisp](https://common-lisp.net/project/cl-curl/) Written by Liam Healy Lua: [luacurl](http://luacurl.luaforge.net/) by Alexander Marinov, [Lua-cURL](http://luaforge.net/projects/lua-curl/) by Jürgen Hötzel [Mono](https://forge.novell.com/modules/xfmod/project/?libcurl-mono) Written by Jeffrey Phillips [.NET](https://sourceforge.net/projects/libcurl-net/) libcurl-net by Jeffrey Phillips [node.js](https://github.com/JCMais/node-libcurl) node-libcurl by Jonathan Cardoso Machado [Object-Pascal](http://www.tekool.com/opcurl) Free Pascal, Delphi and Kylix binding written by Christophe Espern. [O'Caml](https://sourceforge.net/projects/ocurl/) Written by Lars Nilsson [Pascal](http://houston.quik.com/jkp/curlpas/) Free Pascal, Delphi and Kylix binding written by Jeffrey Pohlmeyer. [Perl](https://github.com/szbalint/WWW--Curl) Maintained by Cris Bailiff and Bálint Szilakszi [PHP](https://php.net/curl) Originally written by Sterling Hughes [PostgreSQL](http://gborg.postgresql.org/project/pgcurl/projdisplay.php) Written by Gian Paolo Ciceri [Python](http://pycurl.io/) PycURL by Kjetil Jacobsen [R](https://cran.r-project.org/package=curl) [Rexx](https://rexxcurl.sourceforge.io/) Written Mark Hessling RPG, support for ILE/RPG on OS/400 is included in source distribution Ruby: [curb](http://curb.rubyforge.org/) written by Ross Bamford, [ruby-curl-multi](http://curl-multi.rubyforge.org/) written by Kristjan Petursson and Keith Rarick [Rust](https://github.com/carllerche/curl-rust) curl-rust - by Carl Lerche [Scheme](https://www.metapaper.net/lisovsky/web/curl/) Bigloo binding by Kirill Lisovsky [S-Lang](http://www.jedsoft.org/slang/modules/curl.html) by John E Davis [Smalltalk](http://www.squeaksource.com/CurlPlugin/) Written by Danil Osipchuk [SP-Forth](http://www.forth.org.ru/~ac/lib/lin/curl/) Written by ygrek [SPL](http://www.clifford.at/spl/) Written by Clifford Wolf [Tcl](http://mirror.yellow5.com/tclcurl/) Tclcurl by Andrés García [Visual Basic](https://sourceforge.net/projects/libcurl-vb/) libcurl-vb by Jeffrey Phillips [Visual Foxpro](http://www.ctl32.com.ar/libcurl.asp) by Carlos Alloatti [Q](https://q-lang.sourceforge.io/) The libcurl module is part of the default install [wxWidgets](https://wxcode.sourceforge.io/components/wxcurl/) Written by Casey O'Donnell [XBLite](http://perso.wanadoo.fr/xblite/libraries.html) Written by David Szafranski [Xojo](https://github.com/charonn0/RB-libcURL) Written by Andrew Lambert |
Added scriptlibs/softwareupdate/curl/docs/BUGS.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 | _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| BUGS 1. Bugs 1.1 There are still bugs 1.2 Where to report 1.3 What to report 1.4 libcurl problems 1.5 Who will fix the problems 1.6 How to get a stack trace 1.7 Bugs in libcurl bindings 2. Bug fixing procedure 2.1 What happens on first filing 2.2 First response 2.3 Not reproducible 2.4 Unresponsive 2.5 Lack of time/interest 2.6 KNOWN_BUGS 2.7 TODO 2.8 Closing off stalled bugs ============================================================================== 1.1 There are still bugs Curl and libcurl have grown substantially since the beginning. At the time of writing (January 2013), there are about 83,000 lines of source code, and by the time you read this it has probably grown even more. Of course there are lots of bugs left. And lots of misfeatures. To help us make curl the stable and solid product we want it to be, we need bug reports and bug fixes. 1.2 Where to report If you can't fix a bug yourself and submit a fix for it, try to report an as detailed report as possible to a curl mailing list to allow one of us to have a go at a solution. You can optionally also post your bug/problem at curl's bug tracking system over at https://github.com/curl/curl/issues Please read the rest of this document below first before doing that! If you feel you need to ask around first, find a suitable mailing list and post there. The lists are available on https://curl.haxx.se/mail/ 1.3 What to report When reporting a bug, you should include all information that will help us understand what's wrong, what you expected to happen and how to repeat the bad behavior. You therefore need to tell us: - your operating system's name and version number - what version of curl you're using (curl -V is fine) - versions of the used libraries that libcurl is built to use - what URL you were working with (if possible), at least which protocol and anything and everything else you think matters. Tell us what you expected to happen, tell use what did happen, tell us how you could make it work another way. Dig around, try out, test. Then include all the tiny bits and pieces in your report. You will benefit from this yourself, as it will enable us to help you quicker and more accurately. Since curl deals with networks, it often helps us if you include a protocol debug dump with your bug report. The output you get by using the -v or --trace options. If curl crashed, causing a core dump (in unix), there is hardly any use to send that huge file to anyone of us. Unless we have an exact same system setup as you, we can't do much with it. Instead we ask you to get a stack trace and send that (much smaller) output to us instead! The address and how to subscribe to the mailing lists are detailed in the MANUAL file. 1.4 libcurl problems When you've written your own application with libcurl to perform transfers, it is even more important to be specific and detailed when reporting bugs. Tell us the libcurl version and your operating system. Tell us the name and version of all relevant sub-components like for example the SSL library you're using and what name resolving your libcurl uses. If you use SFTP or SCP, the libssh2 version is relevant etc. Showing us a real source code example repeating your problem is the best way to get our attention and it will greatly increase our chances to understand your problem and to work on a fix (if we agree it truly is a problem). Lots of problems that appear to be libcurl problems are actually just abuses of the libcurl API or other malfunctions in your applications. It is advised that you run your problematic program using a memory debug tool like valgrind or similar before you post memory-related or "crashing" problems to us. 1.5 Who will fix the problems If the problems or bugs you describe are considered to be bugs, we want to have the problems fixed. There are no developers in the curl project that are paid to work on bugs. All developers that take on reported bugs do this on a voluntary basis. We do it out of an ambition to keep curl and libcurl excellent products and out of pride. But please do not assume that you can just lump over something to us and it will then magically be fixed after some given time. Most often we need feedback and help to understand what you've experienced and how to repeat a problem. Then we may only be able to assist YOU to debug the problem and to track down the proper fix. We get reports from many people every month and each report can take a considerable amount of time to really go to the bottom with. 1.6 How to get a stack trace First, you must make sure that you compile all sources with -g and that you don't 'strip' the final executable. Try to avoid optimizing the code as well, remove -O, -O2 etc from the compiler options. Run the program until it cores. Run your debugger on the core file, like '<debugger> curl core'. <debugger> should be replaced with the name of your debugger, in most cases that will be 'gdb', but 'dbx' and others also occur. When the debugger has finished loading the core file and presents you a prompt, enter 'where' (without the quotes) and press return. The list that is presented is the stack trace. If everything worked, it is supposed to contain the chain of functions that were called when curl crashed. Include the stack trace with your detailed bug report. It'll help a lot. 1.7 Bugs in libcurl bindings There will of course pop up bugs in libcurl bindings. You should then primarily approach the team that works on that particular binding and see what you can do to help them fix the problem. If you suspect that the problem exists in the underlying libcurl, then please convert your program over to plain C and follow the steps outlined above. 2. Bug fixing procedure 2.1 What happens on first filing When a new issue is posted in the issue tracker or on the mailing list, the team of developers first need to see the report. Maybe they took the day off, maybe they're off in the woods hunting. Have patience. Allow at least a few days before expecting someone to have responded. In the issue tracker you can expect that some labels will be set on the issue to help categorize it. 2.2 First response If your issue/bug report wasn't perfect at once (and few are), chances are that someone will ask follow-up questions. Which version did you use? Which options did you use? How often does the problem occur? How can we reproduce this problem? Which protocols does it involve? Or perhaps much more specific and deep diving questions. It all depends on your specific issue. You should then respond to these follow-up questions and provide more info about the problem, so that we can help you figure it out. Or maybe you can help us figure it out. An active back-and-forth communication is important and the key for finding a cure and landing a fix. 2.3 Not reproducible For problems that we can't reproduce and can't understand even after having gotten all the info we need and having studied the source code over again, are really hard to solve so then we may require further work from you who actually see or experience the problem. 2.4 Unresponsive If the problem haven't been understood or reproduced, and there's nobody responding to follow-up questions or questions asking for clarifications or for discussing possible ways to move forward with the task, we take that as a strong suggestion that the bug is not important. Unimportant issues will be closed as inactive sooner or later as they can't be fixed. The inactivity period (waiting for responses) should not be shorter than two weeks but may extend months. 2.5 Lack of time/interest Bugs that are filed and are understood can unfortunately end up in the "nobody cares enough about it to work on it" category. Such bugs are perfectly valid problems that *should* get fixed but apparently aren't. We try to mark such bugs as "KNOWN_BUGS material" after a time of inactivity and if no activity is noticed after yet some time those bugs are added to KNOWN_BUGS and are closed in the issue tracker. 2.6 KNOWN_BUGS This is a list of known bugs. Bugs we know exist and that have been pointed out but that haven't yet been fixed. The reasons for why they haven't been fixed can involve anything really, but the primary reason is that nobody has considered these problems to be important enough to spend the necesary time and effort to have them fixed. The KNOWN_BUGS are always up for grabs and we will always love the ones who bring one of them back to live and offers solutions to them. The KNOWN_BUGS document has a sibling document known as TODO. 2.7 TODO Issues that are filed or reported that aren't really bugs but more missing features or ideas for future improvements and so on are marked as 'enhancement' or 'feature-request' and will be added to the TODO document instead and the issue is closed. We don't keep TODO items in the issue tracker. The TODO document is full of ideas and suggestions of what we can add or fix one day. You're always encouraged and free to grab one of those items and take up a discussion with the curl development team on how that could be implemented or provided in the project so that you can work on ticking it odd that document. If the issue is rather a bug and not a missing feature or functionality, it is listed in KNOWN_BUGS instead. 2.8 Closing off stalled bugs The issue and pull request trackers on https://github.com/curl/curl will only hold "active" entries (using a non-precise defintion of what active actually is, but they're at least not completely dead). Those that are abandonded or in other ways dormant will be closed and sometimes added to TODO and KNOWN_BUGS instead. This way, we only have "active" issues open on github. Irrelevant issues and pull requests will not distract developes or casual visitors. |
Added scriptlibs/softwareupdate/curl/docs/CHECKSRC.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 | # checksrc This is the tool we use within the curl project to scan C source code and check that it adheres to our [Source Code Style guide](CODE_STYLE.md). ## Usage checksrc.pl [options] [file1] [file2] ... ## Command line options `-W[file]` whitelists that file and excludes it from being checked. Helpful when, for example, one of the files is generated. `-D[dir]` directory name to prepend to file names when accessing them. `-h` shows the help output, that also lists all recognized warnings ## What does checksrc warn for? checksrc does not check and verify the code against the entire style guide, but the script is instead an effort to detect the most common mistakes and syntax mistakes that contributors make before they get accustomed to our code style. Heck, many of us regulars do the mistakes too and this script helps us keep the code in shape. checksrc.pl -h Lists how to use the script and it lists all existing warnings it has and problems it detects. At the time of this writing, the existing checksrc warnings are: - `BADCOMMAND`: There's a bad !checksrc! instruction in the code. See the **Ignore certain warnings** section below for details. - `BANNEDFUNC`: A banned function was used. The functions sprintf, vsprintf, strcat, strncat, gets are **never** allowed in curl source code. - `BRACEELSE`: '} else' on the same line. The else is supposed to be on the following line. - `BRACEPOS`: wrong position for an open brace (`{`). - `COMMANOSPACE`: a comma without following space - `COPYRIGHT`: the file is missing a copyright statement! - `CPPCOMMENTS`: `//` comment detected, that's not C89 compliant - `FOPENMODE`: `fopen()` needs a macro for the mode string, use it - `INDENTATION`: detected a wrong start column for code. Note that this warning only checks some specific places and will certainly miss many bad indentations. - `LONGLINE`: A line is longer than 79 columns. - `PARENBRACE`: `){` was used without sufficient space in between. - `RETURNNOSPACE`: `return` was used without space between the keyword and the following value. - `SPACEAFTERPAREN`: there was a space after open parenthesis, `( text`. - `SPACEBEFORECLOSE`: there was a space before a close parenthesis, `text )`. - `SPACEBEFORECOMMA`: there was a space before a comma, `one , two`. - `SPACEBEFOREPAREN`: there was a space before an open parenthesis, `if (`, where one was not expected - `SPACESEMILCOLON`: there was a space before semicolon, ` ;`. - `TABS`: TAB characters are not allowed! - `TRAILINGSPACE`: Trailing white space on the line - `UNUSEDIGNORE`: a checksrc inlined warning ignore was asked for but not used, that's an ignore that should be removed or changed to get used. ## Ignore certain warnings Due to the nature of the source code and the flaws of the checksrc tool, there is sometimes a need to ignore specific warnings. checksrc allows a few different ways to do this. ### Inline ignore You can control what to ignore within a specific source file by providing instructions to checksrc in the source code itself. You need a magic marker that is `!checksrc!` followed by the instruction. The instruction can ask to ignore a specific warning N number of times or you ignore all of them until you mark the end of the ignored section. Inline ignores are only done for that single specific source code file. Example /* !checksrc! disable LONGLINE all */ This will ignore the warning for overly long lines until it is re-enabled with: /* !checksrc! enable LONGLINE */ If the enabling isn't performed before the end of the file, it will be enabled automatically for the next file. You can also opt to ignore just N violations so that if you have a single long line you just can't shorten and is agreed to be fine anyway: /* !checksrc! disable LONGLINE 1 */ ... and the warning for long lines will be enabled again automatically after it has ignored that single warning. The number `1` can of course be changed to any other integer number. It can be used to make sure only the exact intended instances are ignored and nothing extra. ### Directory wide ignore patterns This is a method we've transitioned away from. Use inline ignores as far as possible. Make a `checksrc.whitelist` file in the directory of the source code with the false positive, and include the full offending line into this file. |
Added scriptlibs/softwareupdate/curl/docs/CODE_OF_CONDUCT.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 | Contributor Code of Conduct =========================== As contributors and maintainers of this project, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities. We are committed to making participation in this project a harassment-free experience for everyone, regardless of level of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, ethnicity, age, or religion. Examples of unacceptable behavior by participants include the use of sexual language or imagery, derogatory comments or personal attacks, trolling, public or private harassment, insults, or other unprofessional conduct. Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. Project maintainers who do not follow the Code of Conduct may be removed from the project team. This code of conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by opening an issue or contacting one or more of the project maintainers. This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), version 1.1.0, available at [http://contributor-covenant.org/version/1/1/0/](http://contributor-covenant.org/version/1/1/0/) |
Added scriptlibs/softwareupdate/curl/docs/CODE_STYLE.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 | # curl C code style Source code that has a common style is easier to read than code that uses different styles in different places. It helps making the code feel like one single code base. Easy-to-read is a very important property of code and helps making it easier to review when new things are added and it helps debugging code when developers are trying to figure out why things go wrong. A unified style is more important than individual contributors having their own personal tastes satisfied. Our C code has a few style rules. Most of them are verified and upheld by the `lib/checksrc.pl` script. Invoked with `make checksrc` or even by default by the build system when built after `./configure --enable-debug` has been used. It is normally not a problem for anyone to follow the guidelines, as you just need to copy the style already used in the source code and there are no particularly unusual rules in our set of rules. We also work hard on writing code that are warning-free on all the major platforms and in general on as many platforms as possible. Code that obviously will cause warnings will not be accepted as-is. ## Naming Try using a non-confusing naming scheme for your new functions and variable names. It doesn't necessarily have to mean that you should use the same as in other places of the code, just that the names should be logical, understandable and be named according to what they're used for. File-local functions should be made static. We like lower case names. See the [INTERNALS](INTERNALS.md) document on how we name non-exported library-global symbols. ## Indenting We use only spaces for indentation, never TABs. We use two spaces for each new open brace. if(something_is_true) { while(second_statement == fine) { moo(); } } ## Comments Since we write C89 code, `//` comments are not allowed. They weren't introduced in the C standard until C99. We use only `/*` and `*/` comments: /* this is a comment */ ## Long lines Source code in curl may never be wider than 79 columns and there are two reasons for maintaining this even in the modern era of very large and high resolution screens: 1. Narrower columns are easier to read than very wide ones. There's a reason newspapers have used columns for decades or centuries. 2. Narrower columns allow developers to easier show multiple pieces of code next to each other in different windows. I often have two or three source code windows next to each other on the same screen - as well as multiple terminal and debugging windows. ## Braces In if/while/do/for expressions, we write the open brace on the same line as the keyword and we then set the closing brace on the same indentation level as the initial keyword. Like this: if(age < 40) { /* clearly a youngster */ } You may omit the braces if they would contain only a one-line statement: if(!x) continue; For functions the opening brace should be on a separate line: int main(int argc, char **argv) { return 1; } ## 'else' on the following line When adding an `else` clause to a conditional expression using braces, we add it on a new line after the closing brace. Like this: if(age < 40) { /* clearly a youngster */ } else { /* probably grumpy */ } ## No space before parentheses When writing expressions using if/while/do/for, there shall be no space between the keyword and the open parenthesis. Like this: while(1) { /* loop forever */ } ## Use boolean conditions Rather than test a conditional value such as a bool against TRUE or FALSE, a pointer against NULL or != NULL and an int against zero or not zero in if/while conditions we prefer: result = do_something(); if(!result) { /* something went wrong */ return result; } ## No assignments in conditions To increase readability and reduce complexity of conditionals, we avoid assigning variables within if/while conditions. We frown upon this style: if((ptr = malloc(100)) == NULL) return NULL; and instead we encourage the above version to be spelled out more clearly: ptr = malloc(100); if(!ptr) return NULL; ## New block on a new line We never write multiple statements on the same source line, even for very short if() conditions. if(a) return TRUE; else if(b) return FALSE; and NEVER: if(a) return TRUE; else if(b) return FALSE; ## Space around operators Please use spaces on both sides of operators in C expressions. Postfix `(), [], ->, ., ++, --` and Unary `+, - !, ~, &` operators excluded they should have no space. Examples: bla = func(); who = name[0]; age += 1; true = !false; size += -2 + 3 * (a + b); ptr->member = a++; struct.field = b--; ptr = &address; contents = *pointer; complement = ~bits; empty = (!*string) ? TRUE : FALSE; ## Column alignment Some statements cannot be completed on a single line because the line would be too long, the statement too hard to read, or due to other style guidelines above. In such a case the statement will span multiple lines. If a continuation line is part of an expression or sub-expression then you should align on the appropriate column so that it's easy to tell what part of the statement it is. Operators should not start continuation lines. In other cases follow the 2-space indent guideline. Here are some examples from libcurl: ~~~c if(Curl_pipeline_wanted(handle->multi, CURLPIPE_HTTP1) && (handle->set.httpversion != CURL_HTTP_VERSION_1_0) && (handle->set.httpreq == HTTPREQ_GET || handle->set.httpreq == HTTPREQ_HEAD)) /* didn't ask for HTTP/1.0 and a GET or HEAD */ return TRUE; ~~~ ~~~c case CURLOPT_KEEP_SENDING_ON_ERROR: data->set.http_keep_sending_on_error = (0 != va_arg(param, long)) ? TRUE : FALSE; break; ~~~ ~~~c data->set.http_disable_hostname_check_before_authentication = (0 != va_arg(param, long)) ? TRUE : FALSE; ~~~ ~~~c if(option) { result = parse_login_details(option, strlen(option), (userp ? &user : NULL), (passwdp ? &passwd : NULL), NULL); } ~~~ ~~~c DEBUGF(infof(data, "Curl_pp_readresp_ %d bytes of trailing " "server response left\n", (int)clipamount)); ~~~ ## Platform dependent code Use `#ifdef HAVE_FEATURE` to do conditional code. We avoid checking for particular operating systems or hardware in the #ifdef lines. The HAVE_FEATURE shall be generated by the configure script for unix-like systems and they are hard-coded in the config-[system].h files for the others. We also encourage use of macros/functions that possibly are empty or defined to constants when libcurl is built without that feature, to make the code seamless. Like this style where the `magic()` function works differently depending on a build-time conditional: #ifdef HAVE_MAGIC void magic(int a) { return a + 2; } #else #define magic(x) 1 #endif int content = magic(3); |
Added scriptlibs/softwareupdate/curl/docs/CONTRIBUTE.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 | # Contributing to the curl project This document is intended to offer guidelines on how to best contribute to the curl project. This concerns new features as well as corrections to existing flaws or bugs. ## Learning curl ### Join the Community Skip over to [https://curl.haxx.se/mail/](https://curl.haxx.se/mail/) and join the appropriate mailing list(s). Read up on details before you post questions. Read this file before you start sending patches! We prefer questions sent to and discussions being held on the mailing list(s), not sent to individuals. Before posting to one of the curl mailing lists, please read up on the [mailing list etiquette](https://curl.haxx.se/mail/etiquette.html). We also hang out on IRC in #curl on irc.freenode.net If you're at all interested in the code side of things, consider clicking 'watch' on the [curl repo on github](https://github.com/curl/curl) to get notified on pull requests and new issues posted there. ### License and copyright When contributing with code, you agree to put your changes and new code under the same license curl and libcurl is already using unless stated and agreed otherwise. If you add a larger piece of code, you can opt to make that file or set of files to use a different license as long as they don't enforce any changes to the rest of the package and they make sense. Such "separate parts" can not be GPL licensed (as we don't want copyleft to affect users of libcurl) but they must use "GPL compatible" licenses (as we want to allow users to use libcurl properly in GPL licensed environments). When changing existing source code, you do not alter the copyright of the original file(s). The copyright will still be owned by the original creator(s) or those who have been assigned copyright by the original author(s). By submitting a patch to the curl project, you are assumed to have the right to the code and to be allowed by your employer or whatever to hand over that patch/code to us. We will credit you for your changes as far as possible, to give credit but also to keep a trace back to who made what changes. Please always provide us with your full real name when contributing! ### What To Read Source code, the man pages, the [INTERNALS document](https://curl.haxx.se/dev/internals.html), [TODO](https://curl.haxx.se/docs/todo.html), [KNOWN_BUGS](https://curl.haxx.se/docs/knownbugs.html) and the [most recent changes](https://curl.haxx.se/dev/sourceactivity.html) in git. Just lurking on the [curl-library mailing list](https://curl.haxx.se/mail/list.cgi?list=curl-library) will give you a lot of insights on what's going on right now. Asking there is a good idea too. ## Write a good patch ### Follow code style When writing C code, follow the [CODE_STYLE](https://curl.haxx.se/dev/code-style.html) already established in the project. Consistent style makes code easier to read and mistakes less likely to happen. Run `make checksrc` before you submit anything, to make sure you follow the basic style. That script doesn't verify everything, but if it complains you know you have work to do. ### Non-clobbering All Over When you write new functionality or fix bugs, it is important that you don't fiddle all over the source files and functions. Remember that it is likely that other people have done changes in the same source files as you have and possibly even in the same functions. If you bring completely new functionality, try writing it in a new source file. If you fix bugs, try to fix one bug at a time and send them as separate patches. ### Write Separate Changes It is annoying when you get a huge patch from someone that is said to fix 511 odd problems, but discussions and opinions don't agree with 510 of them - or 509 of them were already fixed in a different way. Then the person merging this change needs to extract the single interesting patch from somewhere within the huge pile of source, and that creates a lot of extra work. Preferably, each fix that corrects a problem should be in its own patch/commit with its own description/commit message stating exactly what they correct so that all changes can be selectively applied by the maintainer or other interested parties. Also, separate changes enable bisecting much better for tracking problems and regression in the future. ### Patch Against Recent Sources Please try to get the latest available sources to make your patches against. It makes the lives of the developers so much easier. The very best is if you get the most up-to-date sources from the git repository, but the latest release archive is quite OK as well! ### Documentation Writing docs is dead boring and one of the big problems with many open source projects. But someone's gotta do it! It makes things a lot easier if you submit a small description of your fix or your new features with every contribution so that it can be swiftly added to the package documentation. The documentation is always made in man pages (nroff formatted) or plain ASCII files. All HTML files on the web site and in the release archives are generated from the nroff/ASCII versions. ### Test Cases Since the introduction of the test suite, we can quickly verify that the main features are working as they're supposed to. To maintain this situation and improve it, all new features and functions that are added need to be tested in the test suite. Every feature that is added should get at least one valid test case that verifies that it works as documented. If every submitter also posts a few test cases, it won't end up as a heavy burden on a single person! If you don't have test cases or perhaps you have done something that is very hard to write tests for, do explain exactly how you have otherwise tested and verified your changes. ## Sharing Your Changes ### How to get your changes into the main sources Ideally you file a [pull request on github](https://github.com/curl/curl/pulls), but you can also send your plain patch to [the curl-library mailing list](https://curl.haxx.se/mail/list.cgi?list=curl-library). Either way, your change will be reviewed and discussed there and you will be expected to correct flaws pointed out and update accordingly, or the change risks stalling and eventually just getting deleted without action. As a submitter of a change, you are the owner of that change until it has been merged. Respond on the list or on github about the change and answer questions and/or fix nits/flaws. This is very important. We will take lack of replies as a sign that you're not very anxious to get your patch accepted and we tend to simply drop such changes. ### About pull requests With github it is easy to send a [pull request](https://github.com/curl/curl/pulls) to the curl project to have changes merged. We prefer pull requests to mailed patches, as it makes it a proper git commit that is easy to merge and they are easy to track and not that easy to loose in the flood of many emails, like they sometimes do on the mailing lists. When you adjust your pull requests after review, consider squashing the commits so that we can review the full updated version more easily. ### Making quality patches Make the patch against as recent source versions as possible. If you've followed the tips in this document and your patch still hasn't been incorporated or responded to after some weeks, consider resubmitting it to the list or better yet: change it to a pull request. ### Write good commit messages A short guide to how to write commit messages in the curl project. ---- start ---- [area]: [short line describing the main effect] -- empty line -- [full description, no wider than 72 columns that describe as much as possible as to why this change is made, and possibly what things it fixes and everything else that is related] -- empty line -- [Bug: URL to source of the report or more related discussion] [Reported-by: John Doe - credit the reporter] [whatever-else-by: credit all helpers, finders, doers] ---- stop ---- Don't forget to use commit --author="" if you commit someone else's work, and make sure that you have your own user and email setup correctly in git before you commit ### Write Access to git Repository If you are a very frequent contributor, you may be given push access to the git repository and then you'll be able to push your changes straight into the git repo instead of sending changes as pull requests or by mail as patches. Just ask if this is what you'd want. You will be required to have posted several high quality patches first, before you can be granted push access. ### How To Make a Patch with git You need to first checkout the repository: git clone https://github.com/curl/curl.git You then proceed and edit all the files you like and you commit them to your local repository: git commit [file] As usual, group your commits so that you commit all changes at once that constitute a logical change. Once you have done all your commits and you're happy with what you see, you can make patches out of your changes that are suitable for mailing: git format-patch remotes/origin/master This creates files in your local directory named NNNN-[name].patch for each commit. Now send those patches off to the curl-library list. You can of course opt to do that with the 'git send-email' command. ### How To Make a Patch without git Keep a copy of the unmodified curl sources. Make your changes in a separate source tree. When you think you have something that you want to offer the curl community, use GNU diff to generate patches. If you have modified a single file, try something like: diff -u unmodified-file.c my-changed-one.c > my-fixes.diff If you have modified several files, possibly in different directories, you can use diff recursively: diff -ur curl-original-dir curl-modified-sources-dir > my-fixes.diff The GNU diff and GNU patch tools exist for virtually all platforms, including all kinds of Unixes and Windows: For unix-like operating systems: - [https://savannah.gnu.org/projects/patch/](https://savannah.gnu.org/projects/patch/) - [https://www.gnu.org/software/diffutils/](https://www.gnu.org/software/diffutils/) For Windows: - [https://gnuwin32.sourceforge.io/packages/patch.htm](https://gnuwin32.sourceforge.io/packages/patch.htm) - [https://gnuwin32.sourceforge.io/packages/diffutils.htm](https://gnuwin32.sourceforge.io/packages/diffutils.htm) |
Added scriptlibs/softwareupdate/curl/docs/FAQ.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 | _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| FAQ 1. Philosophy 1.1 What is cURL? 1.2 What is libcurl? 1.3 What is curl not? 1.4 When will you make curl do XXXX ? 1.5 Who makes curl? 1.6 What do you get for making curl? 1.7 What about CURL from curl.com? 1.8 I have a problem who do I mail? 1.9 Where do I buy commercial support for curl? 1.10 How many are using curl? 1.11 Why don't you update ca-bundle.crt 1.12 I have a problem who can I chat with? 1.13 curl's ECCN number? 1.14 How do I submit my patch? 1.15 How do I port libcurl to my OS? 2. Install Related Problems 2.1 configure doesn't find OpenSSL even when it is installed 2.1.1 native linker doesn't find OpenSSL 2.1.2 only the libssl lib is missing 2.2 Does curl work/build with other SSL libraries? 2.3 Where can I find a copy of LIBEAY32.DLL? 2.4 Does curl support SOCKS (RFC 1928) ? 2.5 Install libcurl for both 32bit and 64bit? 3. Usage Problems 3.1 curl: (1) SSL is disabled, https: not supported 3.2 How do I tell curl to resume a transfer? 3.3 Why doesn't my posting using -F work? 3.4 How do I tell curl to run custom FTP commands? 3.5 How can I disable the Accept: */* header? 3.6 Does curl support ASP, XML, XHTML or HTML version Y? 3.7 Can I use curl to delete/rename a file through FTP? 3.8 How do I tell curl to follow HTTP redirects? 3.9 How do I use curl in my favorite programming language? 3.10 What about SOAP, WebDAV, XML-RPC or similar protocols over HTTP? 3.11 How do I POST with a different Content-Type? 3.12 Why do FTP specific features over HTTP proxy fail? 3.13 Why does my single/double quotes fail? 3.14 Does curl support Javascript or PAC (automated proxy config)? 3.15 Can I do recursive fetches with curl? 3.16 What certificates do I need when I use SSL? 3.17 How do I list the root dir of an FTP server? 3.18 Can I use curl to send a POST/PUT and not wait for a response? 3.19 How do I get HTTP from a host using a specific IP address? 3.20 How to SFTP from my user's home directory? 3.21 Protocol xxx not supported or disabled in libcurl 3.22 curl -X gives me HTTP problems 4. Running Problems 4.1 Problems connecting to SSL servers. 4.2 Why do I get problems when I use & or % in the URL? 4.3 How can I use {, }, [ or ] to specify multiple URLs? 4.4 Why do I get downloaded data even though the web page doesn't exist? 4.5 Why do I get return code XXX from a HTTP server? 4.5.1 "400 Bad Request" 4.5.2 "401 Unauthorized" 4.5.3 "403 Forbidden" 4.5.4 "404 Not Found" 4.5.5 "405 Method Not Allowed" 4.5.6 "301 Moved Permanently" 4.6 Can you tell me what error code 142 means? 4.7 How do I keep user names and passwords secret in Curl command lines? 4.8 I found a bug! 4.9 Curl can't authenticate to the server that requires NTLM? 4.10 My HTTP request using HEAD, PUT or DELETE doesn't work! 4.11 Why does my HTTP range requests return the full document? 4.12 Why do I get "certificate verify failed" ? 4.13 Why is curl -R on Windows one hour off? 4.14 Redirects work in browser but not with curl! 4.15 FTPS doesn't work 4.16 My HTTP POST or PUT requests are slow! 4.17 Non-functional connect timeouts on Windows 4.18 file:// URLs containing drive letters (Windows, NetWare) 4.19 Why doesn't curl return an error when the network cable is unplugged? 4.20 curl doesn't return error for HTTP non-200 responses! 4.21 Why is there a HTTP/1.1 in my HTTP/2 request? 5. libcurl Issues 5.1 Is libcurl thread-safe? 5.2 How can I receive all data into a large memory chunk? 5.3 How do I fetch multiple files with libcurl? 5.4 Does libcurl do Winsock initing on win32 systems? 5.5 Does CURLOPT_WRITEDATA and CURLOPT_READDATA work on win32 ? 5.6 What about Keep-Alive or persistent connections? 5.7 Link errors when building libcurl on Windows! 5.8 libcurl.so.X: open failed: No such file or directory 5.9 How does libcurl resolve host names? 5.10 How do I prevent libcurl from writing the response to stdout? 5.11 How do I make libcurl not receive the whole HTTP response? 5.12 Can I make libcurl fake or hide my real IP address? 5.13 How do I stop an ongoing transfer? 5.14 Using C++ non-static functions for callbacks? 5.15 How do I get an FTP directory listing? 5.16 I want a different time-out! 5.17 Can I write a server with libcurl? 5.18 Does libcurl use threads? 6. License Issues 6.1 I have a GPL program, can I use the libcurl library? 6.2 I have a closed-source program, can I use the libcurl library? 6.3 I have a BSD licensed program, can I use the libcurl library? 6.4 I have a program that uses LGPL libraries, can I use libcurl? 6.5 Can I modify curl/libcurl for my program and keep the changes secret? 6.6 Can you please change the curl/libcurl license to XXXX? 6.7 What are my obligations when using libcurl in my commercial apps? 7. PHP/CURL Issues 7.1 What is PHP/CURL? 7.2 Who wrote PHP/CURL? 7.3 Can I perform multiple requests using the same handle? ============================================================================== 1. Philosophy 1.1 What is cURL? cURL is the name of the project. The name is a play on 'Client for URLs', originally with URL spelled in uppercase to make it obvious it deals with URLs. The fact it can also be pronounced 'see URL' also helped, it works as an abbreviation for "Client URL Request Library" or why not the recursive version: "Curl URL Request Library". The cURL project produces two products: libcurl A free and easy-to-use client-side URL transfer library, supporting DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP. libcurl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, Kerberos, SPNEGO, HTTP form based upload, proxies, cookies, user+password authentication, file transfer resume, http proxy tunneling and more! libcurl is highly portable, it builds and works identically on numerous platforms, including Solaris, NetBSD, FreeBSD, OpenBSD, Darwin, HP-UX, IRIX, AIX, Tru64, Linux, UnixWare, HURD, Windows, Amiga, OS/2, BeOS, Mac OS X, Ultrix, QNX, OpenVMS, RISC OS, Novell NetWare, DOS, Symbian, OSF, Android, Minix, IBM TPF and more... libcurl is free, thread-safe, IPv6 compatible, feature rich, well supported and fast. curl A command line tool for getting or sending files using URL syntax. Since curl uses libcurl, curl supports the same wide range of common Internet protocols that libcurl does. We pronounce curl with an initial k sound. It rhymes with words like girl and earl. This is a short WAV file to help you: http://media.merriam-webster.com/soundc11/c/curl0001.wav There are numerous sub-projects and related projects that also use the word curl in the project names in various combinations, but you should take notice that this FAQ is directed at the command-line tool named curl (and libcurl the library), and may therefore not be valid for other curl-related projects. (There is however a small section for the PHP/CURL in this FAQ.) 1.2 What is libcurl? libcurl is a reliable and portable library which provides you with an easy interface to a range of common Internet protocols. You can use libcurl for free in your application, be it open source, commercial or closed-source. libcurl is most probably the most portable, most powerful and most often used C-based multi-platform file transfer library on this planet - be it open source or commercial. 1.3 What is curl not? Curl is not a wget clone. That is a common misconception. Never, during curl's development, have we intended curl to replace wget or compete on its market. Curl is targeted at single-shot file transfers. Curl is not a web site mirroring program. If you want to use curl to mirror something: fine, go ahead and write a script that wraps around curl to make it reality (like curlmirror.pl does). Curl is not an FTP site mirroring program. Sure, get and send FTP with curl but if you want systematic and sequential behavior you should write a script (or write a new program that interfaces libcurl) and do it. Curl is not a PHP tool, even though it works perfectly well when used from or with PHP (when using the PHP/CURL module). Curl is not a program for a single operating system. Curl exists, compiles, builds and runs under a wide range of operating systems, including all modern Unixes (and a bunch of older ones too), Windows, Amiga, BeOS, OS/2, OS X, QNX etc. 1.4 When will you make curl do XXXX ? We love suggestions of what to change in order to make curl and libcurl better. We do however believe in a few rules when it comes to the future of curl: Curl -- the command line tool -- is to remain a non-graphical command line tool. If you want GUIs or fancy scripting capabilities, you should look for another tool that uses libcurl. We do not add things to curl that other small and available tools already do very well at the side. Curl's output can be piped into another program or redirected to another file for the next program to interpret. We focus on protocol related issues and improvements. If you wanna do more magic with the supported protocols than curl currently does, chances are good we will agree. If you wanna add more protocols, we may very well agree. If you want someone else to do all the work while you wait for us to implement it for you, that is not a very friendly attitude. We spend a considerable time already on maintaining and developing curl. In order to get more out of us, you should consider trading in some of your time and effort in return. Simply go to the GitHub repo which resides at https://github.com/curl/curl, fork the project, and create pull requests with your proposed changes. If you write the code, chances are better that it will get into curl faster. 1.5 Who makes curl? curl and libcurl are not made by any single individual. Daniel Stenberg is project leader and main developer, but other persons' submissions are important and crucial. Anyone can contribute and post their changes and improvements and have them inserted in the main sources (of course on the condition that developers agree that the fixes are good). The full list of all contributors is found in the docs/THANKS file. curl is developed by a community, with Daniel at the wheel. 1.6 What do you get for making curl? Project cURL is entirely free and open. No person gets paid for developing curl full time. We do this voluntarily, mostly in our spare time. Occasionally companies pay individual developers to work on curl, but that's up to each company and developer. This is not controlled by nor supervised in any way by the project. We still get help from companies. Haxx provides web site, bandwidth, mailing lists etc, sourceforge.net hosts project services we take advantage from, like the bug tracker, and GitHub hosts the primary git repository at https://github.com/curl/curl. Also again, some companies have sponsored certain parts of the development in the past and I hope some will continue to do so in the future. If you want to support our project, consider a donation or a banner-program or even better: by helping us with coding, documenting or testing etc. 1.7 What about CURL from curl.com? During the summer of 2001, curl.com was busy advertising their client-side programming language for the web, named CURL. We are in no way associated with curl.com or their CURL programming language. Our project name curl has been in effective use since 1998. We were not the first computer related project to use the name "curl" and do not claim any rights to the name. We recognize that we will be living in parallel with curl.com and wish them every success. 1.8 I have a problem whom do I mail? Please do not mail any single individual unless you really need to. Keep curl-related questions on a suitable mailing list. All available mailing lists are listed in the MANUAL document and online at https://curl.haxx.se/mail/ Keeping curl-related questions and discussions on mailing lists allows others to join in and help, to share their ideas, to contribute their suggestions and to spread their wisdom. Keeping discussions on public mailing lists also allows for others to learn from this (both current and future users thanks to the web based archives of the mailing lists), thus saving us from having to repeat ourselves even more. Thanks for respecting this. If you have found or simply suspect a security problem in curl or libcurl, mail curl-security at haxx.se (closed list of receivers, mails are not disclosed) and tell. Then we can produce a fix in a timely manner before the flaw is announced to the world, thus lessen the impact the problem will have on existing users. 1.9 Where do I buy commercial support for curl? curl is fully open source. It means you can hire any skilled engineer to fix your curl-related problems. We list available alternatives on the curl web site: https://curl.haxx.se/support.html 1.10 How many are using curl? It is impossible to tell. We don't know how many users that knowingly have installed and use curl. We don't know how many users that use curl without knowing that they are in fact using it. We don't know how many users that downloaded or installed curl and then never use it. In May 2012 Daniel did a counting game and came up with a number that may be completely wrong or somewhat accurate. Over 500 million! See https://daniel.haxx.se/blog/2012/05/16/300m-users/ 1.11 Why don't you update ca-bundle.crt The ca cert bundle that used to be shipped with curl was very outdated and must be replaced with an up-to-date version by anyone who wants to verify peers. It is no longer provided by curl. The last curl release that ever shipped a ca cert bundle was curl 7.18.0. In the cURL project we've decided not to attempt to keep this file updated (or even present anymore) since deciding what to add to a ca cert bundle is an undertaking we've not been ready to accept, and the one we can get from Mozilla is perfectly fine so there's no need to duplicate that work. Today, with many services performed over HTTPS, every operating system should come with a default ca cert bundle that can be deemed somewhat trustworthy and that collection (if reasonably updated) should be deemed to be a lot better than a private curl version. If you want the most recent collection of ca certs that Mozilla Firefox uses, we recommend that you extract the collection yourself from Mozilla Firefox (by running 'make ca-bundle), or by using our online service setup for this purpose: https://curl.haxx.se/docs/caextract.html 1.12 I have a problem who can I chat with? There's a bunch of friendly people hanging out in the #curl channel on the IRC network irc.freenode.net. If you're polite and nice, chances are good that you can get -- or provide -- help instantly. 1.13 curl's ECCN number? The US government restricts exports of software that contains or uses cryptography. When doing so, the Export Control Classification Number (ECCN) is used to identify the level of export control etc. Apache Software Foundation gives a good explanation of ECCNs at https://www.apache.org/dev/crypto.html We believe curl's number might be ECCN 5D002, another possibility is 5D992. It seems necessary to write them (the authority that administers ECCN numbers), asking to confirm. Comprehensible explanations of the meaning of such numbers and how to obtain them (resp.) are here http://www.bis.doc.gov/licensing/exportingbasics.htm http://www.bis.doc.gov/licensing/do_i_needaneccn.html An incomprehensible description of the two numbers above is here http://www.access.gpo.gov/bis/ear/pdf/ccl5-pt2.pdf 1.14 How do I submit my patch? When you have made a patch or a change of whatever sort, and want to submit that to the project, there are a few different ways we prefer: o send a patch to the curl-library mailing list. We're many subscribers there and there are lots of people who can review patches, comment on them and "receive" them properly. o if your patch changes or fixes a bug, you can also opt to submit a bug report in the bug tracker and attach your patch there. There are less people involved there. Lots of more details are found in the CONTRIBUTE and INTERNALS docs. 1.15 How do I port libcurl to my OS? Here's a rough step-by-step: 1. copy a suitable lib/config-*.h file as a start to lib/config-[youros].h 2. edit lib/config-[youros].h to match your OS and setup 3. edit lib/curl_setup.h to include config-[youros].h when your OS is detected by the preprocessor, in the style others already exist 4. compile lib/*.c and make them into a library 2. Install Related Problems 2.1 configure doesn't find OpenSSL even when it is installed This may be because of several reasons. 2.1.1 native linker doesn't find openssl Affected platforms: Solaris (native cc compiler) HPUX (native cc compiler) SGI IRIX (native cc compiler) SCO UNIX (native cc compiler) When configuring curl, I specify --with-ssl. OpenSSL is installed in /usr/local/ssl Configure reports SSL in /usr/local/ssl, but fails to find CRYPTO_lock in -lcrypto Cause: The cc for this test places the -L/usr/local/ssl/lib AFTER -lcrypto, so ld can't find the library. This is due to a bug in the GNU autoconf tool. Workaround: Specifying "LDFLAGS=-L/usr/local/ssl/lib" in front of ./configure places the -L/usr/local/ssl/lib early enough in the command line to make things work 2.1.2 only the libssl lib is missing If all include files and the libcrypto lib is present, with only the libssl being missing according to configure, this is most likely because a few functions are left out from the libssl. If the function names missing include RSA or RSAREF you can be certain that this is because libssl requires the RSA and RSAREF libs to build. See the INSTALL file section that explains how to add those libs to configure. Make sure that you remove the config.cache file before you rerun configure with the new flags. 2.2 Does curl work/build with other SSL libraries? Curl has been written to use a generic SSL function layer internally, and that SSL functionality can then be provided by one out of many different SSL backends. curl can be built to use one of the following SSL alternatives: OpenSSL, GnuTLS, yassl, NSS, PolarSSL, axTLS, Secure Transport (native iOS/OS X), WinSSL (native Windows) or GSKit (native IBM i). They all have their pros and cons, and we try to maintain a comparison of them here: https://curl.haxx.se/docs/ssl-compared.html 2.3 Where can I find a copy of LIBEAY32.DLL? That is an OpenSSL binary built for Windows. Curl can be built with OpenSSL to do the SSL stuff. The LIBEAY32.DLL is then what curl needs on a windows machine to do https:// etc. Check out the curl web site to find accurate and up-to-date pointers to recent OpenSSL DLLs and other binary packages. 2.4 Does curl support SOCKS (RFC 1928) ? Yes, SOCKS 4 and 5 are supported. 2.5 Install libcurl for both 32bit and 64bit? In curl's configure procedure one of the regular include files gets created with platform specific information. The file 'curl/curlbuild.h' in the installed libcurl file tree is therefore somewhat tied to that particular platform. To allow applications to get built for either 32bit or 64bit you need to install libcurl headers for both setups and unfortunately curl doesn't do this automatically. A commonly used procedure is this: $ ./configure [32bit platform] $ mv curl/curlbuild.h curl/curlbuild-32bit.h $ ./configure [64bit platform] $ mv curl/curlbuild.h curl/curlbuild-64bit.h Then you make a toplevel curl/curlbuild.h replacement that only does this: #ifdef IS_32BIT #include "curlbuild-32bit.h" else #include "curlbuild-64bit.h" #endif 3. Usage problems 3.1 curl: (1) SSL is disabled, https: not supported If you get this output when trying to get anything from a https:// server, it means that the instance of curl/libcurl that you're using was built without support for this protocol. This could've happened if the configure script that was run at build time couldn't find all libs and include files curl requires for SSL to work. If the configure script fails to find them, curl is simply built without SSL support. To get the https:// support into a curl that was previously built but that reports that https:// is not supported, you should dig through the document and logs and check out why the configure script doesn't find the SSL libs and/or include files. Also, check out the other paragraph in this FAQ labelled "configure doesn't find OpenSSL even when it is installed". 3.2 How do I tell curl to resume a transfer? Curl supports resumed transfers both ways on both FTP and HTTP. Try the -C option. 3.3 Why doesn't my posting using -F work? You can't arbitrarily use -F or -d, the choice between -F or -d depends on the HTTP operation you need curl to do and what the web server that will receive your post expects. If the form you're trying to submit uses the type 'multipart/form-data', then and only then you must use the -F type. In all the most common cases, you should use -d which then causes a posting with the type 'application/x-www-form-urlencoded'. This is described in some detail in the MANUAL and TheArtOfHttpScripting documents, and if you don't understand it the first time, read it again before you post questions about this to the mailing list. Also, try reading through the mailing list archives for old postings and questions regarding this. 3.4 How do I tell curl to run custom FTP commands? You can tell curl to perform optional commands both before and/or after a file transfer. Study the -Q/--quote option. Since curl is used for file transfers, you don't normally use curl to perform FTP commands without transferring anything. Therefore you must always specify a URL to transfer to/from even when doing custom FTP commands, or use -I which implies the "no body" option sent to libcurl. 3.5 How can I disable the Accept: */* header? You can change all internally generated headers by adding a replacement with the -H/--header option. By adding a header with empty contents you safely disable that one. Use -H "Accept:" to disable that specific header. 3.6 Does curl support ASP, XML, XHTML or HTML version Y? To curl, all contents are alike. It doesn't matter how the page was generated. It may be ASP, PHP, Perl, shell-script, SSI or plain HTML files. There's no difference to curl and it doesn't even know what kind of language that generated the page. See also item 3.14 regarding javascript. 3.7 Can I use curl to delete/rename a file through FTP? Yes. You specify custom FTP commands with -Q/--quote. One example would be to delete a file after you have downloaded it: curl -O ftp://download.com/coolfile -Q '-DELE coolfile' or rename a file after upload: curl -T infile ftp://upload.com/dir/ -Q "-RNFR infile" -Q "-RNTO newname" 3.8 How do I tell curl to follow HTTP redirects? Curl does not follow so-called redirects by default. The Location: header that informs the client about this is only interpreted if you're using the -L/--location option. As in: curl -L http://redirector.com Not all redirects are HTTP ones, see 4.14 3.9 How do I use curl in my favorite programming language? There exist many language interfaces/bindings for curl that integrates it better with various languages. If you are fluid in a script language, you may very well opt to use such an interface instead of using the command line tool. Find out more about which languages that support curl directly, and how to install and use them, in the libcurl section of the curl web site: https://curl.haxx.se/libcurl/ All the various bindings to libcurl are made by other projects and people, outside of the cURL project. The cURL project itself only produces libcurl with its plain C API. If you don't find anywhere else to ask you can ask about bindings on the curl-library list too, but be prepared that people on that list may not know anything about bindings. In October 2009, there were interfaces available for the following languages: Ada95, Basic, C, C++, Ch, Cocoa, D, Dylan, Eiffel, Euphoria, Ferite, Gambas, glib/GTK+, Haskell, ILE/RPG, Java, Lisp, Lua, Mono, .NET, Object-Pascal, O'Caml, Pascal, Perl, PHP, PostgreSQL, Python, R, Rexx, Ruby, Scheme, S-Lang, Smalltalk, SP-Forth, SPL, Tcl, Visual Basic, Visual FoxPro, Q, wxwidgets and XBLite. By the time you read this, additional ones may have appeared! 3.10 What about SOAP, WebDAV, XML-RPC or similar protocols over HTTP? Curl adheres to the HTTP spec, which basically means you can play with *any* protocol that is built on top of HTTP. Protocols such as SOAP, WEBDAV and XML-RPC are all such ones. You can use -X to set custom requests and -H to set custom headers (or replace internally generated ones). Using libcurl is of course just as good and you'd just use the proper library options to do the same. 3.11 How do I POST with a different Content-Type? You can always replace the internally generated headers with -H/--header. To make a simple HTTP POST with text/xml as content-type, do something like: curl -d "datatopost" -H "Content-Type: text/xml" [URL] 3.12 Why do FTP specific features over HTTP proxy fail? Because when you use a HTTP proxy, the protocol spoken on the network will be HTTP, even if you specify a FTP URL. This effectively means that you normally can't use FTP specific features such as FTP upload and FTP quote etc. There is one exception to this rule, and that is if you can "tunnel through" the given HTTP proxy. Proxy tunneling is enabled with a special option (-p) and is generally not available as proxy admins usually disable tunneling to ports other than 443 (which is used for HTTPS access through proxies). 3.13 Why does my single/double quotes fail? To specify a command line option that includes spaces, you might need to put the entire option within quotes. Like in: curl -d " with spaces " url.com or perhaps curl -d ' with spaces ' url.com Exactly what kind of quotes and how to do this is entirely up to the shell or command line interpreter that you are using. For most unix shells, you can more or less pick either single (') or double (") quotes. For Windows/DOS prompts I believe you're forced to use double (") quotes. Please study the documentation for your particular environment. Examples in the curl docs will use a mix of both of these as shown above. You must adjust them to work in your environment. Remember that curl works and runs on more operating systems than most single individuals have ever tried. 3.14 Does curl support Javascript or PAC (automated proxy config)? Many web pages do magic stuff using embedded Javascript. Curl and libcurl have no built-in support for that, so it will be treated just like any other contents. .pac files are a netscape invention and are sometimes used by organizations to allow them to differentiate which proxies to use. The .pac contents is just a Javascript program that gets invoked by the browser and that returns the name of the proxy to connect to. Since curl doesn't support Javascript, it can't support .pac proxy configuration either. Some workarounds usually suggested to overcome this Javascript dependency: Depending on the Javascript complexity, write up a script that translates it to another language and execute that. Read the Javascript code and rewrite the same logic in another language. Implement a Javascript interpreter, people have successfully used the Mozilla Javascript engine in the past. Ask your admins to stop this, for a static proxy setup or similar. 3.15 Can I do recursive fetches with curl? No. curl itself has no code that performs recursive operations, such as those performed by wget and similar tools. There exists wrapper scripts with that functionality (for example the curlmirror perl script), and you can write programs based on libcurl to do it, but the command line tool curl itself cannot. 3.16 What certificates do I need when I use SSL? There are three different kinds of "certificates" to keep track of when we talk about using SSL-based protocols (HTTPS or FTPS) using curl or libcurl. CLIENT CERTIFICATE The server you communicate with may require that you can provide this in order to prove that you actually are who you claim to be. If the server doesn't require this, you don't need a client certificate. A client certificate is always used together with a private key, and the private key has a pass phrase that protects it. SERVER CERTIFICATE The server you communicate with has a server certificate. You can and should verify this certificate to make sure that you are truly talking to the real server and not a server impersonating it. CERTIFICATE AUTHORITY CERTIFICATE ("CA cert") You often have several CA certs in a CA cert bundle that can be used to verify a server certificate that was signed by one of the authorities in the bundle. curl does not come with a CA cert bundle but most curl installs provide one. You can also override the default. The server certificate verification process is made by using a Certificate Authority certificate ("CA cert") that was used to sign the server certificate. Server certificate verification is enabled by default in curl and libcurl and is often the reason for problems as explained in FAQ entry 4.12 and the SSLCERTS document (https://curl.haxx.se/docs/sslcerts.html). Server certificates that are "self-signed" or otherwise signed by a CA that you do not have a CA cert for, cannot be verified. If the verification during a connect fails, you are refused access. You then need to explicitly disable the verification to connect to the server. 3.17 How do I list the root dir of an FTP server? There are two ways. The way defined in the RFC is to use an encoded slash in the first path part. List the "/tmp" dir like this: curl ftp://ftp.sunet.se/%2ftmp/ or the not-quite-kosher-but-more-readable way, by simply starting the path section of the URL with a slash: curl ftp://ftp.sunet.se//tmp/ 3.18 Can I use curl to send a POST/PUT and not wait for a response? No. But you could easily write your own program using libcurl to do such stunts. 3.19 How do I get HTTP from a host using a specific IP address? For example, you may be trying out a web site installation that isn't yet in the DNS. Or you have a site using multiple IP addresses for a given host name and you want to address a specific one out of the set. Set a custom Host: header that identifies the server name you want to reach but use the target IP address in the URL: curl --header "Host: www.example.com" http://127.0.0.1/ You can also opt to add faked host name entries to curl with the --resolve option. That has the added benefit that things like redirects will also work properly. The above operation would instead be done as: curl --resolve www.example.com:80:127.0.0.1 http://www.example.com/ 3.20 How to SFTP from my user's home directory? Contrary to how FTP works, SFTP and SCP URLs specify the exact directory to work with. It means that if you don't specify that you want the user's home directory, you get the actual root directory. To specify a file in your user's home directory, you need to use the correct URL syntax which for sftp might look similar to: curl -O -u user:password sftp://example.com/~/file.txt and for SCP it is just a different protocol prefix: curl -O -u user:password scp://example.com/~/file.txt 3.21 Protocol xxx not supported or disabled in libcurl When passing on a URL to curl to use, it may respond that the particular protocol is not supported or disabled. The particular way this error message is phrased is because curl doesn't make a distinction internally of whether a particular protocol is not supported (i.e. never got any code added that knows how to speak that protocol) or if it was explicitly disabled. curl can be built to only support a given set of protocols, and the rest would then be disabled or not supported. Note that this error will also occur if you pass a wrongly spelled protocol part as in "htpt://example.com" or as in the less evident case if you prefix the protocol part with a space as in " http://example.com/". 3.22 curl -X gives me HTTP problems In normal circumstances, -X should hardly ever be used. By default you use curl without explicitly saying which request method to use when the URL identifies a HTTP transfer. If you just pass in a URL like "curl http://example.com" it will use GET. If you use -d or -F curl will use POST, -I will cause a HEAD and -T will make it a PUT. If for whatever reason you're not happy with these default choices that curl does for you, you can override those request methods by specifying -X [WHATEVER]. This way you can for example send a DELETE by doing "curl -X DELETE [URL]". It is thus pointless to do "curl -XGET [URL]" as GET would be used anyway. In the same vein it is pointless to do "curl -X POST -d data [URL]"... But you can make a fun and somewhat rare request that sends a request-body in a GET request with something like "curl -X GET -d data [URL]" Note that -X doesn't actually change curl's behavior as it only modifies the actual string sent in the request, but that may of course trigger a different set of events. Accordingly, by using -XPOST on a command line that for example would follow a 303 redirect, you will effectively prevent curl from behaving correctly. Be aware. 4. Running Problems 4.1 Problems connecting to SSL servers. It took a very long time before we could sort out why curl had problems to connect to certain SSL servers when using SSLeay or OpenSSL v0.9+. The error sometimes showed up similar to: 16570:error:1407D071:SSL routines:SSL2_READ:bad mac decode:s2_pkt.c:233: It turned out to be because many older SSL servers don't deal with SSLv3 requests properly. To correct this problem, tell curl to select SSLv2 from the command line (-2/--sslv2). There have also been examples where the remote server didn't like the SSLv2 request and instead you had to force curl to use SSLv3 with -3/--sslv3. 4.2 Why do I get problems when I use & or % in the URL? In general unix shells, the & symbol is treated specially and when used, it runs the specified command in the background. To safely send the & as a part of a URL, you should quote the entire URL by using single (') or double (") quotes around it. Similar problems can also occur on some shells with other characters, including ?*!$~(){}<>\|;`. When in doubt, quote the URL. An example that would invoke a remote CGI that uses &-symbols could be: curl 'http://www.altavista.com/cgi-bin/query?text=yes&q=curl' In Windows, the standard DOS shell treats the percent sign specially and you need to use TWO percent signs for each single one you want to use in the URL. If you want a literal percent sign to be part of the data you pass in a POST using -d/--data you must encode it as '%25' (which then also needs the percent sign doubled on Windows machines). 4.3 How can I use {, }, [ or ] to specify multiple URLs? Because those letters have a special meaning to the shell, to be used in a URL specified to curl you must quote them. An example that downloads two URLs (sequentially) would be: curl '{curl,www}.haxx.se' To be able to use those characters as actual parts of the URL (without using them for the curl URL "globbing" system), use the -g/--globoff option: curl -g 'www.site.com/weirdname[].html' 4.4 Why do I get downloaded data even though the web page doesn't exist? Curl asks remote servers for the page you specify. If the page doesn't exist at the server, the HTTP protocol defines how the server should respond and that means that headers and a "page" will be returned. That's simply how HTTP works. By using the --fail option you can tell curl explicitly to not get any data if the HTTP return code doesn't say success. 4.5 Why do I get return code XXX from a HTTP server? RFC2616 clearly explains the return codes. This is a short transcript. Go read the RFC for exact details: 4.5.1 "400 Bad Request" The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications. 4.5.2 "401 Unauthorized" The request requires user authentication. 4.5.3 "403 Forbidden" The server understood the request, but is refusing to fulfil it. Authorization will not help and the request SHOULD NOT be repeated. 4.5.4 "404 Not Found" The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. 4.5.5 "405 Method Not Allowed" The method specified in the Request-Line is not allowed for the resource identified by the Request-URI. The response MUST include an Allow header containing a list of valid methods for the requested resource. 4.5.6 "301 Moved Permanently" If you get this return code and an HTML output similar to this: <H1>Moved Permanently</H1> The document has moved <A HREF="http://same_url_now_with_a_trailing_slash/">here</A>. it might be because you request a directory URL but without the trailing slash. Try the same operation again _with_ the trailing URL, or use the -L/--location option to follow the redirection. 4.6 Can you tell me what error code 142 means? All curl error codes are described at the end of the man page, in the section called "EXIT CODES". Error codes that are larger than the highest documented error code means that curl has exited due to a crash. This is a serious error, and we appreciate a detailed bug report from you that describes how we could go ahead and repeat this! 4.7 How do I keep user names and passwords secret in Curl command lines? This problem has two sides: The first part is to avoid having clear-text passwords in the command line so that they don't appear in 'ps' outputs and similar. That is easily avoided by using the "-K" option to tell curl to read parameters from a file or stdin to which you can pass the secret info. curl itself will also attempt to "hide" the given password by blanking out the option - this doesn't work on all platforms. To keep the passwords in your account secret from the rest of the world is not a task that curl addresses. You could of course encrypt them somehow to at least hide them from being read by human eyes, but that is not what anyone would call security. Also note that regular HTTP (using Basic authentication) and FTP passwords are sent in clear across the network. All it takes for anyone to fetch them is to listen on the network. Eavesdropping is very easy. Use more secure authentication methods (like Digest, Negotiate or even NTLM) or consider the SSL-based alternatives HTTPS and FTPS. 4.8 I found a bug! It is not a bug if the behavior is documented. Read the docs first. Especially check out the KNOWN_BUGS file, it may be a documented bug! If it is a problem with a binary you've downloaded or a package for your particular platform, try contacting the person who built the package/archive you have. If there is a bug, read the BUGS document first. Then report it as described in there. 4.9 Curl can't authenticate to the server that requires NTLM? NTLM support requires OpenSSL, GnuTLS, mbedTLS, NSS, Secure Transport, or Microsoft Windows libraries at build-time to provide this functionality. NTLM is a Microsoft proprietary protocol. Proprietary formats are evil. You should not use such ones. 4.10 My HTTP request using HEAD, PUT or DELETE doesn't work! Many web servers allow or demand that the administrator configures the server properly for these requests to work on the web server. Some servers seem to support HEAD only on certain kinds of URLs. To fully grasp this, try the documentation for the particular server software you're trying to interact with. This is not anything curl can do anything about. 4.11 Why does my HTTP range requests return the full document? Because the range may not be supported by the server, or the server may choose to ignore it and return the full document anyway. 4.12 Why do I get "certificate verify failed" ? You invoke curl 7.10 or later to communicate on a https:// URL and get an error back looking something similar to this: curl: (35) SSL: error:14090086:SSL routines: SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Then it means that curl couldn't verify that the server's certificate was good. Curl verifies the certificate using the CA cert bundle that comes with the curl installation. To disable the verification (which makes it act like curl did before 7.10), use -k. This does however enable man-in-the-middle attacks. If you get this failure but are having a CA cert bundle installed and used, the server's certificate is not signed by one of the CA's in the bundle. It might for example be self-signed. You then correct this problem by obtaining a valid CA cert for the server. Or again, decrease the security by disabling this check. Details are also in the SSLCERTS file in the release archives, found online here: https://curl.haxx.se/docs/sslcerts.html 4.13 Why is curl -R on Windows one hour off? Since curl 7.53.0 this issue should be fixed as long as curl was built with any modern compiler that allows for a 64-bit curl_off_t type. For older compilers or prior curl versions it may set a time that appears one hour off. This happens due to a flaw in how Windows stores and uses file modification times and it is not easily worked around. For more details read this: http://www.codeproject.com/datetime/dstbugs.asp 4.14 Redirects work in browser but not with curl! curl supports HTTP redirects well (see item 3.8). Browsers generally support at least two other ways to perform redirects that curl does not: Meta tags. You can write a HTML tag that will cause the browser to redirect to another given URL after a certain time. Javascript. You can write a Javascript program embedded in a HTML page that redirects the browser to another given URL. There is no way to make curl follow these redirects. You must either manually figure out what the page is set to do, or you write a script that parses the results and fetches the new URL. 4.15 FTPS doesn't work curl supports FTPS (sometimes known as FTP-SSL) both implicit and explicit mode. When a URL is used that starts with FTPS://, curl assumes implicit SSL on the control connection and will therefore immediately connect and try to speak SSL. FTPS:// connections default to port 990. To use explicit FTPS, you use a FTP:// URL and the --ftp-ssl option (or one of its related flavours). This is the most common method, and the one mandated by RFC4217. This kind of connection will then of course use the standard FTP port 21 by default. 4.16 My HTTP POST or PUT requests are slow! libcurl makes all POST and PUT requests (except for POST requests with a very tiny request body) use the "Expect: 100-continue" header. This header allows the server to deny the operation early so that libcurl can bail out before having to send any data. This is useful in authentication cases and others. However, many servers don't implement the Expect: stuff properly and if the server doesn't respond (positively) within 1 second libcurl will continue and send off the data anyway. You can disable libcurl's use of the Expect: header the same way you disable any header, using -H / CURLOPT_HTTPHEADER, or by forcing it to use HTTP 1.0. 4.17 Non-functional connect timeouts In most Windows setups having a timeout longer than 21 seconds make no difference, as it will only send 3 TCP SYN packets and no more. The second packet sent three seconds after the first and the third six seconds after the second. No more than three packets are sent, no matter how long the timeout is set. See option TcpMaxConnectRetransmissions on this page: https://support.microsoft.com/en-us/kb/175523/en-us Also, even on non-Windows systems there may run a firewall or anti-virus software or similar that accepts the connection but does not actually do anything else. This will make (lib)curl to consider the connection connected and thus the connect timeout won't trigger. 4.18 file:// URLs containing drive letters (Windows, NetWare) When using curl to try to download a local file, one might use a URL in this format: file://D:/blah.txt You'll find that even if D:\blah.txt does exist, curl returns a 'file not found' error. According to RFC 1738 (https://www.ietf.org/rfc/rfc1738.txt), file:// URLs must contain a host component, but it is ignored by most implementations. In the above example, 'D:' is treated as the host component, and is taken away. Thus, curl tries to open '/blah.txt'. If your system is installed to drive C:, that will resolve to 'C:\blah.txt', and if that doesn't exist you will get the not found error. To fix this problem, use file:// URLs with *three* leading slashes: file:///D:/blah.txt Alternatively, if it makes more sense, specify 'localhost' as the host component: file://localhost/D:/blah.txt In either case, curl should now be looking for the correct file. 4.19 Why doesn't curl return an error when the network cable is unplugged? Unplugging a cable is not an error situation. The TCP/IP protocol stack was designed to be fault tolerant, so even though there may be a physical break somewhere the connection shouldn't be affected, just possibly delayed. Eventually, the physical break will be fixed or the data will be re-routed around the physical problem through another path. In such cases, the TCP/IP stack is responsible for detecting when the network connection is irrevocably lost. Since with some protocols it is perfectly legal for the client to wait indefinitely for data, the stack may never report a problem, and even when it does, it can take up to 20 minutes for it to detect an issue. The curl option --keepalive-time enables keep-alive support in the TCP/IP stack which makes it periodically probe the connection to make sure it is still available to send data. That should reliably detect any TCP/IP network failure. But even that won't detect the network going down before the TCP/IP connection is established (e.g. during a DNS lookup) or using protocols that don't use TCP. To handle those situations, curl offers a number of timeouts on its own. --speed-limit/--speed-time will abort if the data transfer rate falls too low, and --connect-timeout and --max-time can be used to put an overall timeout on the connection phase or the entire transfer. A libcurl-using application running in a known physical environment (e.g. an embedded device with only a single network connection) may want to act immediately if its lone network connection goes down. That can be achieved by having the application monitor the network connection on its own using an OS-specific mechanism, then signalling libcurl to abort (see also item 5.13). 4.20 curl doesn't return error for HTTP non-200 responses! Correct. Unless you use -f (--fail). When doing HTTP transfers, curl will perform exactly what you're asking it to do and if successful it will not return an error. You can use curl to test your web server's "file not found" page (that gets 404 back), you can use it to check your authentication protected web pages (that gets a 401 back) and so on. The specific HTTP response code does not constitute a problem or error for curl. It simply sends and delivers HTTP as you asked and if that worked, everything is fine and dandy. The response code is generally providing more higher level error information that curl doesn't care about. The error was not in the HTTP transfer. If you want your command line to treat error codes in the 400 and up range as errors and thus return a non-zero value and possibly show an error message, curl has a dedicated option for that: -f (CURLOPT_FAILONERROR in libcurl speak). You can also use the -w option and the variable %{response_code} to extract the exact response code that was returned in the response. 4.21 Why is there a HTTP/1.1 in my HTTP/2 request? If you use verbose to see the HTTP request when you send off a HTTP/2 request, it will still say 1.1. The reason for this is that we first generate the request to send using the old 1.1 style and show that request in the verbose output, and then we convert it over to the binary header-compressed HTTP/2 style. The actual "1.1" part from that request is then not actually used in the transfer. The binary HTTP/2 headers are not human readable. 5. libcurl Issues 5.1 Is libcurl thread-safe? Yes. We have written the libcurl code specifically adjusted for multi-threaded programs. libcurl will use thread-safe functions instead of non-safe ones if your system has such. Note that you must never share the same handle in multiple threads. There may be some exceptions to thread safety depending on how libcurl was built. Please review the guidelines for thread safety to learn more: https://curl.haxx.se/libcurl/c/threadsafe.html 5.2 How can I receive all data into a large memory chunk? [ See also the examples/getinmemory.c source ] You are in full control of the callback function that gets called every time there is data received from the remote server. You can make that callback do whatever you want. You do not have to write the received data to a file. One solution to this problem could be to have a pointer to a struct that you pass to the callback function. You set the pointer using the CURLOPT_WRITEDATA option. Then that pointer will be passed to the callback instead of a FILE * to a file: /* imaginary struct */ struct MemoryStruct { char *memory; size_t size; }; /* imaginary callback function */ size_t WriteMemoryCallback(void *ptr, size_t size, size_t nmemb, void *data) { size_t realsize = size * nmemb; struct MemoryStruct *mem = (struct MemoryStruct *)data; mem->memory = (char *)realloc(mem->memory, mem->size + realsize + 1); if (mem->memory) { memcpy(&(mem->memory[mem->size]), ptr, realsize); mem->size += realsize; mem->memory[mem->size] = 0; } return realsize; } 5.3 How do I fetch multiple files with libcurl? libcurl has excellent support for transferring multiple files. You should just repeatedly set new URLs with curl_easy_setopt() and then transfer it with curl_easy_perform(). The handle you get from curl_easy_init() is not only reusable, but you're even encouraged to reuse it if you can, as that will enable libcurl to use persistent connections. 5.4 Does libcurl do Winsock initialization on win32 systems? Yes, if told to in the curl_global_init() call. 5.5 Does CURLOPT_WRITEDATA and CURLOPT_READDATA work on win32 ? Yes, but you cannot open a FILE * and pass the pointer to a DLL and have that DLL use the FILE * (as the DLL and the client application cannot access each others' variable memory areas). If you set CURLOPT_WRITEDATA you must also use CURLOPT_WRITEFUNCTION as well to set a function that writes the file, even if that simply writes the data to the specified FILE *. Similarly, if you use CURLOPT_READDATA you must also specify CURLOPT_READFUNCTION. 5.6 What about Keep-Alive or persistent connections? curl and libcurl have excellent support for persistent connections when transferring several files from the same server. Curl will attempt to reuse connections for all URLs specified on the same command line/config file, and libcurl will reuse connections for all transfers that are made using the same libcurl handle. When you use the easy interface the connection cache is kept within the easy handle. If you instead use the multi interface, the connection cache will be kept within the multi handle and will be shared among all the easy handles that are used within the same multi handle. 5.7 Link errors when building libcurl on Windows! You need to make sure that your project, and all the libraries (both static and dynamic) that it links against, are compiled/linked against the same run time library. This is determined by the /MD, /ML, /MT (and their corresponding /M?d) options to the command line compiler. /MD (linking against MSVCRT dll) seems to be the most commonly used option. When building an application that uses the static libcurl library, you must add -DCURL_STATICLIB to your CFLAGS. Otherwise the linker will look for dynamic import symbols. If you're using Visual Studio, you need to instead add CURL_STATICLIB in the "Preprocessor Definitions" section. If you get linker error like "unknown symbol __imp__curl_easy_init ..." you have linked against the wrong (static) library. If you want to use the libcurl.dll and import lib, you don't need any extra CFLAGS, but use one of the import libraries below. These are the libraries produced by the various lib/Makefile.* files: Target: static lib. import lib for libcurl*.dll. ----------------------------------------------------------- MingW: libcurl.a libcurldll.a MSVC (release): libcurl.lib libcurl_imp.lib MSVC (debug): libcurld.lib libcurld_imp.lib Borland: libcurl.lib libcurl_imp.lib 5.8 libcurl.so.X: open failed: No such file or directory This is an error message you might get when you try to run a program linked with a shared version of libcurl and your run-time linker (ld.so) couldn't find the shared library named libcurl.so.X. (Where X is the number of the current libcurl ABI, typically 3 or 4). You need to make sure that ld.so finds libcurl.so.X. You can do that multiple ways, and it differs somewhat between different operating systems, but they are usually: * Add an option to the linker command line that specify the hard-coded path the run-time linker should check for the lib (usually -R) * Set an environment variable (LD_LIBRARY_PATH for example) where ld.so should check for libs * Adjust the system's config to check for libs in the directory where you've put the dir (like Linux's /etc/ld.so.conf) 'man ld.so' and 'man ld' will tell you more details 5.9 How does libcurl resolve host names? libcurl supports a large a number of different name resolve functions. One of them is picked at build-time and will be used unconditionally. Thus, if you want to change name resolver function you must rebuild libcurl and tell it to use a different function. - The non-IPv6 resolver that can use one of four different host name resolve calls (depending on what your system supports): A - gethostbyname() B - gethostbyname_r() with 3 arguments C - gethostbyname_r() with 5 arguments D - gethostbyname_r() with 6 arguments - The IPv6-resolver that uses getaddrinfo() - The c-ares based name resolver that uses the c-ares library for resolves. Using this offers asynchronous name resolves. - The threaded resolver (default option on Windows). It uses: A - gethostbyname() on plain IPv4 hosts B - getaddrinfo() on IPv6 enabled hosts Also note that libcurl never resolves or reverse-lookups addresses given as pure numbers, such as 127.0.0.1 or ::1. 5.10 How do I prevent libcurl from writing the response to stdout? libcurl provides a default built-in write function that writes received data to stdout. Set the CURLOPT_WRITEFUNCTION to receive the data, or possibly set CURLOPT_WRITEDATA to a different FILE * handle. 5.11 How do I make libcurl not receive the whole HTTP response? You make the write callback (or progress callback) return an error and libcurl will then abort the transfer. 5.12 Can I make libcurl fake or hide my real IP address? No. libcurl operates on a higher level. Besides, faking IP address would imply sending IP packets with a made-up source address, and then you normally get a problem with receiving the packet sent back as they would then not be routed to you! If you use a proxy to access remote sites, the sites will not see your local IP address but instead the address of the proxy. Also note that on many networks NATs or other IP-munging techniques are used that makes you see and use a different IP address locally than what the remote server will see you coming from. You may also consider using https://www.torproject.org/ . 5.13 How do I stop an ongoing transfer? With the easy interface you make sure to return the correct error code from one of the callbacks, but none of them are instant. There is no function you can call from another thread or similar that will stop it immediately. Instead, you need to make sure that one of the callbacks you use returns an appropriate value that will stop the transfer. Suitable callbacks that you can do this with include the progress callback, the read callback and the write callback. If you're using the multi interface, you can also stop a transfer by removing the particular easy handle from the multi stack at any moment you think the transfer is done or when you wish to abort the transfer. 5.14 Using C++ non-static functions for callbacks? libcurl is a C library, it doesn't know anything about C++ member functions. You can overcome this "limitation" with relative ease using a static member function that is passed a pointer to the class: // f is the pointer to your object. static size_t YourClass::func(void *buffer, size_t sz, size_t n, void *f) { // Call non-static member function. static_cast<YourClass*>(f)->nonStaticFunction(); } // This is how you pass pointer to the static function: curl_easy_setopt(hcurl, CURLOPT_WRITEFUNCTION, YourClass::func); curl_easy_setopt(hcurl, CURLOPT_WRITEDATA, this); 5.15 How do I get an FTP directory listing? If you end the FTP URL you request with a slash, libcurl will provide you with a directory listing of that given directory. You can also set CURLOPT_CUSTOMREQUEST to alter what exact listing command libcurl would use to list the files. The follow-up question tends to be how is a program supposed to parse the directory listing. How does it know what's a file and what's a dir and what's a symlink etc. If the FTP server supports the MLSD command then it will return data in a machine-readable format that can be parsed for type. The types are specified by RFC3659 section 7.5.1. If MLSD is not supported then you have to work with what you're given. The LIST output format is entirely at the server's own liking and the NLST output doesn't reveal any types and in many cases doesn't even include all the directory entries. Also, both LIST and NLST tend to hide unix-style hidden files (those that start with a dot) by default so you need to do "LIST -a" or similar to see them. Example - List only directories. ftp.funet.fi supports MLSD and ftp.kernel.org does not: curl -s ftp.funet.fi/pub/ -X MLSD | \ perl -lne 'print if s/(?:^|;)type=dir;[^ ]+ (.+)$/$1/' curl -s ftp.kernel.org/pub/linux/kernel/ | \ perl -lne 'print if s/^d[-rwx]{9}(?: +[^ ]+){7} (.+)$/$1/' If you need to parse LIST output in libcurl one such existing list parser is available at https://cr.yp.to/ftpparse.html Versions of libcurl since 7.21.0 also provide the ability to specify a wildcard to download multiple files from one FTP directory. 5.16 I want a different time-out! Time and time again users realize that CURLOPT_TIMEOUT and CURLOPT_CONNECTIMEOUT are not sufficiently advanced or flexible to cover all the various use cases and scenarios applications end up with. libcurl offers many more ways to time-out operations. A common alternative is to use the CURLOPT_LOW_SPEED_LIMIT and CURLOPT_LOW_SPEED_TIME options to specify the lowest possible speed to accept before to consider the transfer timed out. The most flexible way is by writing your own time-out logic and using CURLOPT_PROGRESSFUNCTION (perhaps in combination with other callbacks) and use that to figure out exactly when the right condition is met when the transfer should get stopped. 5.17 Can I write a server with libcurl? No. libcurl offers no functions or building blocks to build any kind of internet protocol server. libcurl is only a client-side library. For server libraries, you need to continue your search elsewhere but there exist many good open source ones out there for most protocols you could possibly want a server for. And there are really good stand-alone ones that have been tested and proven for many years. There's no need for you to reinvent them! 5.18 Does libcurl use threads? Put simply: no, libcurl will execute in the same thread you call it in. All callbacks will be called in the same thread as the one you call libcurl in. If you want to avoid your thread to be blocked by the libcurl call, you make sure you use the non-blocking API which will do transfers asynchronously - but still in the same single thread. libcurl will potentially internally use threads for name resolving, if it was built to work like that, but in those cases it'll create the child threads by itself and they will only be used and then killed internally by libcurl and never exposed to the outside. 6. License Issues Curl and libcurl are released under a MIT/X derivate license. The license is very liberal and should not impose a problem for your project. This section is just a brief summary for the cases we get the most questions. (Parts of this section was much enhanced by Bjorn Reese.) We are not lawyers and this is not legal advice. You should probably consult one if you want true and accurate legal insights without our prejudice. Note especially that this section concerns the libcurl license only; compiling in features of libcurl that depend on other libraries (e.g. OpenSSL) may affect the licensing obligations of your application. 6.1 I have a GPL program, can I use the libcurl library? Yes! Since libcurl may be distributed under the MIT/X derivate license, it can be used together with GPL in any software. 6.2 I have a closed-source program, can I use the libcurl library? Yes! libcurl does not put any restrictions on the program that uses the library. 6.3 I have a BSD licensed program, can I use the libcurl library? Yes! libcurl does not put any restrictions on the program that uses the library. 6.4 I have a program that uses LGPL libraries, can I use libcurl? Yes! The LGPL license doesn't clash with other licenses. 6.5 Can I modify curl/libcurl for my program and keep the changes secret? Yes! The MIT/X derivate license practically allows you to do almost anything with the sources, on the condition that the copyright texts in the sources are left intact. 6.6 Can you please change the curl/libcurl license to XXXX? No. We have carefully picked this license after years of development and discussions and a large amount of people have contributed with source code knowing that this is the license we use. This license puts the restrictions we want on curl/libcurl and it does not spread to other programs or libraries that use it. It should be possible for everyone to use libcurl or curl in their projects, no matter what license they already have in use. 6.7 What are my obligations when using libcurl in my commercial apps? Next to none. All you need to adhere to is the MIT-style license (stated in the COPYING file) which basically says you have to include the copyright notice in "all copies" and that you may not use the copyright holder's name when promoting your software. You do not have to release any of your source code. You do not have to reveal or make public any changes to the libcurl source code. You do not have to broadcast to the world that you are using libcurl within your app. All we ask is that you disclose "the copyright notice and this permission notice" somewhere. Most probably like in the documentation or in the section where other third party dependencies already are mentioned and acknowledged. As can be seen here: https://curl.haxx.se/docs/companies.html and elsewhere, more and more companies are discovering the power of libcurl and take advantage of it even in commercial environments. 7. PHP/CURL Issues 7.1 What is PHP/CURL? The module for PHP that makes it possible for PHP programs to access curl- functions from within PHP. In the cURL project we call this module PHP/CURL to differentiate it from curl the command line tool and libcurl the library. The PHP team however does not refer to it like this (for unknown reasons). They call it plain CURL (often using all caps) or sometimes ext/curl, but both cause much confusion to users which in turn gives us a higher question load. 7.2 Who wrote PHP/CURL? PHP/CURL was initially written by Sterling Hughes. 7.3 Can I perform multiple requests using the same handle? Yes - at least in PHP version 4.3.8 and later (this has been known to not work in earlier versions, but the exact version when it started to work is unknown to me). After a transfer, you just set new options in the handle and make another transfer. This will make libcurl re-use the same connection if it can. 7.4 Does PHP/CURL have dependencies? PHP/CURL is a module that comes with the regular PHP package. It depends on and uses libcurl, so you need to have libcurl installed properly before PHP/CURL can be used. |
Added scriptlibs/softwareupdate/curl/docs/FEATURES.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 | _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| FEATURES curl tool - config file support - multiple URLs in a single command line - range "globbing" support: [0-13], {one,two,three} - multiple file upload on a single command line - custom maximum transfer rate - redirectable stderr - metalink support (*13) libcurl - full URL syntax with no length limit - custom maximum download time - custom least download speed acceptable - custom output result after completion - guesses protocol from host name unless specified - uses .netrc - progress bar with time statistics while downloading - "standard" proxy environment variables support - compiles on win32 (reported builds on 40+ operating systems) - selectable network interface for outgoing traffic - IPv6 support on unix and Windows - persistent connections - socks 4 + 5 support, with or without local name resolving - supports user name and password in proxy environment variables - operations through proxy "tunnel" (using CONNECT) - support for large files (>2GB and >4GB) during upload and download - replaceable memory functions (malloc, free, realloc, etc) - asynchronous name resolving (*6) - both a push and a pull style interface - international domain names (*11) HTTP - HTTP/1.1 compliant (optionally uses 1.0) - GET - PUT - HEAD - POST - Pipelining - multipart formpost (RFC1867-style) - authentication: Basic, Digest, NTLM (*9) and Negotiate (SPNEGO) (*3) to server and proxy - resume (both GET and PUT) - follow redirects - maximum amount of redirects to follow - custom HTTP request - cookie get/send fully parsed - reads/writes the netscape cookie file format - custom headers (replace/remove internally generated headers) - custom user-agent string - custom referrer string - range - proxy authentication - time conditions - via http-proxy - retrieve file modification date - Content-Encoding support for deflate and gzip - "Transfer-Encoding: chunked" support in uploads - data compression (*12) - HTTP/2 (*5) HTTPS (*1) - (all the HTTP features) - using client certificates - verify server certificate - via http-proxy - select desired encryption - force usage of a specific SSL version (SSLv2 (*7), SSLv3 (*10) or TLSv1) FTP - download - authentication - Kerberos 5 (*14) - active/passive using PORT, EPRT, PASV or EPSV - single file size information (compare to HTTP HEAD) - 'type=' URL support - dir listing - dir listing names-only - upload - upload append - upload via http-proxy as HTTP PUT - download resume - upload resume - custom ftp commands (before and/or after the transfer) - simple "range" support - via http-proxy - all operations can be tunneled through a http-proxy - customizable to retrieve file modification date - no dir depth limit FTPS (*1) - implicit ftps:// support that use SSL on both connections - explicit "AUTH TLS" and "AUTH SSL" usage to "upgrade" plain ftp:// connection to use SSL for both or one of the connections SCP (*8) - both password and public key auth SFTP (*8) - both password and public key auth - with custom commands sent before/after the transfer TFTP - download - upload TELNET - connection negotiation - custom telnet options - stdin/stdout I/O LDAP (*2) - full LDAP URL support DICT - extended DICT URL support FILE - URL support - upload - resume SMB - SMBv1 over TCP and SSL - download - upload - authentication with NTLMv1 SMTP - authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9), Kerberos 5 (*4) and External. - send e-mails - mail from support - mail size support - mail auth support for trusted server-to-server relaying - multiple recipients - via http-proxy SMTPS (*1) - implicit smtps:// support - explicit "STARTTLS" usage to "upgrade" plain smtp:// connections to use SSL - via http-proxy POP3 - authentication: Clear Text, APOP and SASL - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9), Kerberos 5 (*4) and External. - list e-mails - retrieve e-mails - enhanced command support for: CAPA, DELE, TOP, STAT, UIDL and NOOP via custom requests - via http-proxy POP3S (*1) - implicit pop3s:// support - explicit "STLS" usage to "upgrade" plain pop3:// connections to use SSL - via http-proxy IMAP - authentication: Clear Text and SASL - SASL based authentication: Plain, Login, CRAM-MD5, Digest-MD5, NTLM (*9), Kerberos 5 (*4) and External. - list the folders of a mailbox - select a mailbox with support for verifying the UIDVALIDITY - fetch e-mails with support for specifying the UID and SECTION - upload e-mails via the append command - enhanced command support for: EXAMINE, CREATE, DELETE, RENAME, STATUS, STORE, COPY and UID via custom requests - via http-proxy IMAPS (*1) - implicit imaps:// support - explicit "STARTTLS" usage to "upgrade" plain imap:// connections to use SSL - via http-proxy FOOTNOTES ========= *1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS, PolarSSL, WinSSL (native Windows), Secure Transport (native iOS/OS X) or GSKit (native IBM i) *2 = requires OpenLDAP *3 = requires a GSS-API implementation (such as Heimdal or MIT Kerberos) or SSPI (native Windows) *4 = requires a GSS-API implementation, however, only Windows SSPI is currently supported *5 = requires nghttp2 and possibly a recent TLS library *6 = requires c-ares *7 = requires OpenSSL, NSS, GSKit, WinSSL or Secure Transport; GnuTLS, for example, only supports SSLv3 and TLSv1 *8 = requires libssh2 *9 = requires OpenSSL, GnuTLS, mbedTLS, NSS, yassl, Secure Transport or SSPI (native Windows) *10 = requires any of the SSL libraries in (*1) above other than axTLS, which does not support SSLv3 *11 = requires libidn or Windows *12 = requires libz *13 = requires libmetalink, and either an Apple or Microsoft operating system, or OpenSSL, or GnuTLS, or NSS *14 = requires a GSS-API implementation (such as Heimdal or MIT Kerberos) |
Added scriptlibs/softwareupdate/curl/docs/HISTORY.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 | How curl Became Like This ========================= Towards the end of 1996, Daniel Stenberg was spending time writing an IRC bot for an Amiga related channel on EFnet. He then came up with the idea to make currency-exchange calculations available to Internet Relay Chat (IRC) users. All the necessary data were published on the Web; he just needed to automate their retrieval. Daniel simply adopted an existing command-line open-source tool, httpget, that Brazilian Rafael Sagula had written and recently released version 0.1 of. After a few minor adjustments, it did just what he needed. 1997 ---- HttpGet 1.0 was released on April 8th 1997 with brand new HTTP proxy support. We soon found and fixed support for getting currencies over GOPHER. Once FTP download support was added, the name of the project was changed and urlget 2.0 was released in August 1997. The http-only days were already passed. 1998 ---- The project slowly grew bigger. When upload capabilities were added and the name once again was misleading, a second name change was made and on March 20, 1998 curl 4 was released. (The version numbering from the previous names was kept.) (Unrelated to this project a company called Curl Corporation registered a US trademark on the name "CURL" on May 18 1998. That company had then already registered the curl.com domain back in November of the previous year. All this was revealed to us much later.) SSL support was added, powered by the SSLeay library. August: first announcement of curl on freshmeat.net. October: with the curl 4.9 release and the introduction of cookie support, curl was no longer released under the GPL license. Now we're at 4000 lines of code, we switched over to the MPL license to restrict the effects of "copyleft". November: configure script and reported successful compiles on several major operating systems. The never-quite-understood -F option was added and curl could now simulate quite a lot of a browser. TELNET support was added. Curl 5 was released in December 1998 and introduced the first ever curl man page. People started making Linux RPM packages out of it. 1999 ---- January: DICT support added. OpenSSL took over and SSLeay was abandoned. May: first Debian package. August: LDAP:// and FILE:// support added. The curl web site gets 1300 visits weekly. Moved site to curl.haxx.nu. September: Released curl 6.0. 15000 lines of code. December 28: added the project on Sourceforge and started using its services for managing the project. 2000 ---- Spring: major internal overhaul to provide a suitable library interface. The first non-beta release was named 7.1 and arrived in August. This offered the easy interface and turned out to be the beginning of actually getting other software and programs to be based on and powered by libcurl. Almost 20000 lines of code. June: the curl site moves to "curl.haxx.se" August, the curl web site gets 4000 visits weekly. The PHP guys adopted libcurl already the same month, when the first ever third party libcurl binding showed up. CURL has been a supported module in PHP since the release of PHP 4.0.2. This would soon get followers. More than 16 different bindings exist at the time of this writing. September: kerberos4 support was added. November: started the work on a test suite for curl. It was later re-written from scratch again. The libcurl major SONAME number was set to 1. 2001 ---- January: Daniel released curl 7.5.2 under a new license again: MIT (or MPL). The MIT license is extremely liberal and can be combined with GPL in other projects. This would finally put an end to the "complaints" from people involved in GPLed projects that previously were prohibited from using libcurl while it was released under MPL only. (Due to the fact that MPL is deemed "GPL incompatible".) March 22: curl supports HTTP 1.1 starting with the release of 7.7. This also introduced libcurl's ability to do persistent connections. 24000 lines of code. The libcurl major SONAME number was bumped to 2 due to this overhaul. The first experimental ftps:// support was added. August: curl is bundled in Mac OS X, 10.1. It was already becoming more and more of a standard utility of Linux distributions and a regular in the BSD ports collections. The curl web site gets 8000 visits weekly. Curl Corporation contacted Daniel to discuss "the name issue". After Daniel's reply, they have never since got back in touch again. September: libcurl 7.9 introduces cookie jar and curl_formadd(). During the forthcoming 7.9.x releases, we introduced the multi interface slowly and without many whistles. 2002 ---- June: the curl web site gets 13000 visits weekly. curl and libcurl is 35000 lines of code. Reported successful compiles on more than 40 combinations of CPUs and operating systems. To estimate number of users of the curl tool or libcurl library is next to impossible. Around 5000 downloaded packages each week from the main site gives a hint, but the packages are mirrored extensively, bundled with numerous OS distributions and otherwise retrieved as part of other software. September: with the release of curl 7.10 it is released under the MIT license only. 2003 ---- January: Started working on the distributed curl tests. The autobuilds. February: the curl site averages at 20000 visits weekly. At any given moment, there's an average of 3 people browsing the curl.haxx.se site. Multiple new authentication schemes are supported: Digest (May), NTLM (June) and Negotiate (June). November: curl 7.10.8 is released. 45000 lines of code. ~55000 unique visitors to the curl.haxx.se site. Five official web mirrors. December: full-fledged SSL for FTP is supported. 2004 ---- January: curl 7.11.0 introduced large file support. June: curl 7.12.0 introduced IDN support. 10 official web mirrors. This release bumped the major SONAME to 3 due to the removal of the curl_formparse() function August: Curl and libcurl 7.12.1 Public curl release number: 82 Releases counted from the very beginning: 109 Available command line options: 96 Available curl_easy_setopt() options: 120 Number of public functions in libcurl: 36 Amount of public web site mirrors: 12 Number of known libcurl bindings: 26 2005 ---- April: GnuTLS can now optionally be used for the secure layer when curl is built. April: Added the multi_socket() API September: TFTP support was added. More than 100,000 unique visitors of the curl web site. 25 mirrors. December: security vulnerability: libcurl URL Buffer Overflow 2006 ---- January: We dropped support for Gopher. We found bugs in the implementation that turned out to have been introduced years ago, so with the conclusion that nobody had found out in all this time we removed it instead of fixing it. March: security vulnerability: libcurl TFTP Packet Buffer Overflow September: The major SONAME number for libcurl was bumped to 4 due to the removal of ftp third party transfer support. November: Added SCP and SFTP support 2007 ---- February: Added support for the Mozilla NSS library to do the SSL/TLS stuff July: security vulnerability: libcurl GnuTLS insufficient cert verification 2008 ---- November: Command line options: 128 curl_easy_setopt() options: 158 Public functions in libcurl: 58 Known libcurl bindings: 37 Contributors: 683 145,000 unique visitors. >100 GB downloaded. 2009 ---- March: security vulnerability: libcurl Arbitrary File Access August: security vulnerability: libcurl embedded zero in cert name December: Added support for IMAP, POP3 and SMTP 2010 ---- January: Added support for RTSP February: security vulnerability: libcurl data callback excessive length March: The project switched over to use git (hosted by github) instead of CVS for source code control May: Added support for RTMP Added support for PolarSSL to do the SSL/TLS stuff August: Public curl releases: 117 Command line options: 138 curl_easy_setopt() options: 180 Public functions in libcurl: 58 Known libcurl bindings: 39 Contributors: 808 Gopher support added (re-added actually, see January 2006) 2012 ---- July: Added support for Schannel (native Windows TLS backend) and Darwin SSL (Native Mac OS X and iOS TLS backend). Supports metalink October: SSH-agent support. 2013 ---- February: Cleaned up internals to always uses the "multi" non-blocking approach internally and only expose the blocking API with a wrapper. September: First small steps on supporting HTTP/2 with nghttp2. October: Removed krb4 support. December: Happy eyeballs. 2014 ---- March: first real release supporting HTTP/2 September: Web site had 245,000 unique visitors and served 236GB data |
Added scriptlibs/softwareupdate/curl/docs/HTTP-COOKIES.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 | # HTTP Cookies ## Cookie overview Cookies are `name=contents` pairs that a HTTP server tells the client to hold and then the client sends back those to the server on subsequent requests to the same domains and paths for which the cookies were set. Cookies are either "session cookies" which typically are forgotten when the session is over which is often translated to equal when browser quits, or the cookies aren't session cookies they have expiration dates after which the client will throw them away. Cookies are set to the client with the Set-Cookie: header and are sent to servers with the Cookie: header. For a very long time, the only spec explaining how to use cookies was the original [Netscape spec from 1994](https://curl.haxx.se/rfc/cookie_spec.html). In 2011, [RFC6265](https://www.ietf.org/rfc/rfc6265.txt) was finally published and details how cookies work within HTTP. ## Cookies saved to disk Netscape once created a file format for storing cookies on disk so that they would survive browser restarts. curl adopted that file format to allow sharing the cookies with browsers, only to see browsers move away from that format. Modern browsers no longer use it, while curl still does. The netscape cookie file format stores one cookie per physical line in the file with a bunch of associated meta data, each field separated with TAB. That file is called the cookiejar in curl terminology. When libcurl saves a cookiejar, it creates a file header of its own in which there is a URL mention that will link to the web version of this document. ## Cookies with curl the command line tool curl has a full cookie "engine" built in. If you just activate it, you can have curl receive and send cookies exactly as mandated in the specs. Command line options: `-b, --cookie` tell curl a file to read cookies from and start the cookie engine, or if it isn't a file it will pass on the given string. -b name=var works and so does -b cookiefile. `-j, --junk-session-cookies` when used in combination with -b, it will skip all "session cookies" on load so as to appear to start a new cookie session. `-c, --cookie-jar` tell curl to start the cookie engine and write cookies to the given file after the request(s) ## Cookies with libcurl libcurl offers several ways to enable and interface the cookie engine. These options are the ones provided by the native API. libcurl bindings may offer access to them using other means. `CURLOPT_COOKIE` Is used when you want to specify the exact contents of a cookie header to send to the server. `CURLOPT_COOKIEFILE` Tell libcurl to activate the cookie engine, and to read the initial set of cookies from the given file. Read-only. `CURLOPT_COOKIEJAR` Tell libcurl to activate the cookie engine, and when the easy handle is closed save all known cookies to the given cookiejar file. Write-only. `CURLOPT_COOKIELIST` Provide detailed information about a single cookie to add to the internal storage of cookies. Pass in the cookie as a HTTP header with all the details set, or pass in a line from a netscape cookie file. This option can also be used to flush the cookies etc. `CURLINFO_COOKIELIST` Extract cookie information from the internal cookie storage as a linked list. ## Cookies with javascript These days a lot of the web is built up by javascript. The webbrowser loads complete programs that render the page you see. These javascript programs can also set and access cookies. Since curl and libcurl are plain HTTP clients without any knowledge of or capability to handle javascript, such cookies will not be detected or used. Often, if you want to mimic what a browser does on such web sites, you can record web browser HTTP traffic when using such a site and then repeat the cookie operations using curl or libcurl. |
Added scriptlibs/softwareupdate/curl/docs/HTTP2.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 | HTTP/2 with curl ================ [HTTP/2 Spec](https://www.rfc-editor.org/rfc/rfc7540.txt) [http2 explained](https://daniel.haxx.se/http2/) Build prerequisites ------------------- - nghttp2 - OpenSSL, libressl, BoringSSL, NSS, GnutTLS, mbedTLS, wolfSSL or SChannel with a new enough version. [nghttp2](https://nghttp2.org/) ------------------------------- libcurl uses this 3rd party library for the low level protocol handling parts. The reason for this is that HTTP/2 is much more complex at that layer than HTTP/1.1 (which we implement on our own) and that nghttp2 is an already existing and well functional library. We require at least version 1.0.0. Over an http:// URL ------------------- If `CURLOPT_HTTP_VERSION` is set to `CURL_HTTP_VERSION_2_0`, libcurl will include an upgrade header in the initial request to the host to allow upgrading to HTTP/2. Possibly we can later introduce an option that will cause libcurl to fail if not possible to upgrade. Possibly we introduce an option that makes libcurl use HTTP/2 at once over http:// Over an https:// URL -------------------- If `CURLOPT_HTTP_VERSION` is set to `CURL_HTTP_VERSION_2_0`, libcurl will use ALPN (or NPN) to negotiate which protocol to continue with. Possibly introduce an option that will cause libcurl to fail if not possible to use HTTP/2. `CURL_HTTP_VERSION_2TLS` was added in 7.47.0 as a way to ask libcurl to prefer HTTP/2 for HTTPS but stick to 1.1 by default for plain old HTTP connections. ALPN is the TLS extension that HTTP/2 is expected to use. The NPN extension is for a similar purpose, was made prior to ALPN and is used for SPDY so early HTTP/2 servers are implemented using NPN before ALPN support is widespread. `CURLOPT_SSL_ENABLE_ALPN` and `CURLOPT_SSL_ENABLE_NPN` are offered to allow applications to explicitly disable ALPN or NPN. SSL libs -------- The challenge is the ALPN and NPN support and all our different SSL backends. You may need a fairly updated SSL library version for it to provide the necessary TLS features. Right now we support: - OpenSSL: ALPN and NPN - libressl: ALPN and NPN - BoringSSL: ALPN and NPN - NSS: ALPN and NPN - GnuTLS: ALPN - mbedTLS: ALPN - SChannel: ALPN - wolfSSL: ALPN Multiplexing ------------ Starting in 7.43.0, libcurl fully supports HTTP/2 multiplexing, which is the term for doing multiple independent transfers over the same physical TCP connection. To take advantage of multiplexing, you need to use the multi interface and set `CURLMOPT_PIPELINING` to `CURLPIPE_MULTIPLEX`. With that bit set, libcurl will attempt to re-use existing HTTP/2 connections and just add a new stream over that when doing subsequent parallel requests. While libcurl sets up a connection to a HTTP server there is a period during which it doesn't know if it can pipeline or do multiplexing and if you add new transfers in that period, libcurl will default to start new connections for those transfers. With the new option `CURLOPT_PIPEWAIT` (added in 7.43.0), you can ask that a transfer should rather wait and see in case there's a connection for the same host in progress that might end up being possible to multiplex on. It favours keeping the number of connections low to the cost of slightly longer time to first byte transferred. Applications ------------ We hide HTTP/2's binary nature and convert received HTTP/2 traffic to headers in HTTP 1.1 style. This allows applications to work unmodified. curl tool --------- curl offers the `--http2` command line option to enable use of HTTP/2. curl offers the `--http2-prior-knowledge` command line option to enable use of HTTP/2 without HTTP/1.1 Upgrade. Since 7.47.0, the curl tool enables HTTP/2 by default for HTTPS connections. curl tool limitations --------------------- The command line tool won't do any HTTP/2 multiplexing even though libcurl supports it, simply because the curl tool is not written to take advantage of the libcurl API that's necessary for this (the multi interface). We have an outstanding TODO item for this and **you** can help us make it happen. The command line tool also doesn't support HTTP/2 server push for the same reason it doesn't do multiplexing: it needs to use the multi interface for that so that multiplexing is supported. HTTP Alternative Services ------------------------- Alt-Svc is an extension with a corresponding frame (ALTSVC) in HTTP/2 that tells the client about an alternative "route" to the same content for the same origin server that you get the response from. A browser or long-living client can use that hint to create a new connection asynchronously. For libcurl, we may introduce a way to bring such clues to the application and/or let a subsequent request use the alternate route automatically. [Detailed in RFC 7838](https://tools.ietf.org/html/rfc7838) |
Added scriptlibs/softwareupdate/curl/docs/INSTALL.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 | # how to install curl and libcurl ## Installing Binary Packages Lots of people download binary distributions of curl and libcurl. This document does not describe how to install curl or libcurl using such a binary package. This document describes how to compile, build and install curl and libcurl from source code. ## Building from git If you get your code off a git repository instead of a release tarball, see the `GIT-INFO` file in the root directory for specific instructions on how to proceed. # Unix A normal Unix installation is made in three or four steps (after you've unpacked the source archive): ./configure make make test (optional) make install You probably need to be root when doing the last command. Get a full listing of all available configure options by invoking it like: ./configure --help If you want to install curl in a different file hierarchy than `/usr/local`, specify that when running configure: ./configure --prefix=/path/to/curl/tree If you have write permission in that directory, you can do 'make install' without being root. An example of this would be to make a local install in your own home directory: ./configure --prefix=$HOME make make install The configure script always tries to find a working SSL library unless explicitly told not to. If you have OpenSSL installed in the default search path for your compiler/linker, you don't need to do anything special. If you have OpenSSL installed in /usr/local/ssl, you can run configure like: ./configure --with-ssl If you have OpenSSL installed somewhere else (for example, /opt/OpenSSL) and you have pkg-config installed, set the pkg-config path first, like this: env PKG_CONFIG_PATH=/opt/OpenSSL/lib/pkgconfig ./configure --with-ssl Without pkg-config installed, use this: ./configure --with-ssl=/opt/OpenSSL If you insist on forcing a build without SSL support, even though you may have OpenSSL installed in your system, you can run configure like this: ./configure --without-ssl If you have OpenSSL installed, but with the libraries in one place and the header files somewhere else, you have to set the LDFLAGS and CPPFLAGS environment variables prior to running configure. Something like this should work: CPPFLAGS="-I/path/to/ssl/include" LDFLAGS="-L/path/to/ssl/lib" ./configure If you have shared SSL libs installed in a directory where your run-time linker doesn't find them (which usually causes configure failures), you can provide the -R option to ld on some operating systems to set a hard-coded path to the run-time linker: LDFLAGS=-R/usr/local/ssl/lib ./configure --with-ssl ## More Options To force a static library compile, disable the shared library creation by running configure like: ./configure --disable-shared To tell the configure script to skip searching for thread-safe functions, add an option like: ./configure --disable-thread If you're a curl developer and use gcc, you might want to enable more debug options with the `--enable-debug` option. curl can be built to use a whole range of libraries to provide various useful services, and configure will try to auto-detect a decent default. But if you want to alter it, you can select how to deal with each individual library. ## Select TLS backend The default OpenSSL configure check will also detect and use BoringSSL or libressl. - GnuTLS: `--without-ssl --with-gnutls`. - Cyassl: `--without-ssl --with-cyassl` - NSS: `--without-ssl --with-nss` - PolarSSL: `--without-ssl --with-polarssl` - mbedTLS: `--without-ssl --with-mbedtls` - axTLS: `--without-ssl --with-axtls` - schannel: `--without-ssl --with-winssl` - secure transport: `--with-winssl --with-darwinssl` # Windows ## Building Windows DLLs and C run-time (CRT) linkage issues As a general rule, building a DLL with static CRT linkage is highly discouraged, and intermixing CRTs in the same app is something to avoid at any cost. Reading and comprehending Microsoft Knowledge Base articles KB94248 and KB140584 is a must for any Windows developer. Especially important is full understanding if you are not going to follow the advice given above. - [How To Use the C Run-Time](https://support.microsoft.com/kb/94248/en-us) - [How to link with the correct C Run-Time CRT library](https://support.microsoft.com/kb/140584/en-us) - [Potential Errors Passing CRT Objects Across DLL Boundaries](https://msdn.microsoft.com/en-us/library/ms235460) If your app is misbehaving in some strange way, or it is suffering from memory corruption, before asking for further help, please try first to rebuild every single library your app uses as well as your app using the debug multithreaded dynamic C runtime. If you get linkage errors read section 5.7 of the FAQ document. ## MingW32 Make sure that MinGW32's bin dir is in the search path, for example: set PATH=c:\mingw32\bin;%PATH% then run `mingw32-make mingw32` in the root dir. There are other make targets available to build libcurl with more features, use: - `mingw32-make mingw32-zlib` to build with Zlib support; - `mingw32-make mingw32-ssl-zlib` to build with SSL and Zlib enabled; - `mingw32-make mingw32-ssh2-ssl-zlib` to build with SSH2, SSL, Zlib; - `mingw32-make mingw32-ssh2-ssl-sspi-zlib` to build with SSH2, SSL, Zlib and SSPI support. If you have any problems linking libraries or finding header files, be sure to verify that the provided "Makefile.m32" files use the proper paths, and adjust as necessary. It is also possible to override these paths with environment variables, for example: set ZLIB_PATH=c:\zlib-1.2.8 set OPENSSL_PATH=c:\openssl-1.0.2c set LIBSSH2_PATH=c:\libssh2-1.6.0 It is also possible to build with other LDAP SDKs than MS LDAP; currently it is possible to build with native Win32 OpenLDAP, or with the Novell CLDAP SDK. If you want to use these you need to set these vars: set LDAP_SDK=c:\openldap set USE_LDAP_OPENLDAP=1 or for using the Novell SDK: set USE_LDAP_NOVELL=1 If you want to enable LDAPS support then set LDAPS=1. ## Cygwin Almost identical to the unix installation. Run the configure script in the curl source tree root with `sh configure`. Make sure you have the sh executable in /bin/ or you'll see the configure fail toward the end. Run `make` ## Borland C++ compiler Ensure that your build environment is properly set up to use the compiler and associated tools. PATH environment variable must include the path to bin subdirectory of your compiler installation, eg: `c:\Borland\BCC55\bin` It is advisable to set environment variable BCCDIR to the base path of the compiler installation. set BCCDIR=c:\Borland\BCC55 In order to build a plain vanilla version of curl and libcurl run the following command from curl's root directory: make borland To build curl and libcurl with zlib and OpenSSL support set environment variables `ZLIB_PATH` and `OPENSSL_PATH` to the base subdirectories of the already built zlib and OpenSSL libraries and from curl's root directory run command: make borland-ssl-zlib libcurl library will be built in 'lib' subdirectory while curl tool is built in 'src' subdirectory. In order to use libcurl library it is advisable to modify compiler's configuration file bcc32.cfg located in `c:\Borland\BCC55\bin` to reflect the location of libraries include paths for example the '-I' line could result in something like: -I"c:\Borland\BCC55\include;c:\curl\include;c:\openssl\inc32" bcc3.cfg `-L` line could also be modified to reflect the location of of libcurl library resulting for example: -L"c:\Borland\BCC55\lib;c:\curl\lib;c:\openssl\out32" In order to build sample program `simple.c` from the docs\examples subdirectory run following command from mentioned subdirectory: bcc32 simple.c libcurl.lib cw32mt.lib In order to build sample program simplessl.c an SSL enabled libcurl is required, as well as the OpenSSL libeay32.lib and ssleay32.lib libraries. ## Disabling Specific Protocols in Windows builds The configure utility, unfortunately, is not available for the Windows environment, therefore, you cannot use the various disable-protocol options of the configure utility on this platform. However, you can use the following defines to disable specific protocols: - `HTTP_ONLY` disables all protocols except HTTP - `CURL_DISABLE_FTP` disables FTP - `CURL_DISABLE_LDAP` disables LDAP - `CURL_DISABLE_TELNET` disables TELNET - `CURL_DISABLE_DICT` disables DICT - `CURL_DISABLE_FILE` disables FILE - `CURL_DISABLE_TFTP` disables TFTP - `CURL_DISABLE_HTTP` disables HTTP - `CURL_DISABLE_IMAP` disables IMAP - `CURL_DISABLE_POP3` disables POP3 - `CURL_DISABLE_SMTP` disables SMTP If you want to set any of these defines you have the following options: - Modify lib/config-win32.h - Modify lib/curl_setup.h - Modify winbuild/Makefile.vc - Modify the "Preprocessor Definitions" in the libcurl project Note: The pre-processor settings can be found using the Visual Studio IDE under "Project -> Settings -> C/C++ -> General" in VC6 and "Project -> Properties -> Configuration Properties -> C/C++ -> Preprocessor" in later versions. ## Using BSD-style lwIP instead of Winsock TCP/IP stack in Win32 builds In order to compile libcurl and curl using BSD-style lwIP TCP/IP stack it is necessary to make definition of preprocessor symbol USE_LWIPSOCK visible to libcurl and curl compilation processes. To set this definition you have the following alternatives: - Modify lib/config-win32.h and src/config-win32.h - Modify winbuild/Makefile.vc - Modify the "Preprocessor Definitions" in the libcurl project Note: The pre-processor settings can be found using the Visual Studio IDE under "Project -> Settings -> C/C++ -> General" in VC6 and "Project -> Properties -> Configuration Properties -> C/C++ -> Preprocessor" in later versions. Once that libcurl has been built with BSD-style lwIP TCP/IP stack support, in order to use it with your program it is mandatory that your program includes lwIP header file `<lwip/opt.h>` (or another lwIP header that includes this) before including any libcurl header. Your program does not need the `USE_LWIPSOCK` preprocessor definition which is for libcurl internals only. Compilation has been verified with [lwIP 1.4.0](http://download.savannah.gnu.org/releases/lwip/lwip-1.4.0.zip) and [contrib-1.4.0](http://download.savannah.gnu.org/releases/lwip/contrib-1.4.0.zip). This BSD-style lwIP TCP/IP stack support must be considered experimental given that it has been verified that lwIP 1.4.0 still needs some polish, and libcurl might yet need some additional adjustment, caveat emptor. ## Important static libcurl usage note When building an application that uses the static libcurl library on Windows, you must add `-DCURL_STATICLIB` to your `CFLAGS`. Otherwise the linker will look for dynamic import symbols. ## Legacy Windows and SSL WinSSL (specifically SChannel from Windows SSPI), is the native SSL library in Windows. However, WinSSL in Windows <= XP is unable to connect to servers that no longer support the legacy handshakes and algorithms used by those versions. If you will be using curl in one of those earlier versions of Windows you should choose another SSL backend such as OpenSSL. # Apple iOS and Mac OS X On modern Apple operating systems, curl can be built to use Apple's SSL/TLS implementation, Secure Transport, instead of OpenSSL. To build with Secure Transport for SSL/TLS, use the configure option `--with-darwinssl`. (It is not necessary to use the option `--without-ssl`.) This feature requires iOS 5.0 or later, or OS X 10.5 ("Leopard") or later. When Secure Transport is in use, the curl options `--cacert` and `--capath` and their libcurl equivalents, will be ignored, because Secure Transport uses the certificates stored in the Keychain to evaluate whether or not to trust the server. This, of course, includes the root certificates that ship with the OS. The `--cert` and `--engine` options, and their libcurl equivalents, are currently unimplemented in curl with Secure Transport. For OS X users: In OS X 10.8 ("Mountain Lion"), Apple made a major overhaul to the Secure Transport API that, among other things, added support for the newer TLS 1.1 and 1.2 protocols. To get curl to support TLS 1.1 and 1.2, you must build curl on Mountain Lion or later, or by using the equivalent SDK. If you set the `MACOSX_DEPLOYMENT_TARGET` environmental variable to an earlier version of OS X prior to building curl, then curl will use the new Secure Transport API on Mountain Lion and later, and fall back on the older API when the same curl binary is executed on older cats. For example, running these commands in curl's directory in the shell will build the code such that it will run on cats as old as OS X 10.6 ("Snow Leopard") (using bash): export MACOSX_DEPLOYMENT_TARGET="10.6" ./configure --with-darwinssl make # Cross compile Download and unpack the curl package. 'cd' to the new directory. (e.g. `cd curl-7.12.3`) Set environment variables to point to the cross-compile toolchain and call configure with any options you need. Be sure and specify the `--host` and `--build` parameters at configuration time. The following script is an example of cross-compiling for the IBM 405GP PowerPC processor using the toolchain from MonteVista for Hardhat Linux. #! /bin/sh export PATH=$PATH:/opt/hardhat/devkit/ppc/405/bin export CPPFLAGS="-I/opt/hardhat/devkit/ppc/405/target/usr/include" export AR=ppc_405-ar export AS=ppc_405-as export LD=ppc_405-ld export RANLIB=ppc_405-ranlib export CC=ppc_405-gcc export NM=ppc_405-nm ./configure --target=powerpc-hardhat-linux --host=powerpc-hardhat-linux --build=i586-pc-linux-gnu --prefix=/opt/hardhat/devkit/ppc/405/target/usr/local --exec-prefix=/usr/local You may also need to provide a parameter like `--with-random=/dev/urandom` to configure as it cannot detect the presence of a random number generating device for a target system. The `--prefix` parameter specifies where curl will be installed. If `configure` completes successfully, do `make` and `make install` as usual. In some cases, you may be able to simplify the above commands to as little as: ./configure --host=ARCH-OS # REDUCING SIZE There are a number of configure options that can be used to reduce the size of libcurl for embedded applications where binary size is an important factor. First, be sure to set the CFLAGS variable when configuring with any relevant compiler optimization flags to reduce the size of the binary. For gcc, this would mean at minimum the -Os option, and potentially the `-march=X`, `-mdynamic-no-pic` and `-flto` options as well, e.g. ./configure CFLAGS='-Os' LDFLAGS='-Wl,-Bsymbolic'... Note that newer compilers often produce smaller code than older versions due to improved optimization. Be sure to specify as many `--disable-` and `--without-` flags on the configure command-line as you can to disable all the libcurl features that you know your application is not going to need. Besides specifying the `--disable-PROTOCOL` flags for all the types of URLs your application will not use, here are some other flags that can reduce the size of the library: - `--disable-ares` (disables support for the C-ARES DNS library) - `--disable-cookies` (disables support for HTTP cookies) - `--disable-crypto-auth` (disables HTTP cryptographic authentication) - `--disable-ipv6` (disables support for IPv6) - `--disable-manual` (disables support for the built-in documentation) - `--disable-proxy` (disables support for HTTP and SOCKS proxies) - `--disable-unix-sockets` (disables support for UNIX sockets) - `--disable-verbose` (eliminates debugging strings and error code strings) - `--disable-versioned-symbols` (disables support for versioned symbols) - `--enable-hidden-symbols` (eliminates unneeded symbols in the shared library) - `--without-libidn` (disables support for the libidn DNS library) - `--without-librtmp` (disables support for RTMP) - `--without-ssl` (disables support for SSL/TLS) - `--without-zlib` (disables support for on-the-fly decompression) The GNU compiler and linker have a number of options that can reduce the size of the libcurl dynamic libraries on some platforms even further. Specify them by providing appropriate CFLAGS and LDFLAGS variables on the configure command-line, e.g. CFLAGS="-Os -ffunction-sections -fdata-sections -fno-unwind-tables -fno-asynchronous-unwind-tables -flto" LDFLAGS="-Wl,-s -Wl,-Bsymbolic -Wl,--gc-sections" Be sure also to strip debugging symbols from your binaries after compiling using 'strip' (or the appropriate variant if cross-compiling). If space is really tight, you may be able to remove some unneeded sections of the shared library using the -R option to objcopy (e.g. the .comment section). Using these techniques it is possible to create a basic HTTP-only shared libcurl library for i386 Linux platforms that is only 113 KiB in size, and an FTP-only library that is 113 KiB in size (as of libcurl version 7.50.3, using gcc 5.4.0). You may find that statically linking libcurl to your application will result in a lower total size than dynamically linking. Note that the curl test harness can detect the use of some, but not all, of the `--disable` statements suggested above. Use will cause tests relying on those features to fail. The test harness can be manually forced to skip the relevant tests by specifying certain key words on the runtests.pl command line. Following is a list of appropriate key words: - `--disable-cookies` !cookies - `--disable-manual` !--manual - `--disable-proxy` !HTTP\ proxy !proxytunnel !SOCKS4 !SOCKS5 # PORTS This is a probably incomplete list of known hardware and operating systems that curl has been compiled for. If you know a system curl compiles and runs on, that isn't listed, please let us know! - Alpha DEC OSF 4 - Alpha Digital UNIX v3.2 - Alpha FreeBSD 4.1, 4.5 - Alpha Linux 2.2, 2.4 - Alpha NetBSD 1.5.2 - Alpha OpenBSD 3.0 - Alpha OpenVMS V7.1-1H2 - Alpha Tru64 v5.0 5.1 - AVR32 Linux - ARM Android 1.5, 2.1, 2.3, 3.2, 4.x - ARM INTEGRITY - ARM iOS - Cell Linux - Cell Cell OS - HP-PA HP-UX 9.X 10.X 11.X - HP-PA Linux - HP3000 MPE/iX - MicroBlaze uClinux - MIPS IRIX 6.2, 6.5 - MIPS Linux - OS/400 - Pocket PC/Win CE 3.0 - Power AIX 3.2.5, 4.2, 4.3.1, 4.3.2, 5.1, 5.2 - PowerPC Darwin 1.0 - PowerPC INTEGRITY - PowerPC Linux - PowerPC Mac OS 9 - PowerPC Mac OS X - SH4 Linux 2.6.X - SH4 OS21 - SINIX-Z v5 - Sparc Linux - Sparc Solaris 2.4, 2.5, 2.5.1, 2.6, 7, 8, 9, 10 - Sparc SunOS 4.1.X - StrongARM (and other ARM) RISC OS 3.1, 4.02 - StrongARM/ARM7/ARM9 Linux 2.4, 2.6 - StrongARM NetBSD 1.4.1 - Symbian OS (P.I.P.S.) 9.x - TPF - Ultrix 4.3a - UNICOS 9.0 - i386 BeOS - i386 DOS - i386 eCos 1.3.1 - i386 Esix 4.1 - i386 FreeBSD - i386 HURD - i386 Haiku OS - i386 Linux 1.3, 2.0, 2.2, 2.3, 2.4, 2.6 - i386 Mac OS X - i386 MINIX 3.1 - i386 NetBSD - i386 Novell NetWare - i386 OS/2 - i386 OpenBSD - i386 QNX 6 - i386 SCO unix - i386 Solaris 2.7 - i386 Windows 95, 98, ME, NT, 2000, XP, 2003 - i486 ncr-sysv4.3.03 (NCR MP-RAS) - ia64 Linux 2.3.99 - m68k AmigaOS 3 - m68k Linux - m68k uClinux - m68k OpenBSD - m88k dg-dgux5.4R3.00 - s390 Linux - x86_64 Linux - XScale/PXA250 Linux 2.4 - Nios II uClinux |
Added scriptlibs/softwareupdate/curl/docs/INSTALL.txt.
> > > > > > > > > | 1 2 3 4 5 6 7 8 9 | _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| How To Compile see INSTALL.md |
Added scriptlibs/softwareupdate/curl/docs/INTERNALS.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 | curl internals ============== - [Intro](#intro) - [git](#git) - [Portability](#Portability) - [Windows vs Unix](#winvsunix) - [Library](#Library) - [`Curl_connect`](#Curl_connect) - [`Curl_do`](#Curl_do) - [`Curl_readwrite`](#Curl_readwrite) - [`Curl_done`](#Curl_done) - [`Curl_disconnect`](#Curl_disconnect) - [HTTP(S)](#http) - [FTP](#ftp) - [Kerberos](#kerberos) - [TELNET](#telnet) - [FILE](#file) - [SMB](#smb) - [LDAP](#ldap) - [E-mail](#email) - [General](#general) - [Persistent Connections](#persistent) - [multi interface/non-blocking](#multi) - [SSL libraries](#ssl) - [Library Symbols](#symbols) - [Return Codes and Informationals](#returncodes) - [AP/ABI](#abi) - [Client](#client) - [Memory Debugging](#memorydebug) - [Test Suite](#test) - [Asynchronous name resolves](#asyncdns) - [c-ares](#cares) - [`curl_off_t`](#curl_off_t) - [curlx](#curlx) - [Content Encoding](#contentencoding) - [hostip.c explained](#hostip) - [Track Down Memory Leaks](#memoryleak) - [`multi_socket`](#multi_socket) - [Structs in libcurl](#structs) <a name="intro"></a> Intro ===== This project is split in two. The library and the client. The client part uses the library, but the library is designed to allow other applications to use it. The largest amount of code and complexity is in the library part. <a name="git"></a> git === All changes to the sources are committed to the git repository as soon as they're somewhat verified to work. Changes shall be committed as independently as possible so that individual changes can be easily spotted and tracked afterwards. Tagging shall be used extensively, and by the time we release new archives we should tag the sources with a name similar to the released version number. <a name="Portability"></a> Portability =========== We write curl and libcurl to compile with C89 compilers. On 32bit and up machines. Most of libcurl assumes more or less POSIX compliance but that's not a requirement. We write libcurl to build and work with lots of third party tools, and we want it to remain functional and buildable with these and later versions (older versions may still work but is not what we work hard to maintain): Dependencies ------------ - OpenSSL 0.9.7 - GnuTLS 1.2 - zlib 1.1.4 - libssh2 0.16 - c-ares 1.6.0 - libidn 0.4.1 - cyassl 2.0.0 - openldap 2.0 - MIT Kerberos 1.2.4 - GSKit V5R3M0 - NSS 3.14.x - axTLS 2.1.0 - PolarSSL 1.3.0 - Heimdal ? - nghttp2 1.0.0 Operating Systems ----------------- On systems where configure runs, we aim at working on them all - if they have a suitable C compiler. On systems that don't run configure, we strive to keep curl running correctly on: - Windows 98 - AS/400 V5R3M0 - Symbian 9.1 - Windows CE ? - TPF ? Build tools ----------- When writing code (mostly for generating stuff included in release tarballs) we use a few "build tools" and we make sure that we remain functional with these versions: - GNU Libtool 1.4.2 - GNU Autoconf 2.57 - GNU Automake 1.7 - GNU M4 1.4 - perl 5.004 - roffit 0.5 - groff ? (any version that supports "groff -Tps -man [in] [out]") - ps2pdf (gs) ? <a name="winvsunix"></a> Windows vs Unix =============== There are a few differences in how to program curl the Unix way compared to the Windows way. Perhaps the four most notable details are: 1. Different function names for socket operations. In curl, this is solved with defines and macros, so that the source looks the same in all places except for the header file that defines them. The macros in use are sclose(), sread() and swrite(). 2. Windows requires a couple of init calls for the socket stuff. That's taken care of by the `curl_global_init()` call, but if other libs also do it etc there might be reasons for applications to alter that behaviour. 3. The file descriptors for network communication and file operations are not as easily interchangeable as in Unix. We avoid this by not trying any funny tricks on file descriptors. 4. When writing data to stdout, Windows makes end-of-lines the DOS way, thus destroying binary data, although you do want that conversion if it is text coming through... (sigh) We set stdout to binary under windows Inside the source code, We make an effort to avoid `#ifdef [Your OS]`. All conditionals that deal with features *should* instead be in the format `#ifdef HAVE_THAT_WEIRD_FUNCTION`. Since Windows can't run configure scripts, we maintain a `curl_config-win32.h` file in lib directory that is supposed to look exactly like a `curl_config.h` file would have looked like on a Windows machine! Generally speaking: always remember that this will be compiled on dozens of operating systems. Don't walk on the edge! <a name="Library"></a> Library ======= (See [Structs in libcurl](#structs) for the separate section describing all major internal structs and their purposes.) There are plenty of entry points to the library, namely each publicly defined function that libcurl offers to applications. All of those functions are rather small and easy-to-follow. All the ones prefixed with `curl_easy` are put in the lib/easy.c file. `curl_global_init()` and `curl_global_cleanup()` should be called by the application to initialize and clean up global stuff in the library. As of today, it can handle the global SSL initing if SSL is enabled and it can init the socket layer on windows machines. libcurl itself has no "global" scope. All printf()-style functions use the supplied clones in lib/mprintf.c. This makes sure we stay absolutely platform independent. [ `curl_easy_init()`][2] allocates an internal struct and makes some initializations. The returned handle does not reveal internals. This is the `Curl_easy` struct which works as an "anchor" struct for all `curl_easy` functions. All connections performed will get connect-specific data allocated that should be used for things related to particular connections/requests. [`curl_easy_setopt()`][1] takes three arguments, where the option stuff must be passed in pairs: the parameter-ID and the parameter-value. The list of options is documented in the man page. This function mainly sets things in the `Curl_easy` struct. `curl_easy_perform()` is just a wrapper function that makes use of the multi API. It basically calls `curl_multi_init()`, `curl_multi_add_handle()`, `curl_multi_wait()`, and `curl_multi_perform()` until the transfer is done and then returns. Some of the most important key functions in url.c are called from multi.c when certain key steps are to be made in the transfer operation. <a name="Curl_connect"></a> Curl_connect() -------------- Analyzes the URL, it separates the different components and connects to the remote host. This may involve using a proxy and/or using SSL. The `Curl_resolv()` function in lib/hostip.c is used for looking up host names (it does then use the proper underlying method, which may vary between platforms and builds). When `Curl_connect` is done, we are connected to the remote site. Then it is time to tell the server to get a document/file. `Curl_do()` arranges this. This function makes sure there's an allocated and initiated 'connectdata' struct that is used for this particular connection only (although there may be several requests performed on the same connect). A bunch of things are inited/inherited from the `Curl_easy` struct. <a name="Curl_do"></a> Curl_do() --------- `Curl_do()` makes sure the proper protocol-specific function is called. The functions are named after the protocols they handle. The protocol-specific functions of course deal with protocol-specific negotiations and setup. They have access to the `Curl_sendf()` (from lib/sendf.c) function to send printf-style formatted data to the remote host and when they're ready to make the actual file transfer they call the `Curl_Transfer()` function (in lib/transfer.c) to setup the transfer and returns. If this DO function fails and the connection is being re-used, libcurl will then close this connection, setup a new connection and re-issue the DO request on that. This is because there is no way to be perfectly sure that we have discovered a dead connection before the DO function and thus we might wrongly be re-using a connection that was closed by the remote peer. Some time during the DO function, the `Curl_setup_transfer()` function must be called with some basic info about the upcoming transfer: what socket(s) to read/write and the expected file transfer sizes (if known). <a name="Curl_readwrite"></a> Curl_readwrite() ---------------- Called during the transfer of the actual protocol payload. During transfer, the progress functions in lib/progress.c are called at frequent intervals (or at the user's choice, a specified callback might get called). The speedcheck functions in lib/speedcheck.c are also used to verify that the transfer is as fast as required. <a name="Curl_done"></a> Curl_done() ----------- Called after a transfer is done. This function takes care of everything that has to be done after a transfer. This function attempts to leave matters in a state so that `Curl_do()` should be possible to call again on the same connection (in a persistent connection case). It might also soon be closed with `Curl_disconnect()`. <a name="Curl_disconnect"></a> Curl_disconnect() ----------------- When doing normal connections and transfers, no one ever tries to close any connections so this is not normally called when `curl_easy_perform()` is used. This function is only used when we are certain that no more transfers are going to be made on the connection. It can be also closed by force, or it can be called to make sure that libcurl doesn't keep too many connections alive at the same time. This function cleans up all resources that are associated with a single connection. <a name="http"></a> HTTP(S) ======= HTTP offers a lot and is the protocol in curl that uses the most lines of code. There is a special file (lib/formdata.c) that offers all the multipart post functions. base64-functions for user+password stuff (and more) is in (lib/base64.c) and all functions for parsing and sending cookies are found in (lib/cookie.c). HTTPS uses in almost every case the same procedure as HTTP, with only two exceptions: the connect procedure is different and the function used to read or write from the socket is different, although the latter fact is hidden in the source by the use of `Curl_read()` for reading and `Curl_write()` for writing data to the remote server. `http_chunks.c` contains functions that understands HTTP 1.1 chunked transfer encoding. An interesting detail with the HTTP(S) request, is the `Curl_add_buffer()` series of functions we use. They append data to one single buffer, and when the building is finished the entire request is sent off in one single write. This is done this way to overcome problems with flawed firewalls and lame servers. <a name="ftp"></a> FTP === The `Curl_if2ip()` function can be used for getting the IP number of a specified network interface, and it resides in lib/if2ip.c. `Curl_ftpsendf()` is used for sending FTP commands to the remote server. It was made a separate function to prevent us programmers from forgetting that they must be CRLF terminated. They must also be sent in one single write() to make firewalls and similar happy. <a name="kerberos"></a> Kerberos -------- Kerberos support is mainly in lib/krb5.c and lib/security.c but also `curl_sasl_sspi.c` and `curl_sasl_gssapi.c` for the email protocols and `socks_gssapi.c` and `socks_sspi.c` for SOCKS5 proxy specifics. <a name="telnet"></a> TELNET ====== Telnet is implemented in lib/telnet.c. <a name="file"></a> FILE ==== The file:// protocol is dealt with in lib/file.c. <a name="smb"></a> SMB === The smb:// protocol is dealt with in lib/smb.c. <a name="ldap"></a> LDAP ==== Everything LDAP is in lib/ldap.c and lib/openldap.c <a name="email"></a> E-mail ====== The e-mail related source code is in lib/imap.c, lib/pop3.c and lib/smtp.c. <a name="general"></a> General ======= URL encoding and decoding, called escaping and unescaping in the source code, is found in lib/escape.c. While transferring data in Transfer() a few functions might get used. `curl_getdate()` in lib/parsedate.c is for HTTP date comparisons (and more). lib/getenv.c offers `curl_getenv()` which is for reading environment variables in a neat platform independent way. That's used in the client, but also in lib/url.c when checking the proxy environment variables. Note that contrary to the normal unix getenv(), this returns an allocated buffer that must be free()ed after use. lib/netrc.c holds the .netrc parser lib/timeval.c features replacement functions for systems that don't have gettimeofday() and a few support functions for timeval conversions. A function named `curl_version()` that returns the full curl version string is found in lib/version.c. <a name="persistent"></a> Persistent Connections ====================== The persistent connection support in libcurl requires some considerations on how to do things inside of the library. - The `Curl_easy` struct returned in the [`curl_easy_init()`][2] call must never hold connection-oriented data. It is meant to hold the root data as well as all the options etc that the library-user may choose. - The `Curl_easy` struct holds the "connection cache" (an array of pointers to 'connectdata' structs). - This enables the 'curl handle' to be reused on subsequent transfers. - When libcurl is told to perform a transfer, it first checks for an already existing connection in the cache that we can use. Otherwise it creates a new one and adds that to the cache. If the cache is full already when a new connection is added, it will first close the oldest unused one. - When the transfer operation is complete, the connection is left open. Particular options may tell libcurl not to, and protocols may signal closure on connections and then they won't be kept open, of course. - When `curl_easy_cleanup()` is called, we close all still opened connections, unless of course the multi interface "owns" the connections. The curl handle must be re-used in order for the persistent connections to work. <a name="multi"></a> multi interface/non-blocking ============================ The multi interface is a non-blocking interface to the library. To make that interface work as well as possible, no low-level functions within libcurl must be written to work in a blocking manner. (There are still a few spots violating this rule.) One of the primary reasons we introduced c-ares support was to allow the name resolve phase to be perfectly non-blocking as well. The FTP and the SFTP/SCP protocols are examples of how we adapt and adjust the code to allow non-blocking operations even on multi-stage command- response protocols. They are built around state machines that return when they would otherwise block waiting for data. The DICT, LDAP and TELNET protocols are crappy examples and they are subject for rewrite in the future to better fit the libcurl protocol family. <a name="ssl"></a> SSL libraries ============= Originally libcurl supported SSLeay for SSL/TLS transports, but that was then extended to its successor OpenSSL but has since also been extended to several other SSL/TLS libraries and we expect and hope to further extend the support in future libcurl versions. To deal with this internally in the best way possible, we have a generic SSL function API as provided by the vtls/vtls.[ch] system, and they are the only SSL functions we must use from within libcurl. vtls is then crafted to use the appropriate lower-level function calls to whatever SSL library that is in use. For example vtls/openssl.[ch] for the OpenSSL library. <a name="symbols"></a> Library Symbols =============== All symbols used internally in libcurl must use a `Curl_` prefix if they're used in more than a single file. Single-file symbols must be made static. Public ("exported") symbols must use a `curl_` prefix. (There are exceptions, but they are to be changed to follow this pattern in future versions.) Public API functions are marked with `CURL_EXTERN` in the public header files so that all others can be hidden on platforms where this is possible. <a name="returncodes"></a> Return Codes and Informationals =============================== I've made things simple. Almost every function in libcurl returns a CURLcode, that must be `CURLE_OK` if everything is OK or otherwise a suitable error code as the curl/curl.h include file defines. The very spot that detects an error must use the `Curl_failf()` function to set the human-readable error description. In aiding the user to understand what's happening and to debug curl usage, we must supply a fair number of informational messages by using the `Curl_infof()` function. Those messages are only displayed when the user explicitly asks for them. They are best used when revealing information that isn't otherwise obvious. <a name="abi"></a> API/ABI ======= We make an effort to not export or show internals or how internals work, as that makes it easier to keep a solid API/ABI over time. See docs/libcurl/ABI for our promise to users. <a name="client"></a> Client ====== main() resides in `src/tool_main.c`. `src/tool_hugehelp.c` is automatically generated by the mkhelp.pl perl script to display the complete "manual" and the `src/tool_urlglob.c` file holds the functions used for the URL-"globbing" support. Globbing in the sense that the {} and [] expansion stuff is there. The client mostly sets up its 'config' struct properly, then it calls the `curl_easy_*()` functions of the library and when it gets back control after the `curl_easy_perform()` it cleans up the library, checks status and exits. When the operation is done, the ourWriteOut() function in src/writeout.c may be called to report about the operation. That function is using the `curl_easy_getinfo()` function to extract useful information from the curl session. It may loop and do all this several times if many URLs were specified on the command line or config file. <a name="memorydebug"></a> Memory Debugging ================ The file lib/memdebug.c contains debug-versions of a few functions. Functions such as malloc, free, fopen, fclose, etc that somehow deal with resources that might give us problems if we "leak" them. The functions in the memdebug system do nothing fancy, they do their normal function and then log information about what they just did. The logged data can then be analyzed after a complete session, memanalyze.pl is the perl script present in tests/ that analyzes a log file generated by the memory tracking system. It detects if resources are allocated but never freed and other kinds of errors related to resource management. Internally, definition of preprocessor symbol DEBUGBUILD restricts code which is only compiled for debug enabled builds. And symbol CURLDEBUG is used to differentiate code which is _only_ used for memory tracking/debugging. Use -DCURLDEBUG when compiling to enable memory debugging, this is also switched on by running configure with --enable-curldebug. Use -DDEBUGBUILD when compiling to enable a debug build or run configure with --enable-debug. curl --version will list 'Debug' feature for debug enabled builds, and will list 'TrackMemory' feature for curl debug memory tracking capable builds. These features are independent and can be controlled when running the configure script. When --enable-debug is given both features will be enabled, unless some restriction prevents memory tracking from being used. <a name="test"></a> Test Suite ========== The test suite is placed in its own subdirectory directly off the root in the curl archive tree, and it contains a bunch of scripts and a lot of test case data. The main test script is runtests.pl that will invoke test servers like httpserver.pl and ftpserver.pl before all the test cases are performed. The test suite currently only runs on Unix-like platforms. You'll find a description of the test suite in the tests/README file, and the test case data files in the tests/FILEFORMAT file. The test suite automatically detects if curl was built with the memory debugging enabled, and if it was, it will detect memory leaks, too. <a name="asyncdns"></a> Asynchronous name resolves ========================== libcurl can be built to do name resolves asynchronously, using either the normal resolver in a threaded manner or by using c-ares. <a name="cares"></a> [c-ares][3] ------ ### Build libcurl to use a c-ares 1. ./configure --enable-ares=/path/to/ares/install 2. make ### c-ares on win32 First I compiled c-ares. I changed the default C runtime library to be the single-threaded rather than the multi-threaded (this seems to be required to prevent linking errors later on). Then I simply build the areslib project (the other projects adig/ahost seem to fail under MSVC). Next was libcurl. I opened lib/config-win32.h and I added a: `#define USE_ARES 1` Next thing I did was I added the path for the ares includes to the include path, and the libares.lib to the libraries. Lastly, I also changed libcurl to be single-threaded rather than multi-threaded, again this was to prevent some duplicate symbol errors. I'm not sure why I needed to change everything to single-threaded, but when I didn't I got redefinition errors for several CRT functions (malloc, stricmp, etc.) <a name="curl_off_t"></a> `curl_off_t` ========== `curl_off_t` is a data type provided by the external libcurl include headers. It is the type meant to be used for the [`curl_easy_setopt()`][1] options that end with LARGE. The type is 64bit large on most modern platforms. curlx ===== The libcurl source code offers a few functions by source only. They are not part of the official libcurl API, but the source files might be useful for others so apps can optionally compile/build with these sources to gain additional functions. We provide them through a single header file for easy access for apps: "curlx.h" `curlx_strtoofft()` ------------------- A macro that converts a string containing a number to a `curl_off_t` number. This might use the `curlx_strtoll()` function which is provided as source code in strtoofft.c. Note that the function is only provided if no strtoll() (or equivalent) function exist on your platform. If `curl_off_t` is only a 32 bit number on your platform, this macro uses strtol(). `curlx_tvnow()` --------------- returns a struct timeval for the current time. `curlx_tvdiff()` -------------- returns the difference between two timeval structs, in number of milliseconds. `curlx_tvdiff_secs()` --------------------- returns the same as `curlx_tvdiff` but with full usec resolution (as a double) Future ------ Several functions will be removed from the public `curl_` name space in a future libcurl release. They will then only become available as `curlx_` functions instead. To make the transition easier, we already today provide these functions with the `curlx_` prefix to allow sources to be built properly with the new function names. The concerned functions are: - `curlx_getenv` - `curlx_strequal` - `curlx_strnequal` - `curlx_mvsnprintf` - `curlx_msnprintf` - `curlx_maprintf` - `curlx_mvaprintf` - `curlx_msprintf` - `curlx_mprintf` - `curlx_mfprintf` - `curlx_mvsprintf` - `curlx_mvprintf` - `curlx_mvfprintf` <a name="contentencoding"></a> Content Encoding ================ ## About content encodings [HTTP/1.1][4] specifies that a client may request that a server encode its response. This is usually used to compress a response using one of a set of commonly available compression techniques. These schemes are 'deflate' (the zlib algorithm), 'gzip' and 'compress'. A client requests that the server perform an encoding by including an Accept-Encoding header in the request document. The value of the header should be one of the recognized tokens 'deflate', ... (there's a way to register new schemes/tokens, see sec 3.5 of the spec). A server MAY honor the client's encoding request. When a response is encoded, the server includes a Content-Encoding header in the response. The value of the Content-Encoding header indicates which scheme was used to encode the data. A client may tell a server that it can understand several different encoding schemes. In this case the server may choose any one of those and use it to encode the response (indicating which one using the Content-Encoding header). It's also possible for a client to attach priorities to different schemes so that the server knows which it prefers. See sec 14.3 of RFC 2616 for more information on the Accept-Encoding header. ## Supported content encodings The 'deflate' and 'gzip' content encoding are supported by libcurl. Both regular and chunked transfers work fine. The zlib library is required for this feature. ## The libcurl interface To cause libcurl to request a content encoding use: [`curl_easy_setopt`][1](curl, [`CURLOPT_ACCEPT_ENCODING`][5], string) where string is the intended value of the Accept-Encoding header. Currently, libcurl only understands how to process responses that use the "deflate" or "gzip" Content-Encoding, so the only values for [`CURLOPT_ACCEPT_ENCODING`][5] that will work (besides "identity," which does nothing) are "deflate" and "gzip" If a response is encoded using the "compress" or methods, libcurl will return an error indicating that the response could not be decoded. If <string> is NULL no Accept-Encoding header is generated. If <string> is a zero-length string, then an Accept-Encoding header containing all supported encodings will be generated. The [`CURLOPT_ACCEPT_ENCODING`][5] must be set to any non-NULL value for content to be automatically decoded. If it is not set and the server still sends encoded content (despite not having been asked), the data is returned in its raw form and the Content-Encoding type is not checked. ## The curl interface Use the [--compressed][6] option with curl to cause it to ask servers to compress responses using any format supported by curl. <a name="hostip"></a> hostip.c explained ================== The main compile-time defines to keep in mind when reading the host*.c source file are these: ## `CURLRES_IPV6` this host has getaddrinfo() and family, and thus we use that. The host may not be able to resolve IPv6, but we don't really have to take that into account. Hosts that aren't IPv6-enabled have `CURLRES_IPV4` defined. ## `CURLRES_ARES` is defined if libcurl is built to use c-ares for asynchronous name resolves. This can be Windows or *nix. ## `CURLRES_THREADED` is defined if libcurl is built to use threading for asynchronous name resolves. The name resolve will be done in a new thread, and the supported asynch API will be the same as for ares-builds. This is the default under (native) Windows. If any of the two previous are defined, `CURLRES_ASYNCH` is defined too. If libcurl is not built to use an asynchronous resolver, `CURLRES_SYNCH` is defined. ## host*.c sources The host*.c sources files are split up like this: - hostip.c - method-independent resolver functions and utility functions - hostasyn.c - functions for asynchronous name resolves - hostsyn.c - functions for synchronous name resolves - asyn-ares.c - functions for asynchronous name resolves using c-ares - asyn-thread.c - functions for asynchronous name resolves using threads - hostip4.c - IPv4 specific functions - hostip6.c - IPv6 specific functions The hostip.h is the single united header file for all this. It defines the `CURLRES_*` defines based on the config*.h and `curl_setup.h` defines. <a name="memoryleak"></a> Track Down Memory Leaks ======================= ## Single-threaded Please note that this memory leak system is not adjusted to work in more than one thread. If you want/need to use it in a multi-threaded app. Please adjust accordingly. ## Build Rebuild libcurl with -DCURLDEBUG (usually, rerunning configure with --enable-debug fixes this). 'make clean' first, then 'make' so that all files are actually rebuilt properly. It will also make sense to build libcurl with the debug option (usually -g to the compiler) so that debugging it will be easier if you actually do find a leak in the library. This will create a library that has memory debugging enabled. ## Modify Your Application Add a line in your application code: `curl_memdebug("dump");` This will make the malloc debug system output a full trace of all resource using functions to the given file name. Make sure you rebuild your program and that you link with the same libcurl you built for this purpose as described above. ## Run Your Application Run your program as usual. Watch the specified memory trace file grow. Make your program exit and use the proper libcurl cleanup functions etc. So that all non-leaks are returned/freed properly. ## Analyze the Flow Use the tests/memanalyze.pl perl script to analyze the dump file: tests/memanalyze.pl dump This now outputs a report on what resources that were allocated but never freed etc. This report is very fine for posting to the list! If this doesn't produce any output, no leak was detected in libcurl. Then the leak is mostly likely to be in your code. <a name="multi_socket"></a> `multi_socket` ============== Implementation of the `curl_multi_socket` API The main ideas of this API are simply: 1 - The application can use whatever event system it likes as it gets info from libcurl about what file descriptors libcurl waits for what action on. (The previous API returns `fd_sets` which is very select()-centric). 2 - When the application discovers action on a single socket, it calls libcurl and informs that there was action on this particular socket and libcurl can then act on that socket/transfer only and not care about any other transfers. (The previous API always had to scan through all the existing transfers.) The idea is that [`curl_multi_socket_action()`][7] calls a given callback with information about what socket to wait for what action on, and the callback only gets called if the status of that socket has changed. We also added a timer callback that makes libcurl call the application when the timeout value changes, and you set that with [`curl_multi_setopt()`][9] and the [`CURLMOPT_TIMERFUNCTION`][10] option. To get this to work, Internally, there's an added struct to each easy handle in which we store an "expire time" (if any). The structs are then "splay sorted" so that we can add and remove times from the linked list and yet somewhat swiftly figure out both how long there is until the next nearest timer expires and which timer (handle) we should take care of now. Of course, the upside of all this is that we get a [`curl_multi_timeout()`][8] that should also work with old-style applications that use [`curl_multi_perform()`][11]. We created an internal "socket to easy handles" hash table that given a socket (file descriptor) returns the easy handle that waits for action on that socket. This hash is made using the already existing hash code (previously only used for the DNS cache). To make libcurl able to report plain sockets in the socket callback, we had to re-organize the internals of the [`curl_multi_fdset()`][12] etc so that the conversion from sockets to `fd_sets` for that function is only done in the last step before the data is returned. I also had to extend c-ares to get a function that can return plain sockets, as that library too returned only `fd_sets` and that is no longer good enough. The changes done to c-ares are available in c-ares 1.3.1 and later. <a name="structs"></a> Structs in libcurl ================== This section should cover 7.32.0 pretty accurately, but will make sense even for older and later versions as things don't change drastically that often. ## Curl_easy The `Curl_easy` struct is the one returned to the outside in the external API as a "CURL *". This is usually known as an easy handle in API documentations and examples. Information and state that is related to the actual connection is in the 'connectdata' struct. When a transfer is about to be made, libcurl will either create a new connection or re-use an existing one. The particular connectdata that is used by this handle is pointed out by `Curl_easy->easy_conn`. Data and information that regard this particular single transfer is put in the SingleRequest sub-struct. When the `Curl_easy` struct is added to a multi handle, as it must be in order to do any transfer, the ->multi member will point to the `Curl_multi` struct it belongs to. The ->prev and ->next members will then be used by the multi code to keep a linked list of `Curl_easy` structs that are added to that same multi handle. libcurl always uses multi so ->multi *will* point to a `Curl_multi` when a transfer is in progress. ->mstate is the multi state of this particular `Curl_easy`. When `multi_runsingle()` is called, it will act on this handle according to which state it is in. The mstate is also what tells which sockets to return for a specific `Curl_easy` when [`curl_multi_fdset()`][12] is called etc. The libcurl source code generally use the name 'data' for the variable that points to the `Curl_easy`. When doing multiplexed HTTP/2 transfers, each `Curl_easy` is associated with an individual stream, sharing the same connectdata struct. Multiplexing makes it even more important to keep things associated with the right thing! ## connectdata A general idea in libcurl is to keep connections around in a connection "cache" after they have been used in case they will be used again and then re-use an existing one instead of creating a new as it creates a significant performance boost. Each 'connectdata' identifies a single physical connection to a server. If the connection can't be kept alive, the connection will be closed after use and then this struct can be removed from the cache and freed. Thus, the same `Curl_easy` can be used multiple times and each time select another connectdata struct to use for the connection. Keep this in mind, as it is then important to consider if options or choices are based on the connection or the `Curl_easy`. Functions in libcurl will assume that connectdata->data points to the `Curl_easy` that uses this connection (for the moment). As a special complexity, some protocols supported by libcurl require a special disconnect procedure that is more than just shutting down the socket. It can involve sending one or more commands to the server before doing so. Since connections are kept in the connection cache after use, the original `Curl_easy` may no longer be around when the time comes to shut down a particular connection. For this purpose, libcurl holds a special dummy `closure_handle` `Curl_easy` in the `Curl_multi` struct to use when needed. FTP uses two TCP connections for a typical transfer but it keeps both in this single struct and thus can be considered a single connection for most internal concerns. The libcurl source code generally use the name 'conn' for the variable that points to the connectdata. ## Curl_multi Internally, the easy interface is implemented as a wrapper around multi interface functions. This makes everything multi interface. `Curl_multi` is the multi handle struct exposed as "CURLM *" in external APIs. This struct holds a list of `Curl_easy` structs that have been added to this handle with [`curl_multi_add_handle()`][13]. The start of the list is `->easyp` and `->num_easy` is a counter of added `Curl_easy`s. `->msglist` is a linked list of messages to send back when [`curl_multi_info_read()`][14] is called. Basically a node is added to that list when an individual `Curl_easy`'s transfer has completed. `->hostcache` points to the name cache. It is a hash table for looking up name to IP. The nodes have a limited life time in there and this cache is meant to reduce the time for when the same name is wanted within a short period of time. `->timetree` points to a tree of `Curl_easy`s, sorted by the remaining time until it should be checked - normally some sort of timeout. Each `Curl_easy` has one node in the tree. `->sockhash` is a hash table to allow fast lookups of socket descriptor for which `Curl_easy` uses that descriptor. This is necessary for the `multi_socket` API. `->conn_cache` points to the connection cache. It keeps track of all connections that are kept after use. The cache has a maximum size. `->closure_handle` is described in the 'connectdata' section. The libcurl source code generally use the name 'multi' for the variable that points to the `Curl_multi` struct. ## Curl_handler Each unique protocol that is supported by libcurl needs to provide at least one `Curl_handler` struct. It defines what the protocol is called and what functions the main code should call to deal with protocol specific issues. In general, there's a source file named [protocol].c in which there's a "struct `Curl_handler` `Curl_handler_[protocol]`" declared. In url.c there's then the main array with all individual `Curl_handler` structs pointed to from a single array which is scanned through when a URL is given to libcurl to work with. `->scheme` is the URL scheme name, usually spelled out in uppercase. That's "HTTP" or "FTP" etc. SSL versions of the protocol need their own `Curl_handler` setup so HTTPS separate from HTTP. `->setup_connection` is called to allow the protocol code to allocate protocol specific data that then gets associated with that `Curl_easy` for the rest of this transfer. It gets freed again at the end of the transfer. It will be called before the 'connectdata' for the transfer has been selected/created. Most protocols will allocate its private 'struct [PROTOCOL]' here and assign `Curl_easy->req.protop` to point to it. `->connect_it` allows a protocol to do some specific actions after the TCP connect is done, that can still be considered part of the connection phase. Some protocols will alter the `connectdata->recv[]` and `connectdata->send[]` function pointers in this function. `->connecting` is similarly a function that keeps getting called as long as the protocol considers itself still in the connecting phase. `->do_it` is the function called to issue the transfer request. What we call the DO action internally. If the DO is not enough and things need to be kept getting done for the entire DO sequence to complete, `->doing` is then usually also provided. Each protocol that needs to do multiple commands or similar for do/doing need to implement their own state machines (see SCP, SFTP, FTP). Some protocols (only FTP and only due to historical reasons) has a separate piece of the DO state called `DO_MORE`. `->doing` keeps getting called while issuing the transfer request command(s) `->done` gets called when the transfer is complete and DONE. That's after the main data has been transferred. `->do_more` gets called during the `DO_MORE` state. The FTP protocol uses this state when setting up the second connection. ->`proto_getsock` ->`doing_getsock` ->`domore_getsock` ->`perform_getsock` Functions that return socket information. Which socket(s) to wait for which action(s) during the particular multi state. ->disconnect is called immediately before the TCP connection is shutdown. ->readwrite gets called during transfer to allow the protocol to do extra reads/writes ->defport is the default report TCP or UDP port this protocol uses ->protocol is one or more bits in the `CURLPROTO_*` set. The SSL versions have their "base" protocol set and then the SSL variation. Like "HTTP|HTTPS". ->flags is a bitmask with additional information about the protocol that will make it get treated differently by the generic engine: - `PROTOPT_SSL` - will make it connect and negotiate SSL - `PROTOPT_DUAL` - this protocol uses two connections - `PROTOPT_CLOSEACTION` - this protocol has actions to do before closing the connection. This flag is no longer used by code, yet still set for a bunch of protocol handlers. - `PROTOPT_DIRLOCK` - "direction lock". The SSH protocols set this bit to limit which "direction" of socket actions that the main engine will concern itself with. - `PROTOPT_NONETWORK` - a protocol that doesn't use network (read file:) - `PROTOPT_NEEDSPWD` - this protocol needs a password and will use a default one unless one is provided - `PROTOPT_NOURLQUERY` - this protocol can't handle a query part on the URL (?foo=bar) ## conncache Is a hash table with connections for later re-use. Each `Curl_easy` has a pointer to its connection cache. Each multi handle sets up a connection cache that all added `Curl_easy`s share by default. ## Curl_share The libcurl share API allocates a `Curl_share` struct, exposed to the external API as "CURLSH *". The idea is that the struct can have a set of its own versions of caches and pools and then by providing this struct in the `CURLOPT_SHARE` option, those specific `Curl_easy`s will use the caches/pools that this share handle holds. Then individual `Curl_easy` structs can be made to share specific things that they otherwise wouldn't, such as cookies. The `Curl_share` struct can currently hold cookies, DNS cache and the SSL session cache. ## CookieInfo This is the main cookie struct. It holds all known cookies and related information. Each `Curl_easy` has its own private CookieInfo even when they are added to a multi handle. They can be made to share cookies by using the share API. [1]: https://curl.haxx.se/libcurl/c/curl_easy_setopt.html [2]: https://curl.haxx.se/libcurl/c/curl_easy_init.html [3]: http://c-ares.haxx.se/ [4]: https://tools.ietf.org/html/rfc7230 "RFC 7230" [5]: https://curl.haxx.se/libcurl/c/CURLOPT_ACCEPT_ENCODING.html [6]: https://curl.haxx.se/docs/manpage.html#--compressed [7]: https://curl.haxx.se/libcurl/c/curl_multi_socket_action.html [8]: https://curl.haxx.se/libcurl/c/curl_multi_timeout.html [9]: https://curl.haxx.se/libcurl/c/curl_multi_setopt.html [10]: https://curl.haxx.se/libcurl/c/CURLMOPT_TIMERFUNCTION.html [11]: https://curl.haxx.se/libcurl/c/curl_multi_perform.html [12]: https://curl.haxx.se/libcurl/c/curl_multi_fdset.html [13]: https://curl.haxx.se/libcurl/c/curl_multi_add_handle.html [14]: https://curl.haxx.se/libcurl/c/curl_multi_info_read.html |
Added scriptlibs/softwareupdate/curl/docs/KNOWN_BUGS.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 | _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| Known Bugs These are problems and bugs known to exist at the time of this release. Feel free to join in and help us correct one or more of these! Also be sure to check the changelog of the current development status, as one or more of these problems may have been fixed or changed somewhat since this was written! 1. HTTP 1.1 CURLFORM_CONTENTLEN in an array 1.2 Disabling HTTP Pipelining 1.3 STARTTRANSFER time is wrong for HTTP POSTs 1.4 multipart formposts file name encoding 1.5 Expect-100 meets 417 1.6 Unnecessary close when 401 received waiting for 100 1.8 DNS timing is wrong for HTTP redirects 1.9 HTTP/2 frames while in the connection pool kill reuse 1.10 Strips trailing dot from host name 1.11 CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM 2. TLS 2.1 CURLINFO_SSL_VERIFYRESULT has limited support 2.2 DER in keychain 2.3 GnuTLS backend skips really long certificate fields 3. Email protocols 3.1 IMAP SEARCH ALL truncated response 3.2 No disconnect command 3.3 SMTP to multiple recipients 3.4 POP3 expects "CRLF.CRLF" eob for some single-line responses 4. Command line 4.1 -J with %-encoded file nameas 4.2 -J with -C - fails 4.3 --retry and transfer timeouts 5. Build and portability issues 5.1 Windows Borland compiler 5.2 curl-config --libs contains private details 5.3 libidn and old iconv 5.4 AIX shared build with c-ares fails 5.5 can't handle Unicode arguments in Windows 5.6 cmake support gaps 5.7 Visual Studio project gaps 5.8 configure finding libs in wrong directory 5.9 Utilize Requires.private directives in libcurl.pc 5.10 Fix the gcc typechecks 6. Authentication 6.1 NTLM authentication and unicode 6.2 MIT Kerberos for Windows build 6.3 NTLM in system context uses wrong name 6.4 Negotiate and Kerberos V5 need a fake user name 7. FTP 7.1 FTP without or slow 220 response 7.2 FTP with CONNECT and slow server 7.3 FTP with NOBODY and FAILONERROR 7.4 FTP with ACCT 7.5 ASCII FTP 7.6 FTP with NULs in URL parts 7.7 FTP and empty path parts in the URL 7.8 Premature transfer end but healthy control channel 8. TELNET 8.1 TELNET and time limtiations don't work 8.2 Microsoft telnet server 9. SFTP and SCP 9.1 SFTP doesn't do CURLOPT_POSTQUOTE correct 10. SOCKS 10.1 SOCKS proxy connections are done blocking 10.2 SOCKS don't support timeouts 10.3 FTPS over SOCKS 10.4 active FTP over a SOCKS 11. Internals 11.1 Curl leaks .onion hostnames in DNS 11.2 error buffer not set if connection to multiple addresses fails 11.3 c-ares deviates from stock resolver on http://1346569778 12. LDAP and OpenLDAP 12.1 OpenLDAP hangs after returning results 13. TCP/IP 13.1 --interface for ipv6 binds to unusable IP address ============================================================================== 1. HTTP 1.1 CURLFORM_CONTENTLEN in an array It is not possible to pass a 64-bit value using CURLFORM_CONTENTLEN with CURLFORM_ARRAY, when compiled on 32-bit platforms that support 64-bit integers. This is because the underlying structure 'curl_forms' uses a dual purpose char* for storing these values in via casting. For more information see the now closed related issue: https://github.com/curl/curl/issues/608 1.2 Disabling HTTP Pipelining Disabling HTTP Pipelining when there are ongoing transfers can lead to heap corruption and crash. https://curl.haxx.se/bug/view.cgi?id=1411 1.3 STARTTRANSFER time is wrong for HTTP POSTs Wrong STARTTRANSFER timer accounting for POST requests Timer works fine with GET requests, but while using POST the time for CURLINFO_STARTTRANSFER_TIME is wrong. While using POST CURLINFO_STARTTRANSFER_TIME minus CURLINFO_PRETRANSFER_TIME is near to zero every time. https://github.com/curl/curl/issues/218 https://curl.haxx.se/bug/view.cgi?id=1213 1.4 multipart formposts file name encoding When creating multipart formposts. The file name part can be encoded with something beyond ascii but currently libcurl will only pass in the verbatim string the app provides. There are several browsers that already do this encoding. The key seems to be the updated draft to RFC2231: https://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02 1.5 Expect-100 meets 417 If an upload using Expect: 100-continue receives an HTTP 417 response, it ought to be automatically resent without the Expect:. A workaround is for the client application to redo the transfer after disabling Expect:. https://curl.haxx.se/mail/archive-2008-02/0043.html 1.6 Unnecessary close when 401 received waiting for 100 libcurl closes the connection if an HTTP 401 reply is received while it is waiting for the the 100-continue response. https://curl.haxx.se/mail/lib-2008-08/0462.html 1.8 DNS timing is wrong for HTTP redirects When extracting timing information after HTTP redirects, only the last transfer's results are returned and not the totals: https://github.com/curl/curl/issues/522 1.9 HTTP/2 frames while in the connection pool kill reuse If the server sends HTTP/2 frames (like for example an HTTP/2 PING frame) to curl while the connection is held in curl's connection pool, the socket will be found readable when considered for reuse and that makes curl think it is dead and then it will be closed and a new connection gets created instead. This is *best* fixed by adding monitoring to connections while they are kept in the pool so that pings can be responded to appropriately. 1.10 Strips trailing dot from host name When given a URL wit a trailing dot for the host name part: "https://example.com./", libcurl will strip off the dot and use the name without a dot internally and send it dot-less in HTTP Host: headers and in the TLS SNI field. The HTTP part violates RFC 7230 section 5.4 but the SNI part is accordance with RFC 6066 section 3. URLs using these trailing dots are very rare in the wild and we have not seen or gotten any real-world problems with such URLs reported. The popular browsers seem to have stayed with not stripping the dot for both uses (thus they violate RFC 6066 instead of RFC 7230). Daniel took the discussion to the HTTPbis mailing list in March 2016: https://lists.w3.org/Archives/Public/ietf-http-wg/2016JanMar/0430.html but there was not major rush or interest to fix this. The impression I get is that most HTTP people rather not rock the boat now and instead prioritize web compatibility rather than to strictly adhere to these RFCs. Our current approach allows a knowing client to send a custom HTTP header with the dot added. It can also be noted that while adding a trailing dot to the host name in most (all?) cases will make the name resolve to the same set of IP addresses, many HTTP servers will not happily accept the trailing dot there unless that has been specificly configured to be a fine virtual host. If URLs with trailing dots for host names become more popular or even just used more than for just plain fun experiments, I'm sure we will have reason to go back and reconsider. See https://github.com/curl/curl/issues/716 for the discussion. 1.11 CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM I'm using libcurl to POST form data using a FILE* with the CURLFORM_STREAM option of curl_formadd(). I've noticed that if the connection drops at just the right time, the POST is reattempted without the data from the file. It seems like the file stream position isn't getting reset to the beginning of the file. I found the CURLOPT_SEEKFUNCTION option and set that with a function that performs an fseek() on the FILE*. However, setting that didn't seem to fix the issue or even get called. See https://github.com/curl/curl/issues/768 2. TLS 2.1 CURLINFO_SSL_VERIFYRESULT has limited support CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS backends, so relying on this information in a generic app is flaky. 2.2 DER in keychain Curl doesn't recognize certificates in DER format in keychain, but it works with PEM. https://curl.haxx.se/bug/view.cgi?id=1065 2.3 GnuTLS backend skips really long certificate fields libcurl calls gnutls_x509_crt_get_dn() with a fixed buffer size and if the field is too long in the cert, it'll just return an error and the field will be displayed blank. 3. Email protocols 3.1 IMAP SEARCH ALL truncated response IMAP "SEARCH ALL" truncates output on large boxes. "A quick search of the code reveals that pingpong.c contains some truncation code, at line 408, when it deems the server response to be too large truncating it to 40 characters" https://curl.haxx.se/bug/view.cgi?id=1366 3.2 No disconnect command The disconnect commands (LOGOUT and QUIT) may not be sent by IMAP, POP3 and SMTP if a failure occurs during the authentication phase of a connection. 3.3 SMTP to multiple recipients When sending data to multiple recipients, curl will abort and return failure if one of the recipients indicate failure (on the "RCPT TO" command). Ordinary mail programs would proceed and still send to the ones that can receive data. This is subject for change in the future. https://curl.haxx.se/bug/view.cgi?id=1116 3.4 POP3 expects "CRLF.CRLF" eob for some single-line responses You have to tell libcurl not to expect a body, when dealing with one line response commands. Please see the POP3 examples and test cases which show this for the NOOP and DELE commands. https://curl.haxx.se/bug/?i=740 4. Command line 4.1 -J with %-encoded file nameas -J/--remote-header-name doesn't decode %-encoded file names. RFC6266 details how it should be done. The can of worm is basically that we have no charset handling in curl and ascii >=128 is a challenge for us. Not to mention that decoding also means that we need to check for nastiness that is attempted, like "../" sequences and the like. Probably everything to the left of any embedded slashes should be cut off. https://curl.haxx.se/bug/view.cgi?id=1294 4.2 -J with -C - fails When using -J (with -O), automatically resumed downloading together with "-C -" fails. Without -J the same command line works! This happens because the resume logic is worked out before the target file name (and thus its pre-transfer size) has been figured out! https://curl.haxx.se/bug/view.cgi?id=1169 4.3 --retry and transfer timeouts If using --retry and the transfer timeouts (possibly due to using -m or -y/-Y) the next attempt doesn't resume the transfer properly from what was downloaded in the previous attempt but will truncate and restart at the original position where it was at before the previous failed attempt. See https://curl.haxx.se/mail/lib-2008-01/0080.html and Mandriva bug report https://qa.mandriva.com/show_bug.cgi?id=22565 5. Build and portability issues 5.1 Windows Borland compiler When building with the Windows Borland compiler, it fails because the "tlib" tool doesn't support hyphens (minus signs) in file names and we have such in the build. https://curl.haxx.se/bug/view.cgi?id=1222 5.2 curl-config --libs contains private details "curl-config --libs" will include details set in LDFLAGS when configure is run that might be needed only for building libcurl. Further, curl-config --cflags suffers from the same effects with CFLAGS/CPPFLAGS. 5.3 libidn and old iconv Test case 165 might fail on a system which has libidn present, but with an old iconv version (2.1.3 is a known bad version), since it doesn't recognize the charset when named ISO8859-1. Changing the name to ISO-8859-1 makes the test pass, but instead makes it fail on Solaris hosts that use its native iconv. 5.4 AIX shared build with c-ares fails curl version 7.12.2 fails on AIX if compiled with --enable-ares. The workaround is to combine --enable-ares with --disable-shared 5.5 can't handle Unicode arguments in Windows If a URL or filename can't be encoded using the user's current codepage then it can only be encoded properly in the Unicode character set. Windows uses UTF-16 encoding for Unicode and stores it in wide characters, however curl and libcurl are not equipped for that at the moment. And, except for Cygwin, Windows can't use UTF-8 as a locale. https://curl.haxx.se/bug/?i=345 https://curl.haxx.se/bug/?i=731 5.6 cmake support gaps The cmake build setup lacks several features that the autoconf build offers. This includes: - symbol hiding when the shared library is built - use of correct soname for the shared library build - support for several TLS backends are missing - the unit tests cause link failures in regular non-static builds - no nghttp2 check 5.7 Visual Studio project gaps The Visual Studio projects lack some features that the autoconf and nmake builds offer, such as the following: - support for zlib and nghttp2 - use of static runtime libraries - add the test suite components In addition to this the following could be implemented: - support for other development IDEs - add PATH environment variables for third-party DLLs 5.8 configure finding libs in wrong directory When the configure script checks for third-party libraries, it adds those directories to the LDFLAGS variable and then tries linking to see if it works. When successful, the found directory is kept in the LDFLAGS variable when the script continues to execute and do more tests and possibly check for more libraries. This can make subsequent checks for libraries wrongly detect another installation in a directory that was previously added to LDFLAGS by another library check! A possibly better way to do these checks would be to keep the pristine LDFLAGS even after successful checks and instead add those verified paths to a separate variable that only after all library checks have been performed gets appended to LDFLAGS. 5.9 Utilize Requires.private directives in libcurl.pc https://github.com/curl/curl/issues/864 5.10 Fix the gcc typechecks Issue #846 identifies a problem with the gcc-typechecks and how the types are documented and checked for CURLINFO_CERTINFO but our attempts to fix the issue were futile and needs more attention. https://github.com/curl/curl/issues/846 6. Authentication 6.1 NTLM authentication and unicode NTLM authentication involving unicode user name or password only works properly if built with UNICODE defined together with the WinSSL/schannel backend. The original problem was mentioned in: https://curl.haxx.se/mail/lib-2009-10/0024.html https://curl.haxx.se/bug/view.cgi?id=896 The WinSSL/schannel version verified to work as mentioned in https://curl.haxx.se/mail/lib-2012-07/0073.html 6.2 MIT Kerberos for Windows build libcurl fails to build with MIT Kerberos for Windows (KfW) due to KfW's library header files exporting symbols/macros that should be kept private to the KfW library. See ticket #5601 at http://krbdev.mit.edu/rt/ 6.3 NTLM in system context uses wrong name NTLM authentication using SSPI (on Windows) when (lib)curl is running in "system context" will make it use wrong(?) user name - at least when compared to what winhttp does. See https://curl.haxx.se/bug/view.cgi?id=535 6.4 Negotiate and Kerberos V5 need a fake user name In order to get Negotiate (SPNEGO) authentication to work in HTTP or Kerberos V5 in the e-mail protocols, you need to provide a (fake) user name (this concerns both curl and the lib) because the code wrongly only considers authentication if there's a user name provided by setting conn->bits.user_passwd in url.c https://curl.haxx.se/bug/view.cgi?id=440 How? https://curl.haxx.se/mail/lib-2004-08/0182.html A possible solution is to either modify this variable to be set or introduce a variable such as new conn->bits.want_authentication which is set when any of the authentication options are set. 7. FTP 7.1 FTP without or slow 220 response If a connection is made to a FTP server but the server then just never sends the 220 response or otherwise is dead slow, libcurl will not acknowledge the connection timeout during that phase but only the "real" timeout - which may surprise users as it is probably considered to be the connect phase to most people. Brought up (and is being misunderstood) in: https://curl.haxx.se/bug/view.cgi?id=856 7.2 FTP with CONNECT and slow server When doing FTP over a socks proxy or CONNECT through HTTP proxy and the multi interface is used, libcurl will fail if the (passive) TCP connection for the data transfer isn't more or less instant as the code does not properly wait for the connect to be confirmed. See test case 564 for a first shot at a test case. 7.3 FTP with NOBODY and FAILONERROR It seems sensible to be able to use CURLOPT_NOBODY and CURLOPT_FAILONERROR with FTP to detect if a file exists or not, but it is not working: https://curl.haxx.se/mail/lib-2008-07/0295.html 7.4 FTP with ACCT When doing an operation over FTP that requires the ACCT command (but not when logging in), the operation will fail since libcurl doesn't detect this and thus fails to issue the correct command: https://curl.haxx.se/bug/view.cgi?id=635 7.5 ASCII FTP FTP ASCII transfers do not follow RFC959. They don't convert the data accordingly (not for sending nor for receiving). RFC 959 section 3.1.1.1 clearly describes how this should be done: The sender converts the data from an internal character representation to the standard 8-bit NVT-ASCII representation (see the Telnet specification). The receiver will convert the data from the standard form to his own internal form. Since 7.15.4 at least line endings are converted. 7.6 FTP with NULs in URL parts FTP URLs passed to curl may contain NUL (0x00) in the RFC 1738 <user>, <password>, and <fpath> components, encoded as "%00". The problem is that curl_unescape does not detect this, but instead returns a shortened C string. From a strict FTP protocol standpoint, NUL is a valid character within RFC 959 <string>, so the way to handle this correctly in curl would be to use a data structure other than a plain C string, one that can handle embedded NUL characters. From a practical standpoint, most FTP servers would not meaningfully support NUL characters within RFC 959 <string>, anyway (e.g., Unix pathnames may not contain NUL). 7.7 FTP and empty path parts in the URL libcurl ignores empty path parts in FTP URLs, whereas RFC1738 states that such parts should be sent to the server as 'CWD ' (without an argument). The only exception to this rule, is that we knowingly break this if the empty part is first in the path, as then we use the double slashes to indicate that the user wants to reach the root dir (this exception SHALL remain even when this bug is fixed). 7.8 Premature transfer end but healthy control channel When 'multi_done' is called before the transfer has been completed the normal way, it is considered a "premature" transfer end. In this situation, libcurl closes the connection assuming it doesn't know the state of the connection so it can't be reused for subsequent requests. With FTP however, this isn't necessarily true but there are a bunch of situations (listed in the ftp_done code) where it *could* keep the connection alive even in this situation - but the current code doesn't. Fixing this would allow libcurl to reuse FTP connections better. 8. TELNET 8.1 TELNET and time limtiations don't work When using telnet, the time limitation options don't work. https://curl.haxx.se/bug/view.cgi?id=846 8.2 Microsoft telnet server There seems to be a problem when connecting to the Microsoft telnet server. https://curl.haxx.se/bug/view.cgi?id=649 9. SFTP and SCP 9.1 SFTP doesn't do CURLOPT_POSTQUOTE correct When libcurl sends CURLOPT_POSTQUOTE commands when connected to a SFTP server using the multi interface, the commands are not being sent correctly and instead the connection is "cancelled" (the operation is considered done) prematurely. There is a half-baked (busy-looping) patch provided in the bug report but it cannot be accepted as-is. See https://curl.haxx.se/bug/view.cgi?id=748 10. SOCKS 10.1 SOCKS proxy connections are done blocking Both SOCKS5 and SOCKS4 proxy connections are done blocking, which is very bad when used with the multi interface. 10.2 SOCKS don't support timeouts The SOCKS4 connection codes don't properly acknowledge (connect) timeouts. According to bug #1556528, even the SOCKS5 connect code does not do it right: https://curl.haxx.se/bug/view.cgi?id=604 When connecting to a SOCK proxy, the (connect) timeout is not properly acknowledged after the actual TCP connect (during the SOCKS "negotiate" phase). 10.3 FTPS over SOCKS libcurl doesn't support FTPS over a SOCKS proxy. 10.4 active FTP over a SOCKS libcurl doesn't support active FTP over a SOCKS proxy 11. Internals 11.1 Curl leaks .onion hostnames in DNS Curl sends DNS requests for hostnames with a .onion TLD. This leaks information about what the user is attempting to access, and violates this requirement of RFC7686: https://tools.ietf.org/html/rfc7686 Issue: https://github.com/curl/curl/issues/543 11.2 error buffer not set if connection to multiple addresses fails If you ask libcurl to resolve a hostname like example.com to IPv6 addresses only. But you only have IPv4 connectivity. libcurl will correctly fail with CURLE_COULDNT_CONNECT. But the error buffer set by CURLOPT_ERRORBUFFER remains empty. Issue: https://github.com/curl/curl/issues/544 11.3 c-ares deviates from stock resolver on http://1346569778 When using the socket resolvers, that URL becomes: * Rebuilt URL to: http://1346569778/ * Trying 80.67.6.50... but with c-ares it instead says "Could not resolve: 1346569778 (Domain name not found)" See https://github.com/curl/curl/issues/893 12. LDAP and OpenLDAP 12.1 OpenLDAP hangs after returning results By configuration defaults, openldap automatically chase referrals on secondary socket descriptors. The OpenLDAP backend is asynchronous and thus should monitor all socket descriptors involved. Currently, these secondary descriptors are not monitored, causing openldap library to never receive data from them. As a temporary workaround, disable referrals chasing by configuration. The fix is not easy: proper automatic referrals chasing requires a synchronous bind callback and monitoring an arbitrary number of socket descriptors for a single easy handle (currently limited to 5). Generic LDAP is synchronous: OK. See https://github.com/curl/curl/issues/622 and https://curl.haxx.se/mail/lib-2016-01/0101.html 13. TCP/IP 13.1 --interface for ipv6 binds to unusable IP address Since IPv6 provides a lot of addresses with different scope, binding to an IPv6 address needs to take the proper care so that it doesn't bind to a locally scoped address as that is bound to fail. https://github.com/curl/curl/issues/686 |
Added scriptlibs/softwareupdate/curl/docs/LICENSE-MIXING.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 | License Mixing ============== libcurl can be built to use a fair amount of various third party libraries, libraries that are written and provided by other parties that are distributed using their own licenses. Even libcurl itself contains code that may cause problems to some. This document attempts to describe what licenses libcurl and the other libraries use and what possible dilemmas linking and mixing them all can lead to for end users. I am not a lawyer and this is not legal advice! One common dilemma is that [GPL](https://www.gnu.org/licenses/gpl.html) licensed code is not allowed to be linked with code licensed under the [Original BSD license](https://spdx.org/licenses/BSD-4-Clause.html) (with the announcement clause). You may still build your own copies that use them all, but distributing them as binaries would be to violate the GPL license - unless you accompany your license with an [exception](https://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs). This particular problem was addressed when the [Modified BSD license](https://opensource.org/licenses/BSD-3-Clause) was created, which does not have the announcement clause that collides with GPL. ## libcurl Uses an [MIT style license](https://curl.haxx.se/docs/copyright.html) that is very liberal. ## OpenSSL (May be used for SSL/TLS support) Uses an Original BSD-style license with an announcement clause that makes it "incompatible" with GPL. You are not allowed to ship binaries that link with OpenSSL that includes GPL code (unless that specific GPL code includes an exception for OpenSSL - a habit that is growing more and more common). If OpenSSL's licensing is a problem for you, consider using another TLS library. ## GnuTLS (May be used for SSL/TLS support) Uses the [LGPL](https://www.gnu.org/licenses/lgpl.html) license. If this is a problem for you, consider using another TLS library. Also note that GnuTLS itself depends on and uses other libs (libgcrypt and libgpg-error) and they too are LGPL- or GPL-licensed. ## WolfSSL (May be used for SSL/TLS support) Uses the GPL license or a proprietary license. If this is a problem for you, consider using another TLS library. ## NSS (May be used for SSL/TLS support) Is covered by the [MPL](https://www.mozilla.org/MPL/) license, the GPL license and the LGPL license. You may choose to license the code under MPL terms, GPL terms, or LGPL terms. These licenses grant you different permissions and impose different obligations. You should select the license that best meets your needs. ## axTLS (May be used for SSL/TLS support) Uses a Modified BSD-style license. ## mbedTLS (May be used for SSL/TLS support) Uses the [Apache 2.0 license](https://opensource.org/licenses/Apache-2.0) or the GPL license. You may choose to license the code under Apache 2.0 terms or GPL terms. These licenses grant you different permissions and impose different obligations. You should select the license that best meets your needs. ## BoringSSL (May be used for SSL/TLS support) As an OpenSSL fork, it has the same license as that. ## libressl (May be used for SSL/TLS support) As an OpenSSL fork, it has the same license as that. ## c-ares (Used for asynchronous name resolves) Uses an MIT license that is very liberal and imposes no restrictions on any other library or part you may link with. ## zlib (Used for compressed Transfer-Encoding support) Uses an MIT-style license that shouldn't collide with any other library. ## MIT Kerberos (May be used for GSS support) MIT licensed, that shouldn't collide with any other parts. ## Heimdal (May be used for GSS support) Heimdal is Original BSD licensed with the announcement clause. ## GNU GSS (May be used for GSS support) GNU GSS is GPL licensed. Note that you may not distribute binary curl packages that uses this if you build curl to also link and use any Original BSD licensed libraries! ## libidn (Used for IDNA support) Uses the GNU Lesser General Public License [3]. LGPL is a variation of GPL with slightly less aggressive "copyleft". This license requires more requirements to be met when distributing binaries, see the license for details. Also note that if you distribute a binary that includes this library, you must also include the full LGPL license text. Please properly point out what parts of the distributed package that the license addresses. ## OpenLDAP (Used for LDAP support) Uses a Modified BSD-style license. Since libcurl uses OpenLDAP as a shared library only, I have not heard of anyone that ships OpenLDAP linked with libcurl in an app. ## libssh2 (Used for scp and sftp support) libssh2 uses a Modified BSD-style license. |
Added scriptlibs/softwareupdate/curl/docs/MAIL-ETIQUETTE.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 | _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| MAIL ETIQUETTE 1. About the lists 1.1 Mailing Lists 1.2 Netiquette 1.3 Do Not Mail a Single Individual 1.4 Subscription Required 1.5 Moderation of new posters 1.6 Handling trolls and spam 1.7 How to unsubscribe 1.8 I posted, now what? 2. Sending mail 2.1 Reply or New Mail 2.2 Reply to the List 2.3 Use a Sensible Subject 2.4 Do Not Top-Post 2.5 HTML is not for mails 2.6 Quoting 2.7 Digest 2.8 Please Tell Us How You Solved The Problem! ============================================================================== 1. About the lists 1.1 Mailing Lists The mailing lists we have are all listed and described at https://curl.haxx.se/mail/ Each mailing list is targeted to a specific set of users and subjects, please use the one or the ones that suit you the most. Each mailing list has hundreds up to thousands of readers, meaning that each mail sent will be received and read by a very large number of people. People from various cultures, regions, religions and continents. 1.2 Netiquette Netiquette is a common term for how to behave on the internet. Of course, in each particular group and subculture there will be differences in what is acceptable and what is considered good manners. This document outlines what we in the curl project consider to be good etiquette, and primarily this focus on how to behave on and how to use our mailing lists. 1.3 Do Not Mail a Single Individual Many people send one question to one person. One person gets many mails, and there is only one person who can give you a reply. The question may be something that other people would also like to ask. These other people have no way to read the reply, but to ask the one person the question. The one person consequently gets overloaded with mail. If you really want to contact an individual and perhaps pay for his or her services, by all means go ahead, but if it's just another curl question, take it to a suitable list instead. 1.4 Subscription Required All curl mailing lists require that you are subscribed to allow a mail to go through to all the subscribers. If you post without being subscribed (or from a different mail address than the one you are subscribed with), your mail will simply be silently discarded. You have to subscribe first, then post. The reason for this unfortunate and strict subscription policy is of course to stop spam from pestering the lists. 1.5 Moderation of new posters Several of the curl mailing lists automatically make all posts from new subscribers be moderated. This means that after you've subscribed and sent your first mail to a list, that mail will not be let through to the list until a mailing list administrator has verified that it is OK and permits it to get posted. Once a first post has been made that proves the sender is actually talking about curl-related subjects, the moderation "flag" will be switched off and future posts will go through without being moderated. The reason for this moderation policy is that we do suffer from spammers who actually subscribe and send spam to our lists. 1.6 Handling trolls and spam Despite our good intentions and hard work to keep spam off the lists and to maintain a friendly and positive atmosphere, there will be times when spam and or trolls get through. Troll - "someone who posts inflammatory, extraneous, or off-topic messages in an online community" Spam - "use of electronic messaging systems to send unsolicited bulk messages" No matter what, we NEVER EVER respond to trolls or spammers on the list. If you believe the list admin should do something in particular, contact him/her off-list. The subject will be taken care of as much as possible to prevent repeated offenses, but responding on the list to such messages never leads to anything good and only puts the light even more on the offender: which was the entire purpose of it getting sent to the list in the first place. Don't feed the trolls! 1.7 How to unsubscribe You can unsubscribe the same way you subscribed in the first place. You go to the page for the particular mailing list you're subscribed to and you enter your email address and password and press the unsubscribe button. Also, the instructions to unsubscribe are included in the headers of every mail that is sent out to all curl related mailing lists and there's a footer in each mail that links to the "admin" page on which you can unsubscribe and change other options. You NEVER EVER email the mailing list requesting someone else to take you off the list. 1.8 I posted, now what? If you aren't subscribed with the exact same email address that you used to send the email, your post will just be silently discarded. If you posted for the first time to the mailing list, you first need to wait for an administrator to allow your email to go through (moderated). This normally happens very quickly but in case we're asleep, you may have to wait a few hours. Once your email goes through it is sent out to several hundred or even thousands of recipients. Your email may cover an area that not that many people know about or are interested in. Or possibly the person who knows about it is on vacation or under a very heavy work load right now. You may have to wait for a response and you should not expect to get a response at all, but hopefully you get an answer within a couple of days. You do yourself and all of us a service when you include as many details as possible already in your first email. Mention your operating system and environment. Tell us which curl version you're using and tell us what you did, what happened and what you expected would happen. Preferably, show us what you did with details enough to allow others to help point out the problem or repeat the same steps in their locations. Failing to include details will only delay responses and make people respond and ask for more details and you will have to send a follow-up email that includes them. Expect the responses to primarily help YOU debug the issue, or ask YOU questions that can lead you or others towards a solution or explanation to whatever you experience. If you are a repeat offender to the guidelines outlined in this document, chances are that people will ignore you at will and your chances to get responses in the future will greatly diminish. 2. Sending mail 2.1 Reply or New Mail Please do not reply to an existing message as a short-cut to post a message to the lists. Many mail programs and web archivers use information within mails to keep them together as "threads", as collections of posts that discuss a certain subject. If you don't intend to reply on the same or similar subject, don't just hit reply on an existing mail and change subject, create a new mail. 2.2 Reply to the List When replying to a message from the list, make sure that you do "group reply" or "reply to all", and not just reply to the author of the single mail you reply to. We're actively discouraging replying back to the single person by setting the Reply-To: field in outgoing mails back to the mailing list address, making it harder for people to mail the author directly, if only by mistake. 2.3 Use a Sensible Subject Please use a subject of the mail that makes sense and that is related to the contents of your mail. It makes it a lot easier to find your mail afterwards and it makes it easier to track mail threads and topics. 2.4 Do Not Top-Post If you reply to a message, don't use top-posting. Top-posting is when you write the new text at the top of a mail and you insert the previous quoted mail conversation below. It forces users to read the mail in a backwards order to properly understand it. This is why top posting is so bad (in top posting order): A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Apart from the screwed up read order (especially when mixed together in a thread when someone responds using the mandated bottom-posting style), it also makes it impossible to quote only parts of the original mail. When you reply to a mail. You let the mail client insert the previous mail quoted. Then you put the cursor on the first line of the mail and you move down through the mail, deleting all parts of the quotes that don't add context for your comments. When you want to add a comment you do so, inline, right after the quotes that relate to your comment. Then you continue downwards again. When most of the quotes have been removed and you've added your own words, you're done! 2.5 HTML is not for mails Please switch off those HTML encoded messages. You can mail all those funny mails to your friends. We speak plain text mails. 2.6 Quoting Quote as little as possible. Just enough to provide the context you cannot leave out. A lengthy description can be found here: https://www.netmeister.org/news/learn2quote.html 2.7 Digest We allow subscribers to subscribe to the "digest" version of the mailing lists. A digest is a collection of mails lumped together in one single mail. Should you decide to reply to a mail sent out as a digest, there are two things you MUST consider if you really really cannot subscribe normally instead: Cut off all mails and chatter that is not related to the mail you want to reply to. Change the subject name to something sensible and related to the subject, preferably even the actual subject of the single mail you wanted to reply to 2.8 Please Tell Us How You Solved The Problem! Many people mail questions to the list, people spend some of their time and make an effort in providing good answers to these questions. If you are the one who asks, please consider responding once more in case one of the hints was what solved your problems. The guys who write answers feel good to know that they provided a good answer and that you fixed the problem. Far too often, the person who asked the question is never heard from again, and we never get to know if he/she is gone because the problem was solved or perhaps because the problem was unsolvable! Getting the solution posted also helps other users that experience the same problem(s). They get to see (possibly in the web archives) that the suggested fixes actually has helped at least one person. |
Added scriptlibs/softwareupdate/curl/docs/MANUAL.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 | LATEST VERSION You always find news about what's going on as well as the latest versions from the curl web pages, located at: https://curl.haxx.se SIMPLE USAGE Get the main page from Netscape's web-server: curl http://www.netscape.com/ Get the README file the user's home directory at funet's ftp-server: curl ftp://ftp.funet.fi/README Get a web page from a server using port 8000: curl http://www.weirdserver.com:8000/ Get a directory listing of an FTP site: curl ftp://cool.haxx.se/ Get the definition of curl from a dictionary: curl dict://dict.org/m:curl Fetch two documents at once: curl ftp://cool.haxx.se/ http://www.weirdserver.com:8000/ Get a file off an FTPS server: curl ftps://files.are.secure.com/secrets.txt or use the more appropriate FTPS way to get the same file: curl --ftp-ssl ftp://files.are.secure.com/secrets.txt Get a file from an SSH server using SFTP: curl -u username sftp://example.com/etc/issue Get a file from an SSH server using SCP using a private key (not password-protected) to authenticate: curl -u username: --key ~/.ssh/id_rsa \ scp://example.com/~/file.txt Get a file from an SSH server using SCP using a private key (password-protected) to authenticate: curl -u username: --key ~/.ssh/id_rsa --pass private_key_password \ scp://example.com/~/file.txt Get the main page from an IPv6 web server: curl "http://[2001:1890:1112:1::20]/" Get a file from an SMB server: curl -u "domain\username:passwd" smb://server.example.com/share/file.txt DOWNLOAD TO A FILE Get a web page and store in a local file with a specific name: curl -o thatpage.html http://www.netscape.com/ Get a web page and store in a local file, make the local file get the name of the remote document (if no file name part is specified in the URL, this will fail): curl -O http://www.netscape.com/index.html Fetch two files and store them with their remote names: curl -O www.haxx.se/index.html -O curl.haxx.se/download.html USING PASSWORDS FTP To ftp files using name+passwd, include them in the URL like: curl ftp://name:passwd@machine.domain:port/full/path/to/file or specify them with the -u flag like curl -u name:passwd ftp://machine.domain:port/full/path/to/file FTPS It is just like for FTP, but you may also want to specify and use SSL-specific options for certificates etc. Note that using FTPS:// as prefix is the "implicit" way as described in the standards while the recommended "explicit" way is done by using FTP:// and the --ftp-ssl option. SFTP / SCP This is similar to FTP, but you can use the --key option to specify a private key to use instead of a password. Note that the private key may itself be protected by a password that is unrelated to the login password of the remote system; this password is specified using the --pass option. Typically, curl will automatically extract the public key from the private key file, but in cases where curl does not have the proper library support, a matching public key file must be specified using the --pubkey option. HTTP Curl also supports user and password in HTTP URLs, thus you can pick a file like: curl http://name:passwd@machine.domain/full/path/to/file or specify user and password separately like in curl -u name:passwd http://machine.domain/full/path/to/file HTTP offers many different methods of authentication and curl supports several: Basic, Digest, NTLM and Negotiate (SPNEGO). Without telling which method to use, curl defaults to Basic. You can also ask curl to pick the most secure ones out of the ones that the server accepts for the given URL, by using --anyauth. NOTE! According to the URL specification, HTTP URLs can not contain a user and password, so that style will not work when using curl via a proxy, even though curl allows it at other times. When using a proxy, you _must_ use the -u style for user and password. HTTPS Probably most commonly used with private certificates, as explained below. PROXY curl supports both HTTP and SOCKS proxy servers, with optional authentication. It does not have special support for FTP proxy servers since there are no standards for those, but it can still be made to work with many of them. You can also use both HTTP and SOCKS proxies to transfer files to and from FTP servers. Get an ftp file using an HTTP proxy named my-proxy that uses port 888: curl -x my-proxy:888 ftp://ftp.leachsite.com/README Get a file from an HTTP server that requires user and password, using the same proxy as above: curl -u user:passwd -x my-proxy:888 http://www.get.this/ Some proxies require special authentication. Specify by using -U as above: curl -U user:passwd -x my-proxy:888 http://www.get.this/ A comma-separated list of hosts and domains which do not use the proxy can be specified as: curl --noproxy localhost,get.this -x my-proxy:888 http://www.get.this/ If the proxy is specified with --proxy1.0 instead of --proxy or -x, then curl will use HTTP/1.0 instead of HTTP/1.1 for any CONNECT attempts. curl also supports SOCKS4 and SOCKS5 proxies with --socks4 and --socks5. See also the environment variables Curl supports that offer further proxy control. Most FTP proxy servers are set up to appear as a normal FTP server from the client's perspective, with special commands to select the remote FTP server. curl supports the -u, -Q and --ftp-account options that can be used to set up transfers through many FTP proxies. For example, a file can be uploaded to a remote FTP server using a Blue Coat FTP proxy with the options: curl -u "Remote-FTP-Username@remote.ftp.server Proxy-Username:Remote-Pass" \ --ftp-account Proxy-Password --upload-file local-file \ ftp://my-ftp.proxy.server:21/remote/upload/path/ See the manual for your FTP proxy to determine the form it expects to set up transfers, and curl's -v option to see exactly what curl is sending. RANGES HTTP 1.1 introduced byte-ranges. Using this, a client can request to get only one or more subparts of a specified document. Curl supports this with the -r flag. Get the first 100 bytes of a document: curl -r 0-99 http://www.get.this/ Get the last 500 bytes of a document: curl -r -500 http://www.get.this/ Curl also supports simple ranges for FTP files as well. Then you can only specify start and stop position. Get the first 100 bytes of a document using FTP: curl -r 0-99 ftp://www.get.this/README UPLOADING FTP / FTPS / SFTP / SCP Upload all data on stdin to a specified server: curl -T - ftp://ftp.upload.com/myfile Upload data from a specified file, login with user and password: curl -T uploadfile -u user:passwd ftp://ftp.upload.com/myfile Upload a local file to the remote site, and use the local file name at the remote site too: curl -T uploadfile -u user:passwd ftp://ftp.upload.com/ Upload a local file to get appended to the remote file: curl -T localfile -a ftp://ftp.upload.com/remotefile Curl also supports ftp upload through a proxy, but only if the proxy is configured to allow that kind of tunneling. If it does, you can run curl in a fashion similar to: curl --proxytunnel -x proxy:port -T localfile ftp.upload.com SMB / SMBS curl -T file.txt -u "domain\username:passwd" smb://server.example.com/share/ HTTP Upload all data on stdin to a specified HTTP site: curl -T - http://www.upload.com/myfile Note that the HTTP server must have been configured to accept PUT before this can be done successfully. For other ways to do HTTP data upload, see the POST section below. VERBOSE / DEBUG If curl fails where it isn't supposed to, if the servers don't let you in, if you can't understand the responses: use the -v flag to get verbose fetching. Curl will output lots of info and what it sends and receives in order to let the user see all client-server interaction (but it won't show you the actual data). curl -v ftp://ftp.upload.com/ To get even more details and information on what curl does, try using the --trace or --trace-ascii options with a given file name to log to, like this: curl --trace trace.txt www.haxx.se DETAILED INFORMATION Different protocols provide different ways of getting detailed information about specific files/documents. To get curl to show detailed information about a single file, you should use -I/--head option. It displays all available info on a single file for HTTP and FTP. The HTTP information is a lot more extensive. For HTTP, you can get the header information (the same as -I would show) shown before the data by using -i/--include. Curl understands the -D/--dump-header option when getting files from both FTP and HTTP, and it will then store the headers in the specified file. Store the HTTP headers in a separate file (headers.txt in the example): curl --dump-header headers.txt curl.haxx.se Note that headers stored in a separate file can be very useful at a later time if you want curl to use cookies sent by the server. More about that in the cookies section. POST (HTTP) It's easy to post data using curl. This is done using the -d <data> option. The post data must be urlencoded. Post a simple "name" and "phone" guestbook. curl -d "name=Rafael%20Sagula&phone=3320780" \ http://www.where.com/guest.cgi How to post a form with curl, lesson #1: Dig out all the <input> tags in the form that you want to fill in. (There's a perl program called formfind.pl on the curl site that helps with this). If there's a "normal" post, you use -d to post. -d takes a full "post string", which is in the format <variable1>=<data1>&<variable2>=<data2>&... The 'variable' names are the names set with "name=" in the <input> tags, and the data is the contents you want to fill in for the inputs. The data *must* be properly URL encoded. That means you replace space with + and that you replace weird letters with %XX where XX is the hexadecimal representation of the letter's ASCII code. Example: (page located at http://www.formpost.com/getthis/ <form action="post.cgi" method="post"> <input name=user size=10> <input name=pass type=password size=10> <input name=id type=hidden value="blablabla"> <input name=ding value="submit"> </form> We want to enter user 'foobar' with password '12345'. To post to this, you enter a curl command line like: curl -d "user=foobar&pass=12345&id=blablabla&ding=submit" (continues) http://www.formpost.com/getthis/post.cgi While -d uses the application/x-www-form-urlencoded mime-type, generally understood by CGI's and similar, curl also supports the more capable multipart/form-data type. This latter type supports things like file upload. -F accepts parameters like -F "name=contents". If you want the contents to be read from a file, use <@filename> as contents. When specifying a file, you can also specify the file content type by appending ';type=<mime type>' to the file name. You can also post the contents of several files in one field. For example, the field name 'coolfiles' is used to send three files, with different content types using the following syntax: curl -F "coolfiles=@fil1.gif;type=image/gif,fil2.txt,fil3.html" \ http://www.post.com/postit.cgi If the content-type is not specified, curl will try to guess from the file extension (it only knows a few), or use the previously specified type (from an earlier file if several files are specified in a list) or else it will use the default type 'application/octet-stream'. Emulate a fill-in form with -F. Let's say you fill in three fields in a form. One field is a file name which to post, one field is your name and one field is a file description. We want to post the file we have written named "cooltext.txt". To let curl do the posting of this data instead of your favourite browser, you have to read the HTML source of the form page and find the names of the input fields. In our example, the input field names are 'file', 'yourname' and 'filedescription'. curl -F "file=@cooltext.txt" -F "yourname=Daniel" \ -F "filedescription=Cool text file with cool text inside" \ http://www.post.com/postit.cgi To send two files in one post you can do it in two ways: 1. Send multiple files in a single "field" with a single field name: curl -F "pictures=@dog.gif,cat.gif" 2. Send two fields with two field names: curl -F "docpicture=@dog.gif" -F "catpicture=@cat.gif" To send a field value literally without interpreting a leading '@' or '<', or an embedded ';type=', use --form-string instead of -F. This is recommended when the value is obtained from a user or some other unpredictable source. Under these circumstances, using -F instead of --form-string would allow a user to trick curl into uploading a file. REFERRER An HTTP request has the option to include information about which address referred it to the actual page. Curl allows you to specify the referrer to be used on the command line. It is especially useful to fool or trick stupid servers or CGI scripts that rely on that information being available or contain certain data. curl -e www.coolsite.com http://www.showme.com/ NOTE: The Referer: [sic] field is defined in the HTTP spec to be a full URL. USER AGENT An HTTP request has the option to include information about the browser that generated the request. Curl allows it to be specified on the command line. It is especially useful to fool or trick stupid servers or CGI scripts that only accept certain browsers. Example: curl -A 'Mozilla/3.0 (Win95; I)' http://www.nationsbank.com/ Other common strings: 'Mozilla/3.0 (Win95; I)' Netscape Version 3 for Windows 95 'Mozilla/3.04 (Win95; U)' Netscape Version 3 for Windows 95 'Mozilla/2.02 (OS/2; U)' Netscape Version 2 for OS/2 'Mozilla/4.04 [en] (X11; U; AIX 4.2; Nav)' NS for AIX 'Mozilla/4.05 [en] (X11; U; Linux 2.0.32 i586)' NS for Linux Note that Internet Explorer tries hard to be compatible in every way: 'Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)' MSIE for W95 Mozilla is not the only possible User-Agent name: 'Konqueror/1.0' KDE File Manager desktop client 'Lynx/2.7.1 libwww-FM/2.14' Lynx command line browser COOKIES Cookies are generally used by web servers to keep state information at the client's side. The server sets cookies by sending a response line in the headers that looks like 'Set-Cookie: <data>' where the data part then typically contains a set of NAME=VALUE pairs (separated by semicolons ';' like "NAME1=VALUE1; NAME2=VALUE2;"). The server can also specify for what path the "cookie" should be used for (by specifying "path=value"), when the cookie should expire ("expire=DATE"), for what domain to use it ("domain=NAME") and if it should be used on secure connections only ("secure"). If you've received a page from a server that contains a header like: Set-Cookie: sessionid=boo123; path="/foo"; it means the server wants that first pair passed on when we get anything in a path beginning with "/foo". Example, get a page that wants my name passed in a cookie: curl -b "name=Daniel" www.sillypage.com Curl also has the ability to use previously received cookies in following sessions. If you get cookies from a server and store them in a file in a manner similar to: curl --dump-header headers www.example.com ... you can then in a second connect to that (or another) site, use the cookies from the 'headers' file like: curl -b headers www.example.com While saving headers to a file is a working way to store cookies, it is however error-prone and not the preferred way to do this. Instead, make curl save the incoming cookies using the well-known netscape cookie format like this: curl -c cookies.txt www.example.com Note that by specifying -b you enable the "cookie awareness" and with -L you can make curl follow a location: (which often is used in combination with cookies). So that if a site sends cookies and a location, you can use a non-existing file to trigger the cookie awareness like: curl -L -b empty.txt www.example.com The file to read cookies from must be formatted using plain HTTP headers OR as netscape's cookie file. Curl will determine what kind it is based on the file contents. In the above command, curl will parse the header and store the cookies received from www.example.com. curl will send to the server the stored cookies which match the request as it follows the location. The file "empty.txt" may be a nonexistent file. To read and write cookies from a netscape cookie file, you can set both -b and -c to use the same file: curl -b cookies.txt -c cookies.txt www.example.com PROGRESS METER The progress meter exists to show a user that something actually is happening. The different fields in the output have the following meaning: % Total % Received % Xferd Average Speed Time Curr. Dload Upload Total Current Left Speed 0 151M 0 38608 0 0 9406 0 4:41:43 0:00:04 4:41:39 9287 From left-to-right: % - percentage completed of the whole transfer Total - total size of the whole expected transfer % - percentage completed of the download Received - currently downloaded amount of bytes % - percentage completed of the upload Xferd - currently uploaded amount of bytes Average Speed Dload - the average transfer speed of the download Average Speed Upload - the average transfer speed of the upload Time Total - expected time to complete the operation Time Current - time passed since the invoke Time Left - expected time left to completion Curr.Speed - the average transfer speed the last 5 seconds (the first 5 seconds of a transfer is based on less time of course.) The -# option will display a totally different progress bar that doesn't need much explanation! SPEED LIMIT Curl allows the user to set the transfer speed conditions that must be met to let the transfer keep going. By using the switch -y and -Y you can make curl abort transfers if the transfer speed is below the specified lowest limit for a specified time. To have curl abort the download if the speed is slower than 3000 bytes per second for 1 minute, run: curl -Y 3000 -y 60 www.far-away-site.com This can very well be used in combination with the overall time limit, so that the above operation must be completed in whole within 30 minutes: curl -m 1800 -Y 3000 -y 60 www.far-away-site.com Forcing curl not to transfer data faster than a given rate is also possible, which might be useful if you're using a limited bandwidth connection and you don't want your transfer to use all of it (sometimes referred to as "bandwidth throttle"). Make curl transfer data no faster than 10 kilobytes per second: curl --limit-rate 10K www.far-away-site.com or curl --limit-rate 10240 www.far-away-site.com Or prevent curl from uploading data faster than 1 megabyte per second: curl -T upload --limit-rate 1M ftp://uploadshereplease.com When using the --limit-rate option, the transfer rate is regulated on a per-second basis, which will cause the total transfer speed to become lower than the given number. Sometimes of course substantially lower, if your transfer stalls during periods. CONFIG FILE Curl automatically tries to read the .curlrc file (or _curlrc file on win32 systems) from the user's home dir on startup. The config file could be made up with normal command line switches, but you can also specify the long options without the dashes to make it more readable. You can separate the options and the parameter with spaces, or with = or :. Comments can be used within the file. If the first letter on a line is a '#'-symbol the rest of the line is treated as a comment. If you want the parameter to contain spaces, you must enclose the entire parameter within double quotes ("). Within those quotes, you specify a quote as \". NOTE: You must specify options and their arguments on the same line. Example, set default time out and proxy in a config file: # We want a 30 minute timeout: -m 1800 # ... and we use a proxy for all accesses: proxy = proxy.our.domain.com:8080 White spaces ARE significant at the end of lines, but all white spaces leading up to the first characters of each line are ignored. Prevent curl from reading the default file by using -q as the first command line parameter, like: curl -q www.thatsite.com Force curl to get and display a local help page in case it is invoked without URL by making a config file similar to: # default url to get url = "http://help.with.curl.com/curlhelp.html" You can specify another config file to be read by using the -K/--config flag. If you set config file name to "-" it'll read the config from stdin, which can be handy if you want to hide options from being visible in process tables etc: echo "user = user:passwd" | curl -K - http://that.secret.site.com EXTRA HEADERS When using curl in your own very special programs, you may end up needing to pass on your own custom headers when getting a web page. You can do this by using the -H flag. Example, send the header "X-you-and-me: yes" to the server when getting a page: curl -H "X-you-and-me: yes" www.love.com This can also be useful in case you want curl to send a different text in a header than it normally does. The -H header you specify then replaces the header curl would normally send. If you replace an internal header with an empty one, you prevent that header from being sent. To prevent the Host: header from being used: curl -H "Host:" www.server.com FTP and PATH NAMES Do note that when getting files with the ftp:// URL, the given path is relative the directory you enter. To get the file 'README' from your home directory at your ftp site, do: curl ftp://user:passwd@my.site.com/README But if you want the README file from the root directory of that very same site, you need to specify the absolute file name: curl ftp://user:passwd@my.site.com//README (I.e with an extra slash in front of the file name.) SFTP and SCP and PATH NAMES With sftp: and scp: URLs, the path name given is the absolute name on the server. To access a file relative to the remote user's home directory, prefix the file with /~/ , such as: curl -u $USER sftp://home.example.com/~/.bashrc FTP and firewalls The FTP protocol requires one of the involved parties to open a second connection as soon as data is about to get transferred. There are two ways to do this. The default way for curl is to issue the PASV command which causes the server to open another port and await another connection performed by the client. This is good if the client is behind a firewall that doesn't allow incoming connections. curl ftp.download.com If the server, for example, is behind a firewall that doesn't allow connections on ports other than 21 (or if it just doesn't support the PASV command), the other way to do it is to use the PORT command and instruct the server to connect to the client on the given IP number and port (as parameters to the PORT command). The -P flag to curl supports a few different options. Your machine may have several IP-addresses and/or network interfaces and curl allows you to select which of them to use. Default address can also be used: curl -P - ftp.download.com Download with PORT but use the IP address of our 'le0' interface (this does not work on windows): curl -P le0 ftp.download.com Download with PORT but use 192.168.0.10 as our IP address to use: curl -P 192.168.0.10 ftp.download.com NETWORK INTERFACE Get a web page from a server using a specified port for the interface: curl --interface eth0:1 http://www.netscape.com/ or curl --interface 192.168.1.10 http://www.netscape.com/ HTTPS Secure HTTP requires SSL libraries to be installed and used when curl is built. If that is done, curl is capable of retrieving and posting documents using the HTTPS protocol. Example: curl https://www.secure-site.com Curl is also capable of using your personal certificates to get/post files from sites that require valid certificates. The only drawback is that the certificate needs to be in PEM-format. PEM is a standard and open format to store certificates with, but it is not used by the most commonly used browsers (Netscape and MSIE both use the so called PKCS#12 format). If you want curl to use the certificates you use with your (favourite) browser, you may need to download/compile a converter that can convert your browser's formatted certificates to PEM formatted ones. This kind of converter is included in recent versions of OpenSSL, and for older versions Dr Stephen N. Henson has written a patch for SSLeay that adds this functionality. You can get his patch (that requires an SSLeay installation) from his site at: http://www.drh-consultancy.demon.co.uk/ Example on how to automatically retrieve a document using a certificate with a personal password: curl -E /path/to/cert.pem:password https://secure.site.com/ If you neglect to specify the password on the command line, you will be prompted for the correct password before any data can be received. Many older SSL-servers have problems with SSLv3 or TLS, which newer versions of OpenSSL etc use, therefore it is sometimes useful to specify what SSL-version curl should use. Use -3, -2 or -1 to specify that exact SSL version to use (for SSLv3, SSLv2 or TLSv1 respectively): curl -2 https://secure.site.com/ Otherwise, curl will first attempt to use v3 and then v2. To use OpenSSL to convert your favourite browser's certificate into a PEM formatted one that curl can use, do something like this: In Netscape, you start with hitting the 'Security' menu button. Select 'certificates->yours' and then pick a certificate in the list Press the 'Export' button enter your PIN code for the certs select a proper place to save it Run the 'openssl' application to convert the certificate. If you cd to the openssl installation, you can do it like: # ./apps/openssl pkcs12 -in [file you saved] -clcerts -out [PEMfile] In Firefox, select Options, then Advanced, then the Encryption tab, View Certificates. This opens the Certificate Manager, where you can Export. Be sure to select PEM for the Save as type. In Internet Explorer, select Internet Options, then the Content tab, then Certificates. Then you can Export, and depending on the format you may need to convert to PEM. In Chrome, select Settings, then Show Advanced Settings. Under HTTPS/SSL select Manage Certificates. RESUMING FILE TRANSFERS To continue a file transfer where it was previously aborted, curl supports resume on HTTP(S) downloads as well as FTP uploads and downloads. Continue downloading a document: curl -C - -o file ftp://ftp.server.com/path/file Continue uploading a document(*1): curl -C - -T file ftp://ftp.server.com/path/file Continue downloading a document from a web server(*2): curl -C - -o file http://www.server.com/ (*1) = This requires that the FTP server supports the non-standard command SIZE. If it doesn't, curl will say so. (*2) = This requires that the web server supports at least HTTP/1.1. If it doesn't, curl will say so. TIME CONDITIONS HTTP allows a client to specify a time condition for the document it requests. It is If-Modified-Since or If-Unmodified-Since. Curl allows you to specify them with the -z/--time-cond flag. For example, you can easily make a download that only gets performed if the remote file is newer than a local copy. It would be made like: curl -z local.html http://remote.server.com/remote.html Or you can download a file only if the local file is newer than the remote one. Do this by prepending the date string with a '-', as in: curl -z -local.html http://remote.server.com/remote.html You can specify a "free text" date as condition. Tell curl to only download the file if it was updated since January 12, 2012: curl -z "Jan 12 2012" http://remote.server.com/remote.html Curl will then accept a wide range of date formats. You always make the date check the other way around by prepending it with a dash '-'. DICT For fun try curl dict://dict.org/m:curl curl dict://dict.org/d:heisenbug:jargon curl dict://dict.org/d:daniel:web1913 Aliases for 'm' are 'match' and 'find', and aliases for 'd' are 'define' and 'lookup'. For example, curl dict://dict.org/find:curl Commands that break the URL description of the RFC (but not the DICT protocol) are curl dict://dict.org/show:db curl dict://dict.org/show:strat Authentication is still missing (but this is not required by the RFC) LDAP If you have installed the OpenLDAP library, curl can take advantage of it and offer ldap:// support. LDAP is a complex thing and writing an LDAP query is not an easy task. I do advise you to dig up the syntax description for that elsewhere. One such place might be: RFC 2255, "The LDAP URL Format" https://curl.haxx.se/rfc/rfc2255.txt To show you an example, this is how I can get all people from my local LDAP server that has a certain sub-domain in their email address: curl -B "ldap://ldap.frontec.se/o=frontec??sub?mail=*sth.frontec.se" If I want the same info in HTML format, I can get it by not using the -B (enforce ASCII) flag. ENVIRONMENT VARIABLES Curl reads and understands the following environment variables: http_proxy, HTTPS_PROXY, FTP_PROXY They should be set for protocol-specific proxies. General proxy should be set with ALL_PROXY A comma-separated list of host names that shouldn't go through any proxy is set in (only an asterisk, '*' matches all hosts) NO_PROXY If the host name matches one of these strings, or the host is within the domain of one of these strings, transactions with that node will not be proxied. The usage of the -x/--proxy flag overrides the environment variables. NETRC Unix introduced the .netrc concept a long time ago. It is a way for a user to specify name and password for commonly visited FTP sites in a file so that you don't have to type them in each time you visit those sites. You realize this is a big security risk if someone else gets hold of your passwords, so therefore most unix programs won't read this file unless it is only readable by yourself (curl doesn't care though). Curl supports .netrc files if told to (using the -n/--netrc and --netrc-optional options). This is not restricted to just FTP, so curl can use it for all protocols where authentication is used. A very simple .netrc file could look something like: machine curl.haxx.se login iamdaniel password mysecret CUSTOM OUTPUT To better allow script programmers to get to know about the progress of curl, the -w/--write-out option was introduced. Using this, you can specify what information from the previous transfer you want to extract. To display the amount of bytes downloaded together with some text and an ending newline: curl -w 'We downloaded %{size_download} bytes\n' www.download.com KERBEROS FTP TRANSFER Curl supports kerberos4 and kerberos5/GSSAPI for FTP transfers. You need the kerberos package installed and used at curl build time for it to be available. First, get the krb-ticket the normal way, like with the kinit/kauth tool. Then use curl in way similar to: curl --krb private ftp://krb4site.com -u username:fakepwd There's no use for a password on the -u switch, but a blank one will make curl ask for one and you already entered the real password to kinit/kauth. TELNET The curl telnet support is basic and very easy to use. Curl passes all data passed to it on stdin to the remote server. Connect to a remote telnet server using a command line similar to: curl telnet://remote.server.com And enter the data to pass to the server on stdin. The result will be sent to stdout or to the file you specify with -o. You might want the -N/--no-buffer option to switch off the buffered output for slow connections or similar. Pass options to the telnet protocol negotiation, by using the -t option. To tell the server we use a vt100 terminal, try something like: curl -tTTYPE=vt100 telnet://remote.server.com Other interesting options for it -t include: - XDISPLOC=<X display> Sets the X display location. - NEW_ENV=<var,val> Sets an environment variable. NOTE: The telnet protocol does not specify any way to login with a specified user and password so curl can't do that automatically. To do that, you need to track when the login prompt is received and send the username and password accordingly. PERSISTENT CONNECTIONS Specifying multiple files on a single command line will make curl transfer all of them, one after the other in the specified order. libcurl will attempt to use persistent connections for the transfers so that the second transfer to the same host can use the same connection that was already initiated and was left open in the previous transfer. This greatly decreases connection time for all but the first transfer and it makes a far better use of the network. Note that curl cannot use persistent connections for transfers that are used in subsequence curl invokes. Try to stuff as many URLs as possible on the same command line if they are using the same host, as that'll make the transfers faster. If you use an HTTP proxy for file transfers, practically all transfers will be persistent. MULTIPLE TRANSFERS WITH A SINGLE COMMAND LINE As is mentioned above, you can download multiple files with one command line by simply adding more URLs. If you want those to get saved to a local file instead of just printed to stdout, you need to add one save option for each URL you specify. Note that this also goes for the -O option (but not --remote-name-all). For example: get two files and use -O for the first and a custom file name for the second: curl -O http://url.com/file.txt ftp://ftp.com/moo.exe -o moo.jpg You can also upload multiple files in a similar fashion: curl -T local1 ftp://ftp.com/moo.exe -T local2 ftp://ftp.com/moo2.txt IPv6 curl will connect to a server with IPv6 when a host lookup returns an IPv6 address and fall back to IPv4 if the connection fails. The --ipv4 and --ipv6 options can specify which address to use when both are available. IPv6 addresses can also be specified directly in URLs using the syntax: http://[2001:1890:1112:1::20]/overview.html When this style is used, the -g option must be given to stop curl from interpreting the square brackets as special globbing characters. Link local and site local addresses including a scope identifier, such as fe80::1234%1, may also be used, but the scope portion must be numeric or match an existing network interface on Linux and the percent character must be URL escaped. The previous example in an SFTP URL might look like: sftp://[fe80::1234%251]/ IPv6 addresses provided other than in URLs (e.g. to the --proxy, --interface or --ftp-port options) should not be URL encoded. METALINK Curl supports Metalink (both version 3 and 4 (RFC 5854) are supported), a way to list multiple URIs and hashes for a file. Curl will make use of the mirrors listed within for failover if there are errors (such as the file or server not being available). It will also verify the hash of the file after the download completes. The Metalink file itself is downloaded and processed in memory and not stored in the local file system. Example to use a remote Metalink file: curl --metalink http://www.example.com/example.metalink To use a Metalink file in the local file system, use FILE protocol (file://): curl --metalink file://example.metalink Please note that if FILE protocol is disabled, there is no way to use a local Metalink file at the time of this writing. Also note that if --metalink and --include are used together, --include will be ignored. This is because including headers in the response will break Metalink parser and if the headers are included in the file described in Metalink file, hash check will fail. MAILING LISTS For your convenience, we have several open mailing lists to discuss curl, its development and things relevant to this. Get all info at https://curl.haxx.se/mail/. Some of the lists available are: curl-users Users of the command line tool. How to use it, what doesn't work, new features, related tools, questions, news, installations, compilations, running, porting etc. curl-library Developers using or developing libcurl. Bugs, extensions, improvements. curl-announce Low-traffic. Only receives announcements of new public versions. At worst, that makes something like one or two mails per month, but usually only one mail every second month. curl-and-php Using the curl functions in PHP. Everything curl with a PHP angle. Or PHP with a curl angle. curl-and-python Python hackers using curl with or without the python binding pycurl. Please direct curl questions, feature requests and trouble reports to one of these mailing lists instead of mailing any individual. |
Added scriptlibs/softwareupdate/curl/docs/RELEASE-PROCEDURE.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 | curl release procedure - how to do a release ============================================ in the source code repo ----------------------- - edit `RELEASE-NOTES` to be accurate - update `docs/THANKS` - make sure all relevant changes are committed on the master branch - tag the git repo in this style: `git tag -a curl-7_34_0`. -a annotates the tag and we use underscores instead of dots in the version number. - run "./maketgz 7.34.0" to build the release tarballs. It is important that you run this on a machine with the correct set of autotools etc installed as this is what then will be shipped and used by most users on *nix like systems. - push the git commits and the new tag - gpg sign the 4 tarballs as maketgz suggests - upload the 8 resulting files to the primary download directory in the curl-www repo -------------------- - edit `Makefile` (version number and date), - edit `_newslog.html` (announce the new release) and - edit `_changes.html` (insert changes+bugfixes from RELEASE-NOTES) - commit all local changes - tag the repo with the same tag as used for the source repo - make sure all relevant changes are committed and pushed on the master branch (the web site then updates its contents automatically) on github --------- - edit the newly made release tag so that it is listed as the latest release inform ------ - send an email to curl-users, curl-announce and curl-library. Insert the RELEASE-NOTES into the mail. celebrate --------- - suitable beverage intake is encouraged for the festivities curl release scheduling ======================= Basics ------ We do releases every 8 weeks on Wednesdays. If critical problems arise, we can insert releases outside of the schedule or we can move the release date - but this is very rare. Each 8 week release cycle is split in two 4-week periods. - During the first 4 weeks after a release, we allow new features and changes to curl and libcurl. If we accept any such changes, we bump the minor number used for the next release. - During the second 4-week period we do not merge any features or changes, we then only focus on fixing bugs and polishing things to make a solid coming release. Coming dates ------------ Based on the description above, here are some planned release dates (at the time of this writing): - February 22, 2017 (version 7.53.0) - April 19, 2017 - June 14, 2017 - August 9, 2017 - October 4, 2017 - December 29, 2017 |
Added scriptlibs/softwareupdate/curl/docs/RESOURCES.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 | _ _ ____ _ Project ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| This document lists documents and standards used by curl. RFC 959 - The FTP protocol RFC 1635 - How to Use Anonymous FTP RFC 1738 - Uniform Resource Locators RFC 1777 - defines the LDAP protocol RFC 1808 - Relative Uniform Resource Locators RFC 1867 - Form-based File Upload in HTML RFC 1950 - ZLIB Compressed Data Format Specification RFC 1951 - DEFLATE Compressed Data Format Specification RFC 1952 - gzip compression format RFC 1959 - LDAP URL syntax RFC 2045-2049 - Everything you need to know about MIME! (needed for form based upload) RFC 2068 - HTTP 1.1 (obsoleted by RFC 2616) RFC 2104 - Keyed-Hashing for Message Authentication RFC 2109 - HTTP State Management Mechanism (cookie stuff) - Also, read Netscape's specification at https://curl.haxx.se/rfc/cookie_spec.html RFC 2183 - The Content-Disposition Header Field RFC 2195 - CRAM-MD5 authentication RFC 2229 - A Dictionary Server Protocol RFC 2255 - Newer LDAP URL syntax document. RFC 2231 - MIME Parameter Value and Encoded Word Extensions: Character Sets, Languages, and Continuations RFC 2388 - "Returning Values from Forms: multipart/form-data" Use this as an addition to the RFC1867 RFC 2396 - "Uniform Resource Identifiers: Generic Syntax and Semantics" This one obsoletes RFC 1738, but since RFC 1738 is often mentioned I've left it in this list. RFC 2428 - FTP Extensions for IPv6 and NATs RFC 2577 - FTP Security Considerations RFC 2616 - HTTP 1.1, the latest RFC 2617 - HTTP Authentication RFC 2718 - Guidelines for new URL Schemes RFC 2732 - Format for Literal IPv6 Addresses in URL's RFC 2818 - HTTP Over TLS (TLS is the successor to SSL) RFC 2821 - SMTP protocol RFC 2964 - Use of HTTP State Management RFC 2965 - HTTP State Management Mechanism. Cookies. Obsoletes RFC2109 RFC 3207 - SMTP over TLS RFC 4616 - PLAIN authentication RFC 4954 - SMTP Authentication |
Added scriptlibs/softwareupdate/curl/docs/ROADMAP.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 | curl the next few years - perhaps ================================= Roadmap of things Daniel Stenberg and Steve Holme want to work on next. It is intended to serve as a guideline for others for information, feedback and possible participation. QUIC ---- The standardization process of QUIC has been taken to the IETF and can be followed on the [IETF QUIC Mailing list](https://www.ietf.org/mailman/listinfo/quic). I'd like us to get on the bandwagon. Ideally, this would be done with a separate library/project to handle the binary/framing layer in a similar fashion to how HTTP/2 is implemented. This, to allow other projects to benefit from the work and to thus broaden the interest and chance of others to participate. HTTP cookies ------------ Two cookie drafts have been adopted by the httpwg in IETF and we should support them as the popular browsers will as well: [Deprecate modification of 'secure' cookies from non-secure origins](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone-00) [Cookie Prefixes](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-prefixes-00) [Firefox bug report about secure cookies](https://bugzilla.mozilla.org/show_bug.cgi?id=976073) SRV records ----------- How to find services for specific domains/hosts. curl_formadd() -------------- make sure there's an easy handle passed in to `curl_formadd()`, `curl_formget()` and `curl_formfree()` by adding replacement functions and deprecating the old ones to allow custom mallocs and more. Or perhaps even better: revamp the formpost API completely while we're at it and making something that is easier to use and understand: https://github.com/curl/curl/wiki/formpost-API-redesigned Third-party SASL ---------------- Add support for third-party SASL libraries such as Cyrus SASL. SASL authentication in LDAP --------------------------- ... Simplify the SMTP email ----------------------- Simplify the SMTP email interface so that programmers don't have to construct the body of an email that contains all the headers, alternative content, images and attachments - maintain raw interface so that programmers that want to do this can email capabilities ------------------ Allow the email protocols to return the capabilities before authenticating. This will allow an application to decide on the best authentication mechanism Win32 pthreads -------------- Allow Windows threading model to be replaced by Win32 pthreads port dynamic buffer size ------------------- Implement a dynamic buffer size to allow SFTP to use much larger buffers and possibly allow the size to be customizable by applications. Use less memory when handles are not in use? New stuff - curl ---------------- 1. Embed a language interpreter (lua?). For that middle ground where curl isn’t enough and a libcurl binding feels “too much”. Build-time conditional of course. 2. Simplify the SMTP command line so that the headers and multi-part content don't have to be constructed before calling curl Improve ------- 1. build for windows (considered hard by many users) 2. curl -h output (considered overwhelming to users) 3. we have > 200 command line options, is there a way to redo things to simplify or improve the situation as we are likely to keep adding features/options in the future too 4. authentication framework (consider merging HTTP and SASL authentication to give one API for protocols to call) 5. Perform some of the clean up from the TODO document, removing old definitions and such like that are currently earmarked to be removed years ago Remove ------ 1. makefile.vc files as there is no point in maintaining two sets of Windows makefiles. Note: These are currently being used by the Windows autobuilds |
Added scriptlibs/softwareupdate/curl/docs/SECURITY.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 | curl security for developers ============================ This document is intended to provide guidance to curl developers on how security vulnerabilities should be handled. Publishing Information ---------------------- All known and public curl or libcurl related vulnerabilities are listed on [the curl web site security page](https://curl.haxx.se/docs/security.html). Security vulnerabilities should not be entered in the project's public bug tracker unless the necessary configuration is in place to limit access to the issue to only the reporter and the project's security team. Vulnerability Handling ---------------------- The typical process for handling a new security vulnerability is as follows. No information should be made public about a vulnerability until it is formally announced at the end of this process. That means, for example that a bug tracker entry must NOT be created to track the issue since that will make the issue public and it should not be discussed on any of the project's public mailing lists. Also messages associated with any commits should not make any reference to the security nature of the commit if done prior to the public announcement. - The person discovering the issue, the reporter, reports the vulnerability privately to `curl-security@haxx.se`. That's an email alias that reaches a handful of selected and trusted people. - Messages that do not relate to the reporting or managing of an undisclosed security vulnerability in curl or libcurl are ignored and no further action is required. - A person in the security team sends an e-mail to the original reporter to acknowledge the report. - The security team investigates the report and either rejects it or accepts it. - If the report is rejected, the team writes to the reporter to explain why. - If the report is accepted, the team writes to the reporter to let him/her know it is accepted and that they are working on a fix. - The security team discusses the problem, works out a fix, considers the impact of the problem and suggests a release schedule. This discussion should involve the reporter as much as possible. - The release of the information should be "as soon as possible" and is most often synced with an upcoming release that contains the fix. If the reporter, or anyone else, thinks the next planned release is too far away then a separate earlier release for security reasons should be considered. - Write a security advisory draft about the problem that explains what the problem is, its impact, which versions it affects, solutions or workarounds, when the release is out and make sure to credit all contributors properly. - Request a CVE number from [distros@openwall](http://oss-security.openwall.org/wiki/mailing-lists/distros) when also informing and preparing them for the upcoming public security vulnerability announcement - attach the advisory draft for information. Note that 'distros' won't accept an embargo longer than 19 days and they do not care for Windows-specific flaws. For windows-specific flaws, request CVE directly from MITRE. - Update the "security advisory" with the CVE number. - The security team commits the fix in a private branch. The commit message should ideally contain the CVE number. This fix is usually also distributed to the 'distros' mailing list to allow them to use the fix prior to the public announcement. - No more than 48 hours before the release, the private branch is merged into the master branch and pushed. Once pushed, the information is accessible to the public and the actual release should follow suit immediately afterwards. The time between the push and the release is used for final tests and reviews. - The project team creates a release that includes the fix. - The project team announces the release and the vulnerability to the world in the same manner we always announce releases. It gets sent to the curl-announce, curl-library and curl-users mailing lists. - The security web page on the web site should get the new vulnerability mentioned. Pre-notification ---------------- If you think you are or should be eligible for a pre-notification about upcoming security announcements for curl, we urge OS distros and similar vendors to primarily join the distros@openwall list as that is one of the purposes of that list - and not just for curl of course. If you are not a distro or otherwise not suitable for distros@openwall and yet want pre-notifications from us, contact the curl security team with a detailed and clear explanation why this is the case. curl-security (at haxx dot se) ------------------------------ Who is on this list? There are a couple of criteria you must meet, and then we might ask you to join the list or you can ask to join it. It really isn't very formal. We basically only require that you have a long-term presence in the curl project and you have shown an understanding for the project and its way of working. You must've been around for a good while and you should have no plans in vanishing in the near future. We do not make the list of participants public mostly because it tends to vary somewhat over time and a list somewhere will only risk getting outdated. |
Added scriptlibs/softwareupdate/curl/docs/SSL-PROBLEMS.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 | _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| # SSL problems First, let's establish that we often refer to TLS and SSL interchangeably as SSL here. The current protocol is called TLS, it was called SSL a long time ago. There are several known reasons why a connection that involves SSL might fail. This is a document that attempts to details the most common ones and how to mitigate them. ## CA certs CA certs are used to digitally verify the server's certificate. You need a "ca bundle" for this. See lots of more details on this in the SSLCERTS document. ## CA bundle missing intermediate certificates When using said CA bundle to verify a server cert, you will experience problems if your CA cert does not have the certificates for the intermediates in the whole trust chain. ## Protocol version Some broken servers fail to support the protocol negotiation properly that SSL servers are supposed to handle. This may cause the connection to fail completely. Sometimes you may need to explicitly select a SSL version to use when connecting to make the connection succeed. An additional complication can be that modern SSL libraries sometimes are built with support for older SSL and TLS versions disabled! All versions of SSL are considered insecure and should be avoided. Use TLS. ## Ciphers Clients give servers a list of ciphers to select from. If the list doesn't include any ciphers the server wants/can use, the connection handshake fails. curl has recently disabled the user of a whole bunch of seriously insecure ciphers from its default set (slightly depending on SSL backend in use). You may have to explicitly provide an alternative list of ciphers for curl to use to allow the server to use a WEAK cipher for you. Note that these weak ciphers are identified as flawed. For example, this includes symmetric ciphers with less than 128 bit keys and RC4. WinSSL in Windows XP is not able to connect to servers that no longer support the legacy handshakes and algorithms used by those versions, so we advice against building curl to use WinSSL on really old Windows versions. References: https://tools.ietf.org/html/draft-popov-tls-prohibiting-rc4-01 ## Allow BEAST BEAST is the name of a TLS 1.0 attack that surfaced 2011. When adding means to mitigate this attack, it turned out that some broken servers out there in the wild didn't work properly with the BEAST mitigation in place. To make such broken servers work, the --ssl-allow-beast option was introduced. Exactly as it sounds, it re-introduces the BEAST vulnerability but on the other hand it allows curl to connect to that kind of strange servers. ## Disabling certificate revocation checks Some SSL backends may do certificate revocation checks (CRL, OCSP, etc) depending on the OS or build configuration. The --ssl-no-revoke option was introduced in 7.44.0 to disable revocation checking but currently is only supported for WinSSL (the native Windows SSL library), with an exception in the case of Windows' Untrusted Publishers blacklist which it seems can't be bypassed. This option may have broader support to accommodate other SSL backends in the future. References: https://curl.haxx.se/docs/ssl-compared.html |
Added scriptlibs/softwareupdate/curl/docs/SSLCERTS.md.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 | SSL Certificate Verification ============================ SSL is TLS ---------- SSL is the old name. It is called TLS these days. Native SSL ---------- If libcurl was built with Schannel or Secure Transport support (the native SSL libraries included in Windows and Mac OS X), then this does not apply to you. Scroll down for details on how the OS-native engines handle SSL certificates. If you're not sure, then run "curl -V" and read the results. If the version string says "WinSSL" in it, then it was built with Schannel support. It is about trust ----------------- This system is about trust. In your local CA certificate store you have certs from *trusted* Certificate Authorities that you then can use to verify that the server certificates you see are valid. They're signed by one of the CAs you trust. Which CAs do you trust? You can decide to trust the same set of companies your operating system trusts, or the set one of the known browsers trust. That's basically trust via someone else you trust. You should just be aware that modern operating systems and browsers are setup to trust *hundreds* of companies and recent years several such CAs have been found untrustworthy. Certificate Verification ------------------------ libcurl performs peer SSL certificate verification by default. This is done by using a CA certificate store that the SSL library can use to make sure the peer's server certificate is valid. If you communicate with HTTPS, FTPS or other TLS-using servers using certificates that are signed by CAs present in the store, you can be sure that the remote server really is the one it claims to be. If the remote server uses a self-signed certificate, if you don't install a CA cert store, if the server uses a certificate signed by a CA that isn't included in the store you use or if the remote host is an impostor impersonating your favorite site, and you want to transfer files from this server, do one of the following: 1. Tell libcurl to *not* verify the peer. With libcurl you disable this with `curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);` With the curl command line tool, you disable this with -k/--insecure. 2. Get a CA certificate that can verify the remote server and use the proper option to point out this CA cert for verification when connecting. For libcurl hackers: `curl_easy_setopt(curl, CURLOPT_CAPATH, capath);` With the curl command line tool: --cacert [file] 3. Add the CA cert for your server to the existing default CA certificate store. The default CA certificate store can changed at compile time with the following configure options: --with-ca-bundle=FILE: use the specified file as CA certificate store. CA certificates need to be concatenated in PEM format into this file. --with-ca-path=PATH: use the specified path as CA certificate store. CA certificates need to be stored as individual PEM files in this directory. You may need to run c_rehash after adding files there. If neither of the two options is specified, configure will try to auto-detect a setting. It's also possible to explicitly not hardcode any default store but rely on the built in default the crypto library may provide instead. You can achieve that by passing both --without-ca-bundle and --without-ca-path to the configure script. If you use Internet Explorer, this is one way to get extract the CA cert for a particular server: - View the certificate by double-clicking the padlock - Find out where the CA certificate is kept (Certificate> Authority Information Access>URL) - Get a copy of the crt file using curl - Convert it from crt to PEM using the openssl tool: openssl x509 -inform DES -in yourdownloaded.crt \ -out outcert.pem -text - Add the 'outcert.pem' to the CA certificate store or use it stand-alone as described below. If you use the 'openssl' tool, this is one way to get extract the CA cert for a particular server: - `openssl s_client -connect xxxxx.com:443 |tee logfile` - type "QUIT", followed by the "ENTER" key - The certificate will have "BEGIN CERTIFICATE" and "END CERTIFICATE" markers. - If you want to see the data in the certificate, you can do: "openssl x509 -inform PEM -in certfile -text -out certdata" where certfile is the cert you extracted from logfile. Look in certdata. - If you want to trust the certificate, you can add it to your CA certificate store or use it stand-alone as described. Just remember that the security is no better than the way you obtained the certificate. 4. If you're using the curl command line tool, you can specify your own CA cert path by setting the environment variable `CURL_CA_BUNDLE` to the path of your choice. If you're using the curl command line tool on Windows, curl will search for a CA cert file named "curl-ca-bundle.crt" in these directories and in this order: 1. application's directory 2. current working directory 3. Windows System directory (e.g. C:\windows\system32) 4. Windows Directory (e.g. C:\windows) 5. all directories along %PATH% 5. Get a better/different/newer CA cert bundle! One option is to extract the one a recent Firefox browser uses by running 'make ca-bundle' in the curl build tree root, or possibly download a version that was generated this way for you: [CA Extract](https://curl.haxx.se/docs/caextract.html) Neglecting to use one of the above methods when dealing with a server using a certificate that isn't signed by one of the certificates in the installed CA certificate store, will cause SSL to report an error ("certificate verify failed") during the handshake and SSL will then refuse further communication with that server. Certificate Verification with NSS --------------------------------- If libcurl was built with NSS support, then depending on the OS distribution, it is probably required to take some additional steps to use the system-wide CA cert db. RedHat ships with an additional module, libnsspem.so, which enables NSS to read the OpenSSL PEM CA bundle. On openSUSE you can install p11-kit-nss-trust which makes NSS use the system wide CA certificate store. NSS also has a new [database format](https://wiki.mozilla.org/NSS_Shared_DB). Starting with version 7.19.7, libcurl automatically adds the 'sql:' prefix to the certdb directory (either the hardcoded default /etc/pki/nssdb or the directory configured with SSL_DIR environment variable). To check which certdb format your distribution provides, examine the default certdb location: /etc/pki/nssdb; the new certdb format can be identified by the filenames cert9.db, key4.db, pkcs11.txt; filenames of older versions are cert8.db, key3.db, secmod.db. Certificate Verification with Schannel and Secure Transport ----------------------------------------------------------- If libcurl was built with Schannel (Microsoft's native TLS engine) or Secure Transport (Apple's native TLS engine) support, then libcurl will still perform peer certificate verification, but instead of using a CA cert bundle, it will use the certificates that are built into the OS. These are the same certificates that appear in the Internet Options control panel (under Windows) or Keychain Access application (under OS X). Any custom security rules for certificates will be honored. Schannel will run CRL checks on certificates unless peer verification is disabled. Secure Transport on iOS will run OCSP checks on certificates unless peer verification is disabled. Secure Transport on OS X will run either OCSP or CRL checks on certificates if those features are enabled, and this behavior can be adjusted in the preferences of Keychain Access. |
Added scriptlibs/softwareupdate/curl/docs/THANKS.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 | This project has been alive for many years. Countless people have provided feedback that have improved curl. Here follows a list of people that have contributed (a-z order). If you have contributed but are missing here, please let us know! "Captain Basil" "Spoon Man" Aaro Koskinen Aaron Oneal Aaron Orenstein Abram Pousada Adam D. Moss Adam Langley Adam Light Adam Piggott Adam Sampson Adam Tkac Adrian Schuur Adriano Meirelles Ajit Dhumale Aki Koskinen Akos Pasztory Akshay Vernekar Alain Danteny Alan Pinstein Albert Chin-A-Young Albert Choy Ale Vesely Alejandro Alvarez Ayllon Aleksandar Milivojevic Aleksey Tulinov Ales Novak Alessandro Ghedini Alessandro Vesely Alex Bligh Alex Chan Alex Fishman Alex Gruz Alex McLellan Alex Neblett Alex Rousskov Alex Suykov Alex Vinnik Alex aka WindEagle Alexander Beedie Alexander Dyagilev Alexander Elgert Alexander Klauer Alexander Kourakos Alexander Krasnostavsky Alexander Lazic Alexander Pepper Alexander Peslyak Alexander Sinditskiy Alexander Traud Alexander Zhuravlev Alexey Borzov Alexey Pesternikov Alexey Simak Alexey Zakhlestin Alexis Carvalho Alexis La Goutte Alfred Gebert Allen Pulsifer Alona Rossen Amol Pattekar Amr Shahin Anatol Belski Anatoli Tubman Anders Bakken Anders Gustafsson Anders Havn Andi Jahja Andre Guibert de Bruet Andre Heinecke Andreas Damm Andreas Faerber Andreas Farber Andreas Malzahn Andreas Ntaflos Andreas Olsson Andreas Rieke Andreas Roth Andreas Schuldei Andreas Streichardt Andreas Wurf Andrei Benea Andrei Cipu Andrei Kurushin Andrei Sedoi Andrej E Baranov Andrew Benham Andrew Biggs Andrew Bushnell Andrew Francis Andrew Fuller Andrew Kurushin Andrew Moise Andrew Robbins Andrew Wansink Andrew de los Reyes Andrey Labunets Andrii Moiseiev Andrés García Andy Cedilnik Andy Serpa Andy Tsouladze Angus Mackay Anthon Pang Anthony Avina Anthony Bryan Anthony G. Basile Antoine Aubert Antoine Calando Anton Bychkov Anton Kalmykov Anton Malov Anton Yabchinskiy Antonio Larrosa Arkadiusz Miskiewicz Armel Asselin Arnaud Compan Arnaud Ebalard Arthur Murray Arve Knudsen Arvid Norberg Ashish Shukla Ask Bjørn Hansen Askar Safin Ates Goral Augustus Saunders Avery Fay Axel Tillequin Balaji Parasuram Balaji Salunke Balint Szilakszi Barry Abrahamson Bart Whiteley Bas Mevissen Ben Boeckel Ben Darnell Ben Greear Ben Madsen Ben Noordhuis Ben Van Hof Ben Winslow Benbuck Nason Benjamin Gerard Benjamin Gilbert Benjamin Johnson Benjamin Kircher Benoit Neil Benoit Sigoure Bernard Leak Bernard Spil Bernhard Reutner-Fischer Bert Huijben Bertrand Demiddelaer Bertrand Simonnet Bill Doyle Bill Egert Bill Hoffman Bill Middlecamp Bill Nagel Bjoern Sikora Bjorn Augustsson Bjorn Reese Björn Stenberg Blaise Potard Bob Relyea Bob Richmond Bob Schader Bogdan Nicula Brad Burdick Brad Fitzpatrick Brad Harder Brad Hards Brad King Brad Spencer Bradford Bruce Brandon Casey Brandon Wang Brendan Jurd Brent Beardsley Brian Akins Brian Chrisman Brian Dessent Brian J. Murrell Brian Prodoehl Brian R Duffy Brian Ulm Brock Noland Bru Rom Bruce Mitchener Bruce Stephens Bruno Thomsen Bruno de Carvalho Bryan Henderson Bryan Kemp Byrial Jensen Cameron Kaiser Cameron MacMinn Camille Moncelier Caolan McNamara Carlo Wood Carsten Lange Casey O'Donnell Catalin Patulea Chad Monroe Chandrakant Bagul Charles Kerr Charles Romestant Chen Prog Chih-Chung Chang Chris "Bob Bob" Chris Araman Chris Combes Chris Conlon Chris Deidun Chris Flerackers Chris Gaukroger Chris Maltby Chris Mumford Chris Smowton Chris Young Christian Fillion Christian Grothoff Christian Heimes Christian Hägele Christian Krause Christian Kurz Christian Robottom Reis Christian Schmitz Christian Stewart Christian Vogt Christian Weisgerber Christophe Demory Christophe Legry Christopher Conroy Christopher Palow Christopher R. Palmer Christopher Stone Chungtsun Li Ciprian Badescu Claes Jakobsson Clarence Gardner Clemens Gruber Clifford Wolf Clint Clayton Cody Jones Cody Mack Colby Ranger Colin Blair Colin Hogben Colin Watson Colm Buckley Constantine Sapuntzakis Cory Benfield Cory Nelson Craig A West Craig Davison Craig Markwardt Cris Bailiff Cristian Rodríguez Curt Bogmine Cyrill Osterwalder Cédric Connes Cédric Deltheil D. Flinkmann Da-Yoon Chung Dag Ekengren Dagobert Michelsen Dambaev Alexander Damian Dixon Damien Adant Damien Vielpeau Dan Becker Dan C Dan Cristian Dan Donahue Dan Fandrich Dan Jacobson Dan Locks Dan McNulty Dan Nelson Dan Petitt Dan Torop Dan Zitter Daniel Black Daniel Cater Daniel Egger Daniel Gustafsson Daniel Hwang Daniel Johnson Daniel Kahn Gillmor Daniel Lee Hwang Daniel Melani Daniel Mentz Daniel Romero Daniel Schauenberg Daniel Seither Daniel Shahaf Daniel Steinberg Daniel Stenberg Daniel Theron Daniel at touchtunes Darryl House Darshan Mody Darío Hereñú Dave Dribin Dave Halbakken Dave Hamilton Dave May Dave Reisner Dave Thompson Dave Vasilevsky Davey Shafik David Bau David Benjamin David Binderman David Blaikie David Byron David Cohen David Eriksson David Houlder David Hull David J Meyer David James David Kalnischkies David Kierznowski David Kimdon David Lang David LeBlanc David McCreedy David Meyer David Odin David Phillips David Rosenstrauch David Ryskalczyk David Schweikert David Shaw David Strauss David Tarendash David Thiel David Walser David Woodhouse David Wright David Yan Dengminwen Denis Feklushkin Dennis Clarke Derek Higgins Detlef Schmier Didier Brisebourg Diego Bes Diego Casorran Dilyan Palauzov Dima Barsky Dima Tisnek Dimitar Boevski Dimitre Dimitrov Dimitrios Siganos Dimitris Sarris Dinar Dirk Eddelbuettel Dirk Manske Dmitri Shubin Dmitriy Sergeyev Dmitry Bartsevich Dmitry Eremin-Solenikov Dmitry Falko Dmitry Kurochkin Dmitry Popov Dmitry Rechkin Dmitry S. Baikov Dolbneff A.V Domenico Andreoli Dominick Meglio Dominik Hölzl Dominique Leuenberger Doug Kaufman Doug Porter Douglas Creager Douglas E. Wegscheid Douglas Kilpatrick Douglas R. Horner Douglas Steinwand Dov Murik Drake Arconis Duane Cathey Duncan Mac-Vicar Prett Dustin Boswell Dusty Mabe Dylan Ellicott Dylan Salisbury Early Ehlinger Ebenezer Ikonne Ed Morley Edin Kadribasic Eduard Bloch Edward Rudd Edward Sheldrake Eelco Dolstra Eetu Ojanen Egon Eckert Eldar Zaitov Ellis Pritchard Elmira A Semenova Emanuele Bovisio Emil Lerner Emil Romanus Emiliano Ida Enrico Scholz Enrik Berkhan Eramoto Masaya Eric Cooper Eric Hu Eric Landes Eric Lavigne Eric Lubin Eric Melville Eric Mertens Eric Rautman Eric Rescorla Eric Ridge Eric S. Raymond Eric Thelin Eric Vergnaud Eric Wong Eric Young Erick Nuwendam Erik Janssen Erik Johansson Ernest Beinrohr Erwan Legrand Erwin Authried Ethan Glasser Camp Eugene Kotlyarov Evan Jordan Evgeny Grin Evgeny Turnaev Eygene Ryabinkin Fabian Frank Fabian Hiernaux Fabian Keil Fabian Ruff Fabrizio Ammollo Fahim Chandurwala Fedor Karpelevitch Feist Josselin Felix Yan Felix von Leitner Feng Tu Fernando Muñoz Flavio Medeiros Florian Schoppmann Florian Weimer Forrest Cahoon Francisco Moraes Frank Gevaerts Frank Hempel Frank Keeney Frank McGeough Frank Meier Frank Ticheler Frank Van Uffelen František Kučera François Charlier Fred Machado Fred New Fred Noz Fred Stluka Frederic Lepied Fredrik Thulin Gabriel Kuri Gabriel Sjoberg Garrett Holmstrom Gary Maxwell Gaurav Malhotra Gautam Kachroo Gautam Mani Gavrie Philipson Gaz Iqbal Gaël Portay Geoff Beier Georg Horn Georg Huettenegger Georg Lippitsch Georg Wicherski Gerd v. Egidy Gergely Nagy Gerhard Herre Gerrit Bruchhäuser Ghennadi Procopciuc Giancarlo Formicuccia Giaslas Georgios Gil Weber Gilad Gilbert Ramirez Jr. Gilles Blanc Gisle Vanem Giuseppe Attardi Giuseppe D'Ambrosio Glen A Johnson Jr. Glen Nakamura Glen Scott Glenn Sheridan Google Inc. Gordon Marler Gorilla Maguila Gou Lingfeng Grant Erickson Grant Pannell Greg Hewgill Greg Morse Greg Onufer Greg Pratt Greg Zavertnik Gregory Szorc Grigory Entin Guenole Bescon Guenter Knauf Guido Berhoerster Guillaume Arluison Gunter Knauf Gustaf Hui Gustavo Grieco Gwenole Beauchesne Gökhan Şengün Götz Babin-Ebell Hamish Mackenzie Hang Kin Lau Hang Su Hanno Böck Hanno Kranzhoff Hans Steegers Hans-Jurgen May Hardeep Singh Haris Okanovic Harold Stuart Harshal Pradhan Hauke Duden He Qin Heikki Korpela Heinrich Ko Heinrich Schaefer Helwing Lutz Hendrik Visage Henrik Gaßmann Henrik Storner Henry Ludemann Herve Amblard Hidemoto Nakada Ho-chi Chen Hoi-Ho Chan Hongli Lai Howard Chu Hubert Kario Hzhijun Ian D Allen Ian Ford Ian Gulliver Ian Lynagh Ian Turner Ian Wilkes Ignacio Vazquez-Abrams Igor Franchuk Igor Novoseltsev Igor Polyakov Iida Yosiaki Ilguiz Latypov Ilja van Sprundel Immanuel Gregoire Inca R Ingmar Runge Ingo Ralf Blum Ingo Wilken Irfan Adilovic Isaac Boukris Ishan SinghLevett Ivan Avdeev Ivo Bellin Salarin Jack Zhang Jacky Lam Jacob Meuser Jacob Moshenko Jactry Zeng Jad Chamcham Jaime Fullaondo Jakub Zakrzewski James Bursa James Cheng James Clancy James Cone James Dury James Gallagher James Griffiths James Housley James MacMillan Jamie Lokier Jamie Newton Jamie Wilkinson Jan Ehrhardt Jan Koen Annot Jan Kunder Jan Schaumann Jan Van Boghout Jared Jennings Jared Lundell Jari Aalto Jari Sundell Jason Glasgow Jason Liu Jason McDonald Jason S. Priebe Javier Barroso Javier G. Sogo Jay Austin Jayesh A Shah Jaz Fresh Jean Gressmann Jean Jacques Drouin Jean-Claude Chauve Jean-Francois Bertrand Jean-Francois Durand Jean-Louis Lemaire Jean-Marc Ranger Jean-Noël Rouvignac Jean-Philippe Barrette-LaPierre Jeff Connelly Jeff Hodges Jeff Johnson Jeff King Jeff Lawson Jeff Phillips Jeff Pohlmeyer Jeff Weber Jeffrey Walton Jens Rantil Jeremy Friesner Jeremy Huddleston Jeremy Lin Jeremy Pearson Jeroen Koekkoek Jeroen Ooms Jerome Muffat-Meridol Jerome Robert Jerome Vouillon Jerry Krinock Jerry Wu Jes Badwal Jesper Jensen Jesse Noller Jesse Tan Jie He Jim Drash Jim Freeman Jim Hollinger Jim Meyering Jiri Dvorak Jiri Hruska Jiri Jaburek Jiří Malák Jocelyn Jaubert Joe Halpin Joe Malicki Joe Mason Joel Chen Joel Depooter Jofell Gallardo Johan Anderson Johan Lantz Johan Nilsson Johan van Selst Johannes Bauer Johannes Ernst Johannes Schindelin John Bradshaw John Coffey John Crow John Dennis John Dunn John E. Malmberg John Gardiner Myers John Janssen John Joseph Bachir John Kelly John Kohl John Lask John Levon John Lightsey John Marino John Marshall John McGowan John P. McCaskey John Suprock John Wanghui John Wilkinson John-Mark Bell Johnny Luong Jon Grubbs Jon Nelson Jon Sargeant Jon Seymour Jon Spencer Jon Torrey Jon Travis Jon Turner Jonas Forsman Jonas Minnberg Jonas Schnelli Jonatan Lander Jonatan Vela Jonathan Cardoso Machado Jonathan Cardoso Machado Machado Jonathan Hseu Jonathan Nieder Jongki Suwandi Joonas Kuorilehto Jose Alf Jose Kahan Josef Wolf Josh Kapell Joshua Kwan Josue Andrade Gomes Juan Barreto Juan F. Codagnone Juan Ignacio Hervás Juan RP Judson Bishop Juergen Wilke Jukka Pihl Julian Noble Julian Ospald Julian Taylor Julien Chaffraix Julien Nabet Julien Royer Jun-ichiro itojun Hagino Jurij Smakov Justin Ehlert Justin Fletcher Justin Karneges Justin Maggard János Fekete Jörg Mueller-Tolk Jörn Hartroth K. R. Walker Kai Engert Kai Noda Kai Sommerfeld Kai-Uwe Rommel Kalle Vahlman Kamil Dudka Kang Lin Kang-Jin Lee Karl Moerder Karol Pietrzak Kaspar Brand Katie Wang Kazuho Oku Kees Cook Keith MacDonald Keith McGuigan Keith Mok Ken Hirsch Ken Rastatter Kenny To Kent Boortz Keshav Krity Kevin Baughman Kevin Fisk Kevin Lussier Kevin Reed Kevin Roth Kim Minjoong Kim Rinnewitz Kim Vandry Kimmo Kinnunen Kjell Ericson Kjetil Jacobsen Klevtsov Vadim Konstantin Isakov Kris Kennaway Krishnendu Majumdar Krister Johansen Kristian Gunstone Kristian Köhntopp Kurt Fankhauser Kyle J. McKay Kyle L. Huff Kyle Sallee Kyselgov E.N Lachlan O'Dea Larry Campbell Larry Fahnoe Larry Lin Larry Stone Lars Buitinck Lars Gustafsson Lars J. Aas Lars Johannesen Lars Nilsson Lars Torben Wilson Lau Hang Kin Laurent Rabret Lauri Kasanen Legoff Vincent Lehel Bernadt Leif W Leith Bade Len Krause Lenaic Lefever Lenny Rachitsky Leon Winter Leonardo Rosati Liam Healy Lijo Antony Linas Vepstas Lindley French Ling Thio Linus Nielsen Feltzing Linus Nordberg Lior Kaplan Lisa Xu Liviu Chircu Liza Alenchery Lluís Batlle i Rossell Loic Dachary Loren Kirkby Luan Cestari Luca Altea Lucas Adamski Lucas Pardue Ludek Finstrle Ludovico Cavedon Ludwig Nussel Lukas Ruzicka Lukasz Czekierda Luke Amery Luke Call Luke Dashjr Luo Jinghua Luong Dinh Dung Luật Nguyễn Lyndon Hill Maciej Karpiuk Maciej Puzio Maciej W. Rozycki Maks Naumov Maksim Kuzevanov Maksim Stsepanenka Mamoru Tasaka Mandy Wu Manfred Schwarb Manuel Massing Marc Boucher Marc Deslauriers Marc Doughty Marc Hesse Marc Hörsken Marc Kleine-Budde Marc Renault Marcel Raad Marcel Roelofs Marcelo Echeverria Marcelo Juchem Marcin Adamski Marcin Gryszkalis Marcin Konicki Marco Deckel Marco G. Salvagno Marco Maggi Marcus Hoffmann Marcus Sundberg Marcus Webster Mario Schroeder Mark Brand Mark Butler Mark Davies Mark Eichin Mark Hamilton Mark Incley Mark Karpeles Mark Lentczner Mark Nottingham Mark Salisbury Mark Snelling Mark Tully Markus Duft Markus Elfring Markus Koetter Markus Moeller Markus Oberhumer Markus Westerlind Marquis de Muesli Martijn Koster Martin C. Martin Martin Drasar Martin Frodl Martin Hager Martin Hedenfalk Martin Jansen Martin Lemke Martin Skinner Martin Storsjö Martin Vejnár Marty Kuhrt Maruko Massimiliano Ziccardi Massimo Callegari Mateusz Loskot Mathias Axelsson Mats Lidell Matt Arsenault Matt Ford Matt Kraai Matt Veenstra Matt Witherspoon Matt Wixson Matteo Rocco Matthew Blain Matthew Clarke Matthew Hall Matthias Bolte Maurice Barnum Mauro Iorio Mauro Rappa Max Katsev Max Khon Maxim Ivanov Maxim Perenesenko Maxim Prohorov Maxime Larocque Mehmet Bozkurt Mekonikum Melissa Mears Mettgut Jamalla Michael Benedict Michael Calmer Michael Cronenworth Michael Curtis Michael Day Michael Goffioul Michael Jahn Michael Jerris Michael Kalinin Michael Kaufmann Michael König Michael Mealling Michael Mueller Michael Osipov Michael Smith Michael Stapelberg Michael Stillwell Michael Wallner Michal Bonino Michal Marek Michał Fita Michał Górny Michał Kowalczyk Michał Piechowski Michel Promonet Michele Bini Miguel Angel Miguel Diaz Mihai Ionescu Mikael Johansson Mikael Sennerholm Mike Bytnar Mike Crowe Mike Dobbs Mike Giancola Mike Hasselberg Mike Henshaw Mike Hommey Mike Mio Mike Power Mike Protts Mike Revi Miklos Nemeth Miloš Ljumović Mingliang Zhu Miroslav Franc Miroslav Spousta Mitz Wark Mohamed Lrhazi Mohammad AlSaleh Mohun Biswas Mostyn Bramley-Moore Moti Avrahami Myk Taylor Nach M. S. Nagai H Nathan Coulter Nathan O'Sullivan Nathanael Nerode Nathaniel Waisbrot Naveen Chandran Naveen Noel Neal Poole Neil Bowers Neil Dunbar Neil Spring Nic Roets Nicholas Maniscalco Nick Draffen Nick Gimbrone Nick Humfrey Nick Zitzmann Nico Baggus Nicolas Berloquin Nicolas Croiset Nicolas François Niels van Tongeren Nikita Schmidt Nikitinskit Dmitriy Niklas Angebrand Nikolai Kondrashov Nikos Mavrogiannopoulos Ning Dong Nir Soffer Nis Jorgensen Nobuhiro Ban Nodak Sodak Norbert Frese Norbert Kett Norbert Novotny Octavio Schroeder Ofer Okhin Vasilij Ola Mork Olaf Flebbe Olaf Stüben Oleg Pudeyev Oliver Gondža Oliver Graute Oliver Kuckertz Oliver Schindler Olivier Berger Olivier Brunel Orange Tsai Oren Souroujon Oren Tirosh Orgad Shaneh Ori Avtalion Oscar Koeroo Oscar Norlander P R Schaffner Paolo Piacentini Paras Sethia Pascal Terjan Pasha Kuznetsov Pasi Karkkainen Pat Ray Patrice Guerin Patricia Muscalu Patrick Bihan-Faou Patrick McManus Patrick Monnerat Patrick Rapin Patrick Scott Patrick Smith Patrick Watson Patrik Thunstrom Pau Garcia i Quiles Paul Donohue Paul Harrington Paul Howarth Paul Joyce Paul Marks Paul Marquis Paul Moore Paul Nolan Paul Oliver Paul Querna Paul Saab Pavel Cenek Pavel Orehov Pavel Raiskup Pawel A. Gajda Pawel Kierski Pedro Larroy Pedro Neves Per Malmberg Peter Bray Peter Forret Peter Frühberger Peter Gal Peter Heuchert Peter Hjalmarsson Peter Korsgaard Peter Lamberg Peter Laser Peter O'Gorman Peter Pentchev Peter Silva Peter Su Peter Sylvester Peter Todd Peter Verhas Peter Wang Peter Wu Peter Wullinger Peteris Krumins Petr Bahula Petr Novak Petr Pisar Phil Blundell Phil Karn Phil Lisiecki Phil Pellouchoud Philip Craig Philip Gladstone Philip Langdale Philippe Hameau Philippe Raoult Philippe Vaucher Pierre Pierre Brico Pierre Chapuis Pierre Joye Pierre Ynard Pooyan McSporran Pramod Sharma Prash Dush Praveen Pvs Priyanka Shah Puneet Pawaia Quagmire Quanah Gibson-Mount Quinn Slack R. Dennis Steed Radu Simionescu Rafa Muyo Rafael Antonio Rafael Sagula Rafayel Mkrtchyan Rafaël Carré Rainer Canavan Rainer Jung Rainer Koenig Rainer Müller Rajesh Naganathan Rajkumar Mandal Ralf S. Engelschall Ralph Beckmann Ralph Mitchell Ramana Mokkapati Randy Armstrong Randy McMurchy Ravi Pratap Ray Dassen Ray Pekowski Ray Satiro Razvan Cojocaru Reinhard Max Reinout van Schouwen Remi Gacogne Remo E Renato Botelho Renaud Chaillat Renaud Duhaut Renaud Guillard Renaud Lehoux Rene Bernhardt Rene Rebe Reuven Wachtfogel Reza Arbab Ricardo Cadime Rich Burridge Rich Gray Rich Rauenzahn Richard Archer Richard Atterer Richard Bramante Richard Clayton Richard Cooper Richard Gorton Richard Gray Richard Hosking Richard Michael Richard Moore Richard Prescott Richard Silverman Richard van den Berg Richy Kim Rick Jones Rick Richardson Ricki Hirner Rider Linden Rob Crittenden Rob Davies Rob Jones Rob Stanzel Rob Ward Robert A. Monat Robert B. Harris Robert D. Young Robert Foreman Robert Iakobashvili Robert Olson Robert Schumann Robert Weaver Robert Wruck Robin Cornelius Robin Johnson Robin Kay Robson Braga Araujo Rod Widdowson Rodney Simmons Rodric Glaser Rodrigo Silva Roger Leigh Roland Blom Roland Krikava Roland Zimmermann Rolland Dudemaine Romain Coltel Roman Koifman Roman Mamedov Romulo A. Ceccon Ron Parker Ron Zapp Ronnie Mose Rosimildo da Silva Roy Shan Rune Kleveland Ruslan Gazizov Rutger Hofman Ryan Braud Ryan Chan Ryan Nelson Ryan Schmidt Ryan Scott Rémy Léone S. Moonesamy Salvador Dávila Salvatore Sorrentino Sam Deane Sam Hurst Sam Roth Sam Schanken Sampo Kellomaki Samuel Díaz García Samuel Listopad Samuel Thibault Sander Gates Sandor Feldi Santhana Todatry Saqib Ali Sara Golemon Saran Neti Sascha Swiercy Saul good Saurav Babu Scott Bailey Scott Barrett Scott Cantor Scott Davis Scott McCreary Sean Boudreau Sean Burford Sebastian Mundry Sebastian Pohlschmidt Sebastian Rasmussen Senthil Raja Velu Sergei Kuzmin Sergei Nikulov Sergey Tatarincev Sergii Pylypenko Sergio Ballestrero Serj Kalichev Seshubabu Pasam Seth Mos Sh Diao Shachaf Ben-Kiki Shao Shuchao Sharad Gupta Shard Shawn Landden Shawn Poulson Shine Fan Shmulik Regev Siddhartha Prakash Jain Sidney San Martín Siegfried Gyuricsko Simon Dick Simon H. Simon Josefsson Simon Liu Simon Warta Song Ma Sonia Subramanian Spacen Jasset Spiridonoff A.V Spork Schivago Stadler Stephan Stan van de Burgt Stanislav Ivochkin Stefan Bühler Stefan Eissing Stefan Esser Stefan Kanthak Stefan Krause Stefan Neis Stefan Teleman Stefan Tomanek Stefan Ulrich Steinar H. Gunderson Stephan Bergmann Stephen Brokenshire Stephen Collyer Stephen Kick Stephen More Sterling Hughes Steve Green Steve H Truong Steve Havelka Steve Holme Steve Lhomme Steve Little Steve Marx Steve Oliphant Steve Roskowski Steven Bazyl Steven G. Johnson Steven Gu Steven M. Schweda Steven Parkes Stoned Elipot Sune Ahlgren Sven Anders Sven Neuhaus Sven Wegener Svyatoslav Mishyn Symeon Paraschoudis Sébastien Willemijns T. Bharath T. Yamada TJ Saunders Tae Hyoung Ahn Taneli Vähäkangas Tanguy Fautre Tatsuhiro Tsujikawa Temprimus Terri Oda Theodore Dubois Thomas Braun Thomas Glanzmann Thomas J. Moore Thomas Klausner Thomas L. Shinnick Thomas Lopatic Thomas Ruecker Thomas Schwinge Thomas Tonino Thorsten Schöning Tiit Pikma Till Maas Tim Ansell Tim Baker Tim Bartley Tim Chen Tim Costello Tim Harder Tim Heckman Tim Newsome Tim Rühsen Tim Sneddon Tim Stack Tim Starling Timo Sirainen Timotej Lazar Timothy Polich Tinus van den Berg Tobias Markus Tobias Rundström Tobias Stoeckmann Toby Peterson Todd A Ouska Todd Kulesza Todd Short Todd Vierling Tom Benoist Tom Donovan Tom Grace Tom Lee Tom Mattison Tom Moers Tom Mueller Tom Regner Tom Sparrow Tom Wright Tom Zerucha Tomas Hoger Tomas Jakobsson Tomas Mlcoch Tomas Pospisek Tomas Szepe Tomas Tomecek Tomasz Kojm Tomasz Lacki Tommie Gannert Tommy Tam Ton Voon Toni Moreno Tony Kelman Toon Verwaest Tor Arntsen Torben Dannhauer Torsten Foertsch Toshio Kuratomi Toshiyuki Maezawa Traian Nicolescu Travis Burtrum Troels Walsted Hansen Troy Engel Tupone Alfredo Tyler Hall Török Edwin Ulf Härnhammar Ulf Samuelsson Ulrich Doehner Ulrich Telle Ulrich Zadow Valentin David Vasy Okhin Venkat Akella Victor Snezhko Vijay Panghal Vikram Saxena Viktor Szakáts Ville Skyttä Vilmos Nebehaj Vincent Bronner Vincent Le Normand Vincent Penquerc'h Vincent Sanders Vincent Torri Vlad Grachov Vlad Ureche Vladimir Grishchenko Vladimir Lazarenko Vojtech Janota Vojtech Minarik Vojtěch Král Vsevolod Novikov W. Mark Kubacki Waldek Kozba Walter J. Mack Ward Willats Warp Kawada Warren Menzer Wayne Haigh Werner Koch Wesley Laxton Wesley Miaw Wez Furlong Wilfredo Sanchez Will Dietz Willem Sparreboom William Ahern Wojciech Zwiefka Wouter Van Rooy Wu Yongzheng Xavier Bouchoux Xiangbin Li Yaakov Selkowitz Yamada Yasuharu Yang Tse Yarram Sunil Yasuharu Yamada Yehezkel Horowitz Yehoshua Hershberg Yi Huang Yingwei Liu Yonggang Luo Yousuke Kimoto Yukihiro Kawada Yun SangHo Yuriy Sosov Yves Arrouye Yves Lejeune Zdenek Pavlas Zekun Ni Zmey Petroff Zvi Har'El afrind on github asavah on github baumanj on github bsammon on github dkjjr89 on github eXeC64 on github jonrumsey on github jveazey on github kreshano on github lukaszgn on github marc-groundctl on github neex on github nk nopjmp on github silveja1 on github swalkaus at yahoo.com tarek112 on github tommink[at]post.pl vanillajonathan on github wmsch on github zelinchen on github İsmail Dönmez Štefan Kremeň Никита Дорохин |
Added scriptlibs/softwareupdate/curl/docs/TODO.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 | _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| Things that could be nice to do in the future Things to do in project curl. Please tell us what you think, contribute and send us patches that improve things! Be aware that these are things that we could do, or have once been considered things we could do. If you want to work on any of these areas, please consider bringing it up for discussions first on the mailing list so that we all agree it is still a good idea for the project! All bugs documented in the KNOWN_BUGS document are subject for fixing! 1. libcurl 1.2 More data sharing 1.3 struct lifreq 1.4 signal-based resolver timeouts 1.5 get rid of PATH_MAX 1.6 Modified buffer size approach 1.7 Detect when called from within callbacks 1.8 CURLOPT_RESOLVE for any port number 1.9 Cache negative name resolves 1.11 minimize dependencies with dynamicly loaded modules 1.12 have form functions use CURL handle argument 1.14 Typesafe curl_easy_setopt() 1.15 Monitor connections in the connection pool 1.16 Try to URL encode given URL 1.17 Add support for IRIs 1.18 try next proxy if one doesn't work 1.19 Timeout idle connections from the pool 1.20 SRV and URI DNS records 1.21 API for URL parsing/splitting 1.23 Offer API to flush the connection pool 1.24 TCP Fast Open for windows 1.25 Remove the generated include file 2. libcurl - multi interface 2.1 More non-blocking 2.2 Better support for same name resolves 2.3 Non-blocking curl_multi_remove_handle() 2.4 Split connect and authentication process 2.5 Edge-triggered sockets should work 3. Documentation 3.1 Update date and version in man pages 3.2 Provide cmake config-file 4. FTP 4.1 HOST 4.2 Alter passive/active on failure and retry 4.3 Earlier bad letter detection 4.4 REST for large files 4.5 ASCII support 4.6 GSSAPI via Windows SSPI 4.7 STAT for LIST without data connection 5. HTTP 5.1 Better persistency for HTTP 1.0 5.2 support FF3 sqlite cookie files 5.3 Rearrange request header order 5.4 HTTP Digest using SHA-256 5.5 auth= in URLs 5.6 Refuse "downgrade" redirects 5.7 Brotli compression 5.8 QUIC 5.9 Improve formpost API 5.10 Leave secure cookies alone 5.11 Chunked transfer multipart formpost 5.12 OPTIONS * 6. TELNET 6.1 ditch stdin 6.2 ditch telnet-specific select 6.3 feature negotiation debug data 6.4 send data in chunks 7. SMTP 7.1 Pipelining 7.2 Enhanced capability support 7.3 Add CURLOPT_MAIL_CLIENT option 8. POP3 8.1 Pipelining 8.2 Enhanced capability support 9. IMAP 9.1 Enhanced capability support 10. LDAP 10.1 SASL based authentication mechanisms 11. SMB 11.1 File listing support 11.2 Honor file timestamps 11.3 Use NTLMv2 11.4 Create remote directories 12. New protocols 12.1 RSYNC 13. SSL 13.1 Disable specific versions 13.2 Provide mutex locking API 13.3 Evaluate SSL patches 13.4 Cache/share OpenSSL contexts 13.5 Export session ids 13.6 Provide callback for cert verification 13.7 improve configure --with-ssl 13.8 Support DANE 13.10 Support SSLKEYLOGFILE 13.11 Support intermediate & root pinning for PINNEDPUBLICKEY 13.12 Support HSTS 13.13 Support HPKP 14. GnuTLS 14.1 SSL engine stuff 14.2 check connection 15. WinSSL/SChannel 15.1 Add support for client certificate authentication 15.2 Add support for custom server certificate validation 15.3 Add support for the --ciphers option 16. SASL 16.1 Other authentication mechanisms 16.2 Add QOP support to GSSAPI authentication 16.3 Support binary messages (i.e.: non-base64) 17. SSH protocols 17.1 Multiplexing 17.2 SFTP performance 17.3 Support better than MD5 hostkey hash 18. Command line tool 18.1 sync 18.2 glob posts 18.3 prevent file overwriting 18.4 simultaneous parallel transfers 18.5 provide formpost headers 18.6 warning when setting an option 18.7 warning when sending binary output to terminal 18.8 offer color-coded HTTP header output 18.9 Choose the name of file in braces for complex URLs 18.10 improve how curl works in a windows console window 18.11 -w output to stderr 18.12 keep running, read instructions from pipe/socket 18.13 support metalink in http headers 18.14 --fail without --location should treat 3xx as a failure 18.15 --retry should resume 18.16 send only part of --data 18.17 consider file name from the redirected URL with -O ? 19. Build 19.1 roffit 19.2 Enable PIE and RELRO by default 20. Test suite 20.1 SSL tunnel 20.2 nicer lacking perl message 20.3 more protocols supported 20.4 more platforms supported 20.5 Add support for concurrent connections 20.6 Use the RFC6265 test suite 21. Next SONAME bump 21.1 http-style HEAD output for FTP 21.2 combine error codes 21.3 extend CURLOPT_SOCKOPTFUNCTION prototype 22. Next major release 22.1 cleanup return codes 22.2 remove obsolete defines 22.3 size_t 22.4 remove several functions 22.5 remove CURLOPT_FAILONERROR 22.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE 22.7 remove progress meter from libcurl 22.8 remove 'curl_httppost' from public ============================================================================== 1. libcurl 1.2 More data sharing curl_share_* functions already exist and work, and they can be extended to share more. For example, enable sharing of the ares channel and the connection cache. 1.3 struct lifreq Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete. To support IPv6 interface addresses for network interfaces properly. 1.4 signal-based resolver timeouts libcurl built without an asynchronous resolver library uses alarm() to time out DNS lookups. When a timeout occurs, this causes libcurl to jump from the signal handler back into the library with a sigsetjmp, which effectively causes libcurl to continue running within the signal handler. This is non-portable and could cause problems on some platforms. A discussion on the problem is available at https://curl.haxx.se/mail/lib-2008-09/0197.html Also, alarm() provides timeout resolution only to the nearest second. alarm ought to be replaced by setitimer on systems that support it. 1.5 get rid of PATH_MAX Having code use and rely on PATH_MAX is not nice: http://insanecoding.blogspot.com/2007/11/pathmax-simply-isnt.html Currently the SSH based code uses it a bit, but to remove PATH_MAX from there we need libssh2 to properly tell us when we pass in a too small buffer and its current API (as of libssh2 1.2.7) doesn't. 1.6 Modified buffer size approach Current libcurl allocates a fixed 16K size buffer for download and an additional 16K for upload. They are always unconditionally part of the easy handle. If CRLF translations are requested, an additional 32K "scratch buffer" is allocated. A total of 64K transfer buffers in the worst case. First, while the handles are not actually in use these buffers could be freed so that lingering handles just kept in queues or whatever waste less memory. Secondly, SFTP is a protocol that needs to handle many ~30K blocks at once since each need to be individually acked and therefore libssh2 must be allowed to send (or receive) many separate ones in parallel to achieve high transfer speeds. A current libcurl build with a 16K buffer makes that impossible, but one with a 512K buffer will reach MUCH faster transfers. But allocating 512K unconditionally for all buffers just in case they would like to do fast SFTP transfers at some point is not a good solution either. Dynamically allocate buffer size depending on protocol in use in combination with freeing it after each individual transfer? Other suggestions? 1.7 Detect when called from within callbacks We should set a state variable before calling callbacks, so that we subsequently can add code within libcurl that returns error if called within callbacks for when that's not supported. 1.8 CURLOPT_RESOLVE for any port number This option allows applications to set a replacement IP address for a given host + port pair. Consider making support for providing a replacement address for the host name on all port numbers. See https://github.com/curl/curl/issues/1264 1.9 Cache negative name resolves A name resolve that has failed is likely to fail when made again within a short period of time. Currently we only cache positive responses. 1.11 minimize dependencies with dynamicly loaded modules We can create a system with loadable modules/plug-ins, where these modules would be the ones that link to 3rd party libs. That would allow us to avoid having to load ALL dependencies since only the necessary ones for this app/invoke/used protocols would be necessary to load. See https://github.com/curl/curl/issues/349 1.12 have form functions use CURL handle argument curl_formadd() and curl_formget() both currently have no CURL handle argument, but both can use a callback that is set in the easy handle, and thus curl_formget() with callback cannot function without first having curl_easy_perform() (or similar) called - which is hard to grasp and a design mistake. The curl_formadd() design can probably also be reconsidered to make it easier to use and less error-prone. Probably easiest by splitting it into several function calls. 1.14 Typesafe curl_easy_setopt() One of the most common problems in libcurl using applications is the lack of type checks for curl_easy_setopt() which happens because it accepts varargs and thus can take any type. One possible solution to this is to introduce a few different versions of the setopt version for the different kinds of data you can set. curl_easy_set_num() - sets a long value curl_easy_set_large() - sets a curl_off_t value curl_easy_set_ptr() - sets a pointer curl_easy_set_cb() - sets a callback PLUS its callback data 1.15 Monitor connections in the connection pool libcurl's connection cache or pool holds a number of open connections for the purpose of possible subsequent connection reuse. It may contain a few up to a significant amount of connections. Currently, libcurl leaves all connections as they are and first when a connection is iterated over for matching or reuse purpose it is verified that it is still alive. Those connections may get closed by the server side for idleness or they may get a HTTP/2 ping from the peer to verify that they're still alive. By adding monitoring of the connections while in the pool, libcurl can detect dead connections (and close them) better and earlier, and it can handle HTTP/2 pings to keep such ones alive even when not actively doing transfers on them. 1.16 Try to URL encode given URL Given a URL that for example contains spaces, libcurl could have an option that would try somewhat harder than it does now and convert spaces to %20 and perhaps URL encoded byte values over 128 etc (basically do what the redirect following code already does). https://github.com/curl/curl/issues/514 1.17 Add support for IRIs IRIs (RFC 3987) allow localized, non-ascii, names in the URL. To properly support this, curl/libcurl would need to translate/encode the given input from the input string encoding into percent encoded output "over the wire". To make that work smoothly for curl users even on Windows, curl would probably need to be able to convert from several input encodings. 1.18 try next proxy if one doesn't work Allow an application to specify a list of proxies to try, and failing to connect to the first go on and try the next instead until the list is exhausted. Browsers support this feature at least when they specify proxies using PACs. https://github.com/curl/curl/issues/896 1.19 Timeout idle connections from the pool libcurl currently keeps connections in its connection pool for an indefinite period of time, until it either gets reused, gets noticed that it has been closed by the server or gets pruned to make room for a new connection. To reduce overhead (especially for when we add monitoring of the connections in the pool), we should introduce a timeout so that connections that have been idle for N seconds get closed. 1.20 SRV and URI DNS records Offer support for resolving SRV and URI DNS records for libcurl to know which server to connect to for various protocols (including HTTP!). 1.21 API for URL parsing/splitting libcurl has always parsed URLs internally and never exposed any API or features to allow applications to do it. Still most or many applications using libcurl need that ability. In polls to users, we've learned that many libcurl users would like to see and use such an API. 1.23 Offer API to flush the connection pool Sometimes applications want to flush all the existing connections kept alive. An API could allow a forced flush or just a forced loop that would properly close all connections that have been closed by the server already. 1.24 TCP Fast Open for windows libcurl supports the CURLOPT_TCP_FASTOPEN option since 7.49.0 for Linux and Mac OS. Windows supports TCP Fast Open starting with Windows 10, version 1607 and we should add support for it. 1.25 Remove the generated include file When curl and libcurl are built, one of the public include files are generated and is populated with a set of defines that are derevid from sizes and constants for the particular target architecture that build is made. For platforms that can select between 32 bit and 64 bit at build time, this approach makes the libcurl build only create a set of public headers suitable for one of the architectures and not both. If you build libcurl for such a platform and you want to allow applications to get built using either 32/64 version, you must generate the libcurl headers once for each setup and you must then add a replacement curl header that would itself select the correct 32 or 64 bit specific header as necessary. Your curl/curl.h alternative could then look like (replace with suitable CPP variable to check): #ifdef ARCH_32bit #include <curl32/curl.h> #else /* ARCH_64bit */ #include <curl64/curl.h> #endif A fix would either (A) fix the 32/64 setup automatically or even better (B) work away the architecture specific defines from the headers so that they can be used for all architectures independently of what libcurl was built for. 2. libcurl - multi interface 2.1 More non-blocking Make sure we don't ever loop because of non-blocking sockets returning EWOULDBLOCK or similar. Blocking cases include: - Name resolves on non-windows unless c-ares or the threaded resolver is used - HTTP proxy CONNECT operations - SOCKS proxy handshakes - file:// transfers - TELNET transfers - The "DONE" operation (post transfer protocol-specific actions) for the protocols SFTP, SMTP, FTP. Fixing Curl_done() for this is a worthy task. 2.2 Better support for same name resolves If a name resolve has been initiated for name NN and a second easy handle wants to resolve that name as well, make it wait for the first resolve to end up in the cache instead of doing a second separate resolve. This is especially needed when adding many simultaneous handles using the same host name when the DNS resolver can get flooded. 2.3 Non-blocking curl_multi_remove_handle() The multi interface has a few API calls that assume a blocking behavior, like add_handle() and remove_handle() which limits what we can do internally. The multi API need to be moved even more into a single function that "drives" everything in a non-blocking manner and signals when something is done. A remove or add would then only ask for the action to get started and then multi_perform() etc still be called until the add/remove is completed. 2.4 Split connect and authentication process The multi interface treats the authentication process as part of the connect phase. As such any failures during authentication won't trigger the relevant QUIT or LOGOFF for protocols such as IMAP, POP3 and SMTP. 2.5 Edge-triggered sockets should work The multi_socket API should work with edge-triggered socket events. One of the internal actions that need to be improved for this to work perfectly is the 'maxloops' handling in transfer.c:readwrite_data(). 3. Documentation 3.1 Update date and version in man pages 'maketgz' or another suitable script could update the .TH sections of the man pages at release time to use the current date and curl/libcurl version number. 3.2 Provide cmake config-file A config-file package is a set of files provided by us to allow applications to write cmake scripts to find and use libcurl easier. See https://github.com/curl/curl/issues/885 4. FTP 4.1 HOST HOST is a command for a client to tell which host name to use, to offer FTP servers named-based virtual hosting: https://tools.ietf.org/html/rfc7151 4.2 Alter passive/active on failure and retry When trying to connect passively to a server which only supports active connections, libcurl returns CURLE_FTP_WEIRD_PASV_REPLY and closes the connection. There could be a way to fallback to an active connection (and vice versa). https://curl.haxx.se/bug/feature.cgi?id=1754793 4.3 Earlier bad letter detection Make the detection of (bad) %0d and %0a codes in FTP URL parts earlier in the process to avoid doing a resolve and connect in vain. 4.4 REST for large files REST fix for servers not behaving well on >2GB requests. This should fail if the server doesn't set the pointer to the requested index. The tricky (impossible?) part is to figure out if the server did the right thing or not. 4.5 ASCII support FTP ASCII transfers do not follow RFC959. They don't convert the data accordingly. 4.6 GSSAPI via Windows SSPI In addition to currently supporting the SASL GSSAPI mechanism (Kerberos V5) via third-party GSS-API libraries, such as Heimdal or MIT Kerberos, also add support for GSSAPI authentication via Windows SSPI. 4.7 STAT for LIST without data connection Some FTP servers allow STAT for listing directories instead of using LIST, and the response is then sent over the control connection instead of as the otherwise usedw data connection: http://www.nsftools.com/tips/RawFTP.htm#STAT This is not detailed in any FTP specification. 5. HTTP 5.1 Better persistency for HTTP 1.0 "Better" support for persistent connections over HTTP 1.0 https://curl.haxx.se/bug/feature.cgi?id=1089001 5.2 support FF3 sqlite cookie files Firefox 3 is changing from its former format to a a sqlite database instead. We should consider how (lib)curl can/should support this. https://curl.haxx.se/bug/feature.cgi?id=1871388 5.3 Rearrange request header order Server implementors often make an effort to detect browser and to reject clients it can detect to not match. One of the last details we cannot yet control in libcurl's HTTP requests, which also can be exploited to detect that libcurl is in fact used even when it tries to impersonate a browser, is the order of the request headers. I propose that we introduce a new option in which you give headers a value, and then when the HTTP request is built it sorts the headers based on that number. We could then have internally created headers use a default value so only headers that need to be moved have to be specified. 5.4 HTTP Digest using SHA-256 RFC 7616 introduces an update to the HTTP Digest authentication specification, which amongst other thing defines how new digest algorithms can be used instead of MD5 which is considered old and not recommanded. See https://tools.ietf.org/html/rfc7616 and https://github.com/curl/curl/issues/1018 5.5 auth= in URLs Add the ability to specify the preferred authentication mechanism to use by using ;auth=<mech> in the login part of the URL. For example: http://test:pass;auth=NTLM@example.com would be equivalent to specifying --user test:pass;auth=NTLM or --user test:pass --ntlm from the command line. Additionally this should be implemented for proxy base URLs as well. 5.6 Refuse "downgrade" redirects See https://github.com/curl/curl/issues/226 Consider a way to tell curl to refuse to "downgrade" protocol with a redirect and/or possibly a bit that refuses redirect to change protocol completely. 5.7 Brotli compression Brotli compression performs better than gzip and is being implemented by browsers and servers widely. The algorithm: https://github.com/google/brotli The Firefox bug: https://bugzilla.mozilla.org/show_bug.cgi?id=366559 5.8 QUIC The standardization process of QUIC has been taken to the IETF and can be followed on the [IETF QUIC Mailing list](https://www.ietf.org/mailman/listinfo/quic). I'd like us to get on the bandwagon. Ideally, this would be done with a separate library/project to handle the binary/framing layer in a similar fashion to how HTTP/2 is implemented. This, to allow other projects to benefit from the work and to thus broaden the interest and chance of others to participate. 5.9 Improve formpost API Revamp the formpost API and making something that is easier to use and understand: https://github.com/curl/curl/wiki/formpost-API-redesigned 5.10 Leave secure cookies alone Non-secure origins (HTTP sites) should not be allowed to set or modify cookies with the 'secure' property: https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone-01 5.11 Chunked transfer multipart formpost For a case where the file is being made during the upload is progressing (like passed on stdin to the curl tool), we cannot know the size before-hand and we rather not read the entire thing into memory before it can start the upload. https://github.com/curl/curl/issues/1139 5.12 OPTIONS * HTTP defines an OPTIONS method that can be sent with an asterisk option like "OPTIONS *" to ask about options from the server and not a specific URL resource. https://tools.ietf.org/html/rfc7230#section-5.3.4 libcurl as it currently works will always sent HTTP methods with a path that starts with a slash so there's no way for an application to send a proper "OPTIONS *" using libcurl. This should be fixed. I can't think of any other non-slash paths we should support so it will probably make sense to add a new boolean option for issuign an "OPTIONS *" request. CURLOPT_OPTIONSASTERISK perhaps (and a corresponding command line option)? See https://github.com/curl/curl/issues/1280 6. TELNET 6.1 ditch stdin Reading input (to send to the remote server) on stdin is a crappy solution for library purposes. We need to invent a good way for the application to be able to provide the data to send. 6.2 ditch telnet-specific select Move the telnet support's network select() loop go away and merge the code into the main transfer loop. Until this is done, the multi interface won't work for telnet. 6.3 feature negotiation debug data Add telnet feature negotiation data to the debug callback as header data. 6.4 send data in chunks Currently, telnet sends data one byte at a time. This is fine for interactive use, but inefficient for any other. Sent data should be sent in larger chunks. 7. SMTP 7.1 Pipelining Add support for pipelining emails. 7.2 Enhanced capability support Add the ability, for an application that uses libcurl, to obtain the list of capabilities returned from the EHLO command. 7.3 Add CURLOPT_MAIL_CLIENT option Rather than use the URL to specify the mail client string to present in the HELO and EHLO commands, libcurl should support a new CURLOPT specifically for specifying this data as the URL is non-standard and to be honest a bit of a hack ;-) Please see the following thread for more information: https://curl.haxx.se/mail/lib-2012-05/0178.html 8. POP3 8.1 Pipelining Add support for pipelining commands. 8.2 Enhanced capability support Add the ability, for an application that uses libcurl, to obtain the list of capabilities returned from the CAPA command. 9. IMAP 9.1 Enhanced capability support Add the ability, for an application that uses libcurl, to obtain the list of capabilities returned from the CAPABILITY command. 10. LDAP 10.1 SASL based authentication mechanisms Currently the LDAP module only supports ldap_simple_bind_s() in order to bind to an LDAP server. However, this function sends username and password details using the simple authentication mechanism (as clear text). However, it should be possible to use ldap_bind_s() instead specifying the security context information ourselves. 11. SMB 11.1 File listing support Add support for listing the contents of a SMB share. The output should probably be the same as/similar to FTP. 11.2 Honor file timestamps The timestamp of the transferred file should reflect that of the original file. 11.3 Use NTLMv2 Currently the SMB authentication uses NTLMv1. 11.4 Create remote directories Support for creating remote directories when uploading a file to a directory that doesn't exist on the server, just like --ftp-create-dirs. 12. New protocols 12.1 RSYNC There's no RFC for the protocol or an URI/URL format. An implementation should most probably use an existing rsync library, such as librsync. 13. SSL 13.1 Disable specific versions Provide an option that allows for disabling specific SSL versions, such as SSLv2 https://curl.haxx.se/bug/feature.cgi?id=1767276 13.2 Provide mutex locking API Provide a libcurl API for setting mutex callbacks in the underlying SSL library, so that the same application code can use mutex-locking independently of OpenSSL or GnutTLS being used. 13.3 Evaluate SSL patches Evaluate/apply Gertjan van Wingerde's SSL patches: https://curl.haxx.se/mail/lib-2004-03/0087.html 13.4 Cache/share OpenSSL contexts "Look at SSL cafile - quick traces look to me like these are done on every request as well, when they should only be necessary once per SSL context (or once per handle)". The major improvement we can rather easily do is to make sure we don't create and kill a new SSL "context" for every request, but instead make one for every connection and re-use that SSL context in the same style connections are re-used. It will make us use slightly more memory but it will libcurl do less creations and deletions of SSL contexts. Technically, the "caching" is probably best implemented by getting added to the share interface so that easy handles who want to and can reuse the context specify that by sharing with the right properties set. https://github.com/curl/curl/issues/1110 13.5 Export session ids Add an interface to libcurl that enables "session IDs" to get exported/imported. Cris Bailiff said: "OpenSSL has functions which can serialise the current SSL state to a buffer of your choice, and recover/reset the state from such a buffer at a later date - this is used by mod_ssl for apache to implement and SSL session ID cache". 13.6 Provide callback for cert verification OpenSSL supports a callback for customised verification of the peer certificate, but this doesn't seem to be exposed in the libcurl APIs. Could it be? There's so much that could be done if it were! 13.7 improve configure --with-ssl make the configure --with-ssl option first check for OpenSSL, then GnuTLS, then NSS... 13.8 Support DANE DNS-Based Authentication of Named Entities (DANE) is a way to provide SSL keys and certs over DNS using DNSSEC as an alternative to the CA model. https://www.rfc-editor.org/rfc/rfc6698.txt An initial patch was posted by Suresh Krishnaswamy on March 7th 2013 (https://curl.haxx.se/mail/lib-2013-03/0075.html) but it was a too simple approach. See Daniel's comments: https://curl.haxx.se/mail/lib-2013-03/0103.html . libunbound may be the correct library to base this development on. Björn Stenberg wrote a separate initial take on DANE that was never completed. 13.10 Support SSLKEYLOGFILE When used, Firefox and Chrome dumps their master TLS keys to the file name this environment variable specifies. This allows tools like for example Wireshark to capture and decipher TLS traffic to/from those clients. libcurl could be made to support this more widely (presumably this already works when built with NSS). Peter Wu made a OpenSSL preload to make possible that can be used as inspiration and guidance https://git.lekensteyn.nl/peter/wireshark-notes/tree/src/sslkeylog.c 13.11 Support intermediate & root pinning for PINNEDPUBLICKEY CURLOPT_PINNEDPUBLICKEY does not consider the hashes of intermediate & root certificates when comparing the pinned keys. Therefore it is not compatible with "HTTP Public Key Pinning" as there also intermediate and root certificates can be pinned. This is very useful as it prevents webadmins from "locking themself out of their servers". Adding this feature would make curls pinning 100% compatible to HPKP and allow more flexible pinning. 13.12 Support HSTS "HTTP Strict Transport Security" is TOFU (trust on first use), time-based features indicated by a HTTP header send by the webserver. It is widely used in browsers and it's purpose is to prevent insecure HTTP connections after a previous HTTPS connection. It protects against SSLStripping attacks. Doc: https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security RFC 6797: https://tools.ietf.org/html/rfc6797 13.13 Support HPKP "HTTP Public Key Pinning" is TOFU (trust on first use), time-based features indicated by a HTTP header send by the webserver. It's purpose is to prevent Man-in-the-middle attacks by trusted CAs by allowing webadmins to specify which CAs/certificates/public keys to trust when connection to their websites. It can be build based on PINNEDPUBLICKEY. Wikipedia: https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning OWASP: https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning Doc: https://developer.mozilla.org/de/docs/Web/Security/Public_Key_Pinning RFC: https://tools.ietf.org/html/draft-ietf-websec-key-pinning-21 14. GnuTLS 14.1 SSL engine stuff Is this even possible? 14.2 check connection Add a way to check if the connection seems to be alive, to correspond to the SSL_peak() way we use with OpenSSL. 15. WinSSL/SChannel 15.1 Add support for client certificate authentication WinSSL/SChannel currently makes use of the OS-level system and user certificate and private key stores. This does not allow the application or the user to supply a custom client certificate using curl or libcurl. Therefore support for the existing -E/--cert and --key options should be implemented by supplying a custom certificate to the SChannel APIs, see: - Getting a Certificate for Schannel https://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx 15.2 Add support for custom server certificate validation WinSSL/SChannel currently makes use of the OS-level system and user certificate trust store. This does not allow the application or user to customize the server certificate validation process using curl or libcurl. Therefore support for the existing --cacert or --capath options should be implemented by supplying a custom certificate to the SChannel APIs, see: - Getting a Certificate for Schannel https://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx 15.3 Add support for the --ciphers option The cipher suites used by WinSSL/SChannel are configured on an OS-level instead of an application-level. This does not allow the application or the user to customize the configured cipher suites using curl or libcurl. Therefore support for the existing --ciphers option should be implemented by mapping the OpenSSL/GnuTLS cipher suites to the SChannel APIs, see - Specifying Schannel Ciphers and Cipher Strengths https://msdn.microsoft.com/en-us/library/windows/desktop/aa380161.aspx 16. SASL 16.1 Other authentication mechanisms Add support for other authentication mechanisms such as OLP, GSS-SPNEGO and others. 16.2 Add QOP support to GSSAPI authentication Currently the GSSAPI authentication only supports the default QOP of auth (Authentication), whilst Kerberos V5 supports both auth-int (Authentication with integrity protection) and auth-conf (Authentication with integrity and privacy protection). 16.3 Support binary messages (i.e.: non-base64) Mandatory to support LDAP SASL authentication. 17. SSH protocols 17.1 Multiplexing SSH is a perfectly fine multiplexed protocols which would allow libcurl to do multiple parallel transfers from the same host using the same connection, much in the same spirit as HTTP/2 does. libcurl however does not take advantage of that ability but will instead always create a new connection for new transfers even if an existing connection already exists to the host. To fix this, libcurl would have to detect an existing connection and "attach" the new transfer to the existing one. 17.2 SFTP performance libcurl's SFTP transfer performance is sub par and can be improved, mostly by the approach mentioned in "1.6 Modified buffer size approach". 17.3 Support better than MD5 hostkey hash libcurl offers the CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 option for verifying the server's key. MD5 is generally being deprecated so we should implement support for stronger hashing algorithms. libssh2 itself is what provides this underlying functionality and it supports at least SHA-1 as an alternative. SHA-1 is also being deprecated these days so we should consider workign with libssh2 to instead offer support for SHA-256 or similar. 18. Command line tool 18.1 sync "curl --sync http://example.com/feed[1-100].rss" or "curl --sync http://example.net/{index,calendar,history}.html" Downloads a range or set of URLs using the remote name, but only if the remote file is newer than the local file. A Last-Modified HTTP date header should also be used to set the mod date on the downloaded file. 18.2 glob posts Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'. This is easily scripted though. 18.3 prevent file overwriting Add an option that prevents curl from overwriting existing local files. When used, and there already is an existing file with the target file name (either -O or -o), a number should be appended (and increased if already existing). So that index.html becomes first index.html.1 and then index.html.2 etc. 18.4 simultaneous parallel transfers The client could be told to use maximum N simultaneous parallel transfers and then just make sure that happens. It should of course not make more than one connection to the same remote host. This would require the client to use the multi interface. https://curl.haxx.se/bug/feature.cgi?id=1558595 Using the multi interface would also allow properly using parallel transfers with HTTP/2 and supporting HTTP/2 server push from the command line. 18.5 provide formpost headers Extending the capabilities of the multipart formposting. How about leaving the ';type=foo' syntax as it is and adding an extra tag (headers) which works like this: curl -F "coolfiles=@fil1.txt;headers=@fil1.hdr" where fil1.hdr contains extra headers like Content-Type: text/plain; charset=KOI8-R" Content-Transfer-Encoding: base64 X-User-Comment: Please don't use browser specific HTML code which should overwrite the program reasonable defaults (plain/text, 8bit...) 18.6 warning when setting an option Display a warning when libcurl returns an error when setting an option. This can be useful to tell when support for a particular feature hasn't been compiled into the library. 18.7 warning when sending binary output to terminal Provide a way that prompts the user for confirmation before binary data is sent to the terminal, much in the style 'less' does it. 18.8 offer color-coded HTTP header output By offering different color output on the header name and the header contents, they could be made more readable and thus help users working on HTTP services. 18.9 Choose the name of file in braces for complex URLs When using braces to download a list of URLs and you use complicated names in the list of alternatives, it could be handy to allow curl to use other names when saving. Consider a way to offer that. Possibly like {partURL1:name1,partURL2:name2,partURL3:name3} where the name following the colon is the output name. See https://github.com/curl/curl/issues/221 18.10 improve how curl works in a windows console window If you pull the scrollbar when transferring with curl in a Windows console window, the transfer is interrupted and can get disconnected. This can probably be improved. See https://github.com/curl/curl/issues/322 18.11 -w output to stderr -w is quite useful, but not to those of us who use curl without -o or -O (such as for scripting through a higher level language). It would be nice to have an option that is exactly like -w but sends it to stderr instead. Proposed name: --write-stderr. See https://github.com/curl/curl/issues/613 18.12 keep running, read instructions from pipe/socket Provide an option that makes curl not exit after the last URL (or even work without a given URL), and then make it read instructions passed on a pipe or over a socket to make further instructions so that a second subsequent curl invoke can talk to the still running instance and ask for transfers to get done, and thus maintain its connection pool, DNS cache and more. 18.13 support metalink in http headers Curl has support for downloading a metalink xml file, processing it, and then downloading the target of the metalink. This is done via the --metalink option. It would be nice if metalink also supported downloading via metalink information that is stored in HTTP headers (RFC 6249). Theoretically this could also be supported with the --metalink option. See https://tools.ietf.org/html/rfc6249 See also https://lists.gnu.org/archive/html/bug-wget/2015-06/msg00034.html for an implematation of this in wget. 18.14 --fail without --location should treat 3xx as a failure To allow a command line like this to detect a redirect and consider it a failure: curl -v --fail -O https://example.com/curl-7.48.0.tar.gz ... --fail must treat 3xx responses as failures too. The least problematic way to implement this is probably to add that new logic in the command line tool only and not in the underlying CURLOPT_FAILONERROR logic. 18.15 --retry should resume When --retry is used and curl actually retries transfer, it should use the already transfered data and do a resumed transfer for the rest (when possible) so that it doesn't have to transfer the same data again that was already tranfered before the retry. See https://github.com/curl/curl/issues/1084 18.16 send only part of --data When the user only wants to send a small piece of the data provided with --data or --data-binary, like when that data is a huge file, consider a way to specify that curl should only send a piece of that. One suggested syntax would be: "--data-binary @largefile.zip!1073741823-2147483647". See https://github.com/curl/curl/issues/1200 18.17 consider file name from the redirected URL with -O ? When a user gives a URL and uses -O, and curl follows a redirect to a new URL, the file name is not extracted and used from the newly redirected-to URL even if the new URL may have a much more sensible file name. This is clearly documented and helps for security since there's no surprise to users which file name that might get overwritten. But maybe a new option could allow for this or maybe -J should imply such a treatment as well as -J already allows for the server to decide what file name to use so it already provides the "may overwrite any file" risk. This is extra tricky if the original URL has no file name part at all since then the current code path will error out with an error message, and we can't *know* already at that point if curl will be redirected to a URL that has a file name... See https://github.com/curl/curl/issues/1241 19. Build 19.1 roffit Consider extending 'roffit' to produce decent ASCII output, and use that instead of (g)nroff when building src/tool_hugehelp.c 19.2 Enable PIE and RELRO by default Especially when having programs that execute curl via the command line, PIE renders the exploitation of memory corruption vulnerabilities a lot more difficult. This can be attributed to the additional information leaks being required to conduct a successful attack. RELRO, on the other hand, masks different binary sections like the GOT as read-only and thus kills a handful of techniques that come in handy when attackers are able to arbitrarily overwrite memory. A few tests showed that enabling these features had close to no impact, neither on the performance nor on the general functionality of curl. 20. Test suite 20.1 SSL tunnel Make our own version of stunnel for simple port forwarding to enable HTTPS and FTP-SSL tests without the stunnel dependency, and it could allow us to provide test tools built with either OpenSSL or GnuTLS 20.2 nicer lacking perl message If perl wasn't found by the configure script, don't attempt to run the tests but explain something nice why it doesn't. 20.3 more protocols supported Extend the test suite to include more protocols. The telnet could just do FTP or http operations (for which we have test servers). 20.4 more platforms supported Make the test suite work on more platforms. OpenBSD and Mac OS. Remove fork()s and it should become even more portable. 20.5 Add support for concurrent connections Tests 836, 882 and 938 were designed to verify that separate connections aren't used when using different login credentials in protocols that shouldn't re-use a connection under such circumstances. Unfortunately, ftpserver.pl doesn't appear to support multiple concurrent connections. The read while() loop seems to loop until it receives a disconnect from the client, where it then enters the waiting for connections loop. When the client opens a second connection to the server, the first connection hasn't been dropped (unless it has been forced - which we shouldn't do in these tests) and thus the wait for connections loop is never entered to receive the second connection. 20.6 Use the RFC6265 test suite A test suite made for HTTP cookies (RFC 6265) by Adam Barth is available at https://github.com/abarth/http-state/tree/master/tests It'd be really awesome if someone would write a script/setup that would run curl with that test suite and detect deviances. Ideally, that would even be incorporated into our regular test suite. 21. Next SONAME bump 21.1 http-style HEAD output for FTP #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers from being output in NOBODY requests over FTP 21.2 combine error codes Combine some of the error codes to remove duplicates. The original numbering should not be changed, and the old identifiers would be macroed to the new ones in an CURL_NO_OLDIES section to help with backward compatibility. Candidates for removal and their replacements: CURLE_FILE_COULDNT_READ_FILE => CURLE_REMOTE_FILE_NOT_FOUND CURLE_FTP_COULDNT_RETR_FILE => CURLE_REMOTE_FILE_NOT_FOUND CURLE_FTP_COULDNT_USE_REST => CURLE_RANGE_ERROR CURLE_FUNCTION_NOT_FOUND => CURLE_FAILED_INIT CURLE_LDAP_INVALID_URL => CURLE_URL_MALFORMAT CURLE_TFTP_NOSUCHUSER => CURLE_TFTP_ILLEGAL CURLE_TFTP_NOTFOUND => CURLE_REMOTE_FILE_NOT_FOUND CURLE_TFTP_PERM => CURLE_REMOTE_ACCESS_DENIED 21.3 extend CURLOPT_SOCKOPTFUNCTION prototype The current prototype only provides 'purpose' that tells what the connection/socket is for, but not any protocol or similar. It makes it hard for applications to differentiate on TCP vs UDP and even HTTP vs FTP and similar. 22. Next major release 22.1 cleanup return codes curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a CURLMcode. These should be changed to be the same. 22.2 remove obsolete defines remove obsolete defines from curl/curl.h 22.3 size_t make several functions use size_t instead of int in their APIs 22.4 remove several functions remove the following functions from the public API: curl_getenv curl_mprintf (and variations) curl_strequal curl_strnequal They will instead become curlx_ - alternatives. That makes the curl app still capable of using them, by building with them from source. These functions have no purpose anymore: curl_multi_socket curl_multi_socket_all 22.5 remove CURLOPT_FAILONERROR Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird internally. Let the app judge success or not for itself. 22.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE Remove support for a global DNS cache. Anything global is silly, and we already offer the share interface for the same functionality but done "right". 22.7 remove progress meter from libcurl The internally provided progress meter output doesn't belong in the library. Basically no application wants it (apart from curl) but instead applications can and should do their own progress meters using the progress callback. The progress callback should then be bumped as well to get proper 64bit variable types passed to it instead of doubles so that big files work correctly. 22.8 remove 'curl_httppost' from public curl_formadd() was made to fill in a public struct, but the fact that the struct is public is never really used by application for their own advantage but instead often restricts how the form functions can or can't be modified. Changing them to return a private handle will benefit the implementation and allow us much greater freedoms while still maintaining a solid API and ABI. |
Added scriptlibs/softwareupdate/curl/docs/TheArtOfHttpScripting.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 | _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| The Art Of Scripting HTTP Requests Using Curl 1. HTTP Scripting 1.1 Background 1.2 The HTTP Protocol 1.3 See the Protocol 1.4 See the Timing 1.5 See the Response 2. URL 2.1 Spec 2.2 Host 2.3 Port number 2.4 User name and password 2.5 Path part 3. Fetch a page 3.1 GET 3.2 HEAD 3.3 Multiple URLs in a single command line 3.4 Multiple HTTP methods in a single command line 4. HTML forms 4.1 Forms explained 4.2 GET 4.3 POST 4.4 File Upload POST 4.5 Hidden Fields 4.6 Figure Out What A POST Looks Like 5. HTTP upload 5.1 PUT 6. HTTP Authentication 6.1 Basic Authentication 6.2 Other Authentication 6.3 Proxy Authentication 6.4 Hiding credentials 7. More HTTP Headers 7.1 Referer 7.2 User Agent 8. Redirects 8.1 Location header 8.2 Other redirects 9. Cookies 9.1 Cookie Basics 9.2 Cookie options 10. HTTPS 10.1 HTTPS is HTTP secure 10.2 Certificates 11. Custom Request Elements 11.1 Modify method and headers 11.2 More on changed methods 12. Web Login 12.1 Some login tricks 13. Debug 13.1 Some debug tricks 14. References 14.1 Standards 14.2 Sites ============================================================================== 1. HTTP Scripting 1.1 Background This document assumes that you're familiar with HTML and general networking. The increasing amount of applications moving to the web has made "HTTP Scripting" more frequently requested and wanted. To be able to automatically extract information from the web, to fake users, to post or upload data to web servers are all important tasks today. Curl is a command line tool for doing all sorts of URL manipulations and transfers, but this particular document will focus on how to use it when doing HTTP requests for fun and profit. I'll assume that you know how to invoke 'curl --help' or 'curl --manual' to get basic information about it. Curl is not written to do everything for you. It makes the requests, it gets the data, it sends data and it retrieves the information. You probably need to glue everything together using some kind of script language or repeated manual invokes. 1.2 The HTTP Protocol HTTP is the protocol used to fetch data from web servers. It is a very simple protocol that is built upon TCP/IP. The protocol also allows information to get sent to the server from the client using a few different methods, as will be shown here. HTTP is plain ASCII text lines being sent by the client to a server to request a particular action, and then the server replies a few text lines before the actual requested content is sent to the client. The client, curl, sends a HTTP request. The request contains a method (like GET, POST, HEAD etc), a number of request headers and sometimes a request body. The HTTP server responds with a status line (indicating if things went well), response headers and most often also a response body. The "body" part is the plain data you requested, like the actual HTML or the image etc. 1.3 See the Protocol Using curl's option --verbose (-v as a short option) will display what kind of commands curl sends to the server, as well as a few other informational texts. --verbose is the single most useful option when it comes to debug or even understand the curl<->server interaction. Sometimes even --verbose is not enough. Then --trace and --trace-ascii offer even more details as they show EVERYTHING curl sends and receives. Use it like this: curl --trace-ascii debugdump.txt http://www.example.com/ 1.4 See the Timing Many times you may wonder what exactly is taking all the time, or you just want to know the amount of milliseconds between two points in a transfer. For those, and other similar situations, the --trace-time option is what you need. It'll prepend the time to each trace output line: curl --trace-ascii d.txt --trace-time http://example.com/ 1.5 See the Response By default curl sends the response to stdout. You need to redirect it somewhere to avoid that, most often that is done with -o or -O. 2. URL 2.1 Spec The Uniform Resource Locator format is how you specify the address of a particular resource on the Internet. You know these, you've seen URLs like https://curl.haxx.se or https://yourbank.com a million times. RFC 3986 is the canonical spec. And yeah, the formal name is not URL, it is URI. 2.2 Host The host name is usually resolved using DNS or your /etc/hosts file to an IP address and that's what curl will communicate with. Alternatively you specify the IP address directly in the URL instead of a name. For development and other trying out situations, you can point to a different IP address for a host name than what would otherwise be used, by using curl's --resolve option: curl --resolve www.example.org:80:127.0.0.1 http://www.example.org/ 2.3 Port number Each protocol curl supports operates on a default port number, be it over TCP or in some cases UDP. Normally you don't have to take that into consideration, but at times you run test servers on other ports or similar. Then you can specify the port number in the URL with a colon and a number immediately following the host name. Like when doing HTTP to port 1234: curl http://www.example.org:1234/ The port number you specify in the URL is the number that the server uses to offer its services. Sometimes you may use a local proxy, and then you may need to specify that proxy's port number separately for what curl needs to connect to locally. Like when using a HTTP proxy on port 4321: curl --proxy http://proxy.example.org:4321 http://remote.example.org/ 2.4 User name and password Some services are setup to require HTTP authentication and then you need to provide name and password which is then transferred to the remote site in various ways depending on the exact authentication protocol used. You can opt to either insert the user and password in the URL or you can provide them separately: curl http://user:password@example.org/ or curl -u user:password http://example.org/ You need to pay attention that this kind of HTTP authentication is not what is usually done and requested by user-oriented web sites these days. They tend to use forms and cookies instead. 2.5 Path part The path part is just sent off to the server to request that it sends back the associated response. The path is what is to the right side of the slash that follows the host name and possibly port number. 3. Fetch a page 3.1 GET The simplest and most common request/operation made using HTTP is to GET a URL. The URL could itself refer to a web page, an image or a file. The client issues a GET request to the server and receives the document it asked for. If you issue the command line curl https://curl.haxx.se you get a web page returned in your terminal window. The entire HTML document that that URL holds. All HTTP replies contain a set of response headers that are normally hidden, use curl's --include (-i) option to display them as well as the rest of the document. 3.2 HEAD You can ask the remote server for ONLY the headers by using the --head (-I) option which will make curl issue a HEAD request. In some special cases servers deny the HEAD method while others still work, which is a particular kind of annoyance. The HEAD method is defined and made so that the server returns the headers exactly the way it would do for a GET, but without a body. It means that you may see a Content-Length: in the response headers, but there must not be an actual body in the HEAD response. 3.3 Multiple URLs in a single command line A single curl command line may involve one or many URLs. The most common case is probably to just use one, but you can specify any amount of URLs. Yes any. No limits. You'll then get requests repeated over and over for all the given URLs. Example, send two GETs: curl http://url1.example.com http://url2.example.com If you use --data to POST to the URL, using multiple URLs means that you send that same POST to all the given URLs. Example, send two POSTs: curl --data name=curl http://url1.example.com http://url2.example.com 3.4 Multiple HTTP methods in a single command line Sometimes you need to operate on several URLs in a single command line and do different HTTP methods on each. For this, you'll enjoy the --next option. It is basically a separator that separates a bunch of options from the next. All the URLs before --next will get the same method and will get all the POST data merged into one. When curl reaches the --next on the command line, it'll sort of reset the method and the POST data and allow a new set. Perhaps this is best shown with a few examples. To send first a HEAD and then a GET: curl -I http://example.com --next http://example.com To first send a POST and then a GET: curl -d score=10 http://example.com/post.cgi --next http://example.com/results.html 4. HTML forms 4.1 Forms explained Forms are the general way a web site can present a HTML page with fields for the user to enter data in, and then press some kind of 'OK' or 'Submit' button to get that data sent to the server. The server then typically uses the posted data to decide how to act. Like using the entered words to search in a database, or to add the info in a bug tracking system, display the entered address on a map or using the info as a login-prompt verifying that the user is allowed to see what it is about to see. Of course there has to be some kind of program on the server end to receive the data you send. You cannot just invent something out of the air. 4.2 GET A GET-form uses the method GET, as specified in HTML like: <form method="GET" action="junk.cgi"> <input type=text name="birthyear"> <input type=submit name=press value="OK"> </form> In your favorite browser, this form will appear with a text box to fill in and a press-button labeled "OK". If you fill in '1905' and press the OK button, your browser will then create a new URL to get for you. The URL will get "junk.cgi?birthyear=1905&press=OK" appended to the path part of the previous URL. If the original form was seen on the page "www.hotmail.com/when/birth.html", the second page you'll get will become "www.hotmail.com/when/junk.cgi?birthyear=1905&press=OK". Most search engines work this way. To make curl do the GET form post for you, just enter the expected created URL: curl "http://www.hotmail.com/when/junk.cgi?birthyear=1905&press=OK" 4.3 POST The GET method makes all input field names get displayed in the URL field of your browser. That's generally a good thing when you want to be able to bookmark that page with your given data, but it is an obvious disadvantage if you entered secret information in one of the fields or if there are a large amount of fields creating a very long and unreadable URL. The HTTP protocol then offers the POST method. This way the client sends the data separated from the URL and thus you won't see any of it in the URL address field. The form would look very similar to the previous one: <form method="POST" action="junk.cgi"> <input type=text name="birthyear"> <input type=submit name=press value=" OK "> </form> And to use curl to post this form with the same data filled in as before, we could do it like: curl --data "birthyear=1905&press=%20OK%20" \ http://www.example.com/when.cgi This kind of POST will use the Content-Type application/x-www-form-urlencoded and is the most widely used POST kind. The data you send to the server MUST already be properly encoded, curl will not do that for you. For example, if you want the data to contain a space, you need to replace that space with %20 etc. Failing to comply with this will most likely cause your data to be received wrongly and messed up. Recent curl versions can in fact url-encode POST data for you, like this: curl --data-urlencode "name=I am Daniel" http://www.example.com If you repeat --data several times on the command line, curl will concatenate all the given data pieces - and put a '&' symbol between each data segment. 4.4 File Upload POST Back in late 1995 they defined an additional way to post data over HTTP. It is documented in the RFC 1867, why this method sometimes is referred to as RFC1867-posting. This method is mainly designed to better support file uploads. A form that allows a user to upload a file could be written like this in HTML: <form method="POST" enctype='multipart/form-data' action="upload.cgi"> <input type=file name=upload> <input type=submit name=press value="OK"> </form> This clearly shows that the Content-Type about to be sent is multipart/form-data. To post to a form like this with curl, you enter a command line like: curl --form upload=@localfilename --form press=OK [URL] 4.5 Hidden Fields A very common way for HTML based applications to pass state information between pages is to add hidden fields to the forms. Hidden fields are already filled in, they aren't displayed to the user and they get passed along just as all the other fields. A similar example form with one visible field, one hidden field and one submit button could look like: <form method="POST" action="foobar.cgi"> <input type=text name="birthyear"> <input type=hidden name="person" value="daniel"> <input type=submit name="press" value="OK"> </form> To POST this with curl, you won't have to think about if the fields are hidden or not. To curl they're all the same: curl --data "birthyear=1905&press=OK&person=daniel" [URL] 4.6 Figure Out What A POST Looks Like When you're about fill in a form and send to a server by using curl instead of a browser, you're of course very interested in sending a POST exactly the way your browser does. An easy way to get to see this, is to save the HTML page with the form on your local disk, modify the 'method' to a GET, and press the submit button (you could also change the action URL if you want to). You will then clearly see the data get appended to the URL, separated with a '?'-letter as GET forms are supposed to. 5. HTTP upload 5.1 PUT Perhaps the best way to upload data to a HTTP server is to use PUT. Then again, this of course requires that someone put a program or script on the server end that knows how to receive a HTTP PUT stream. Put a file to a HTTP server with curl: curl --upload-file uploadfile http://www.example.com/receive.cgi 6. HTTP Authentication 6.1 Basic Authentication HTTP Authentication is the ability to tell the server your username and password so that it can verify that you're allowed to do the request you're doing. The Basic authentication used in HTTP (which is the type curl uses by default) is *plain* *text* based, which means it sends username and password only slightly obfuscated, but still fully readable by anyone that sniffs on the network between you and the remote server. To tell curl to use a user and password for authentication: curl --user name:password http://www.example.com 6.2 Other Authentication The site might require a different authentication method (check the headers returned by the server), and then --ntlm, --digest, --negotiate or even --anyauth might be options that suit you. 6.3 Proxy Authentication Sometimes your HTTP access is only available through the use of a HTTP proxy. This seems to be especially common at various companies. A HTTP proxy may require its own user and password to allow the client to get through to the Internet. To specify those with curl, run something like: curl --proxy-user proxyuser:proxypassword curl.haxx.se If your proxy requires the authentication to be done using the NTLM method, use --proxy-ntlm, if it requires Digest use --proxy-digest. If you use any one of these user+password options but leave out the password part, curl will prompt for the password interactively. 6.4 Hiding credentials Do note that when a program is run, its parameters might be possible to see when listing the running processes of the system. Thus, other users may be able to watch your passwords if you pass them as plain command line options. There are ways to circumvent this. It is worth noting that while this is how HTTP Authentication works, very many web sites will not use this concept when they provide logins etc. See the Web Login chapter further below for more details on that. 7. More HTTP Headers 7.1 Referer A HTTP request may include a 'referer' field (yes it is misspelled), which can be used to tell from which URL the client got to this particular resource. Some programs/scripts check the referer field of requests to verify that this wasn't arriving from an external site or an unknown page. While this is a stupid way to check something so easily forged, many scripts still do it. Using curl, you can put anything you want in the referer-field and thus more easily be able to fool the server into serving your request. Use curl to set the referer field with: curl --referer http://www.example.come http://www.example.com 7.2 User Agent Very similar to the referer field, all HTTP requests may set the User-Agent field. It names what user agent (client) that is being used. Many applications use this information to decide how to display pages. Silly web programmers try to make different pages for users of different browsers to make them look the best possible for their particular browsers. They usually also do different kinds of javascript, vbscript etc. At times, you will see that getting a page with curl will not return the same page that you see when getting the page with your browser. Then you know it is time to set the User Agent field to fool the server into thinking you're one of those browsers. To make curl look like Internet Explorer 5 on a Windows 2000 box: curl --user-agent "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" [URL] Or why not look like you're using Netscape 4.73 on an old Linux box: curl --user-agent "Mozilla/4.73 [en] (X11; U; Linux 2.2.15 i686)" [URL] 8. Redirects 8.1 Location header When a resource is requested from a server, the reply from the server may include a hint about where the browser should go next to find this page, or a new page keeping newly generated output. The header that tells the browser to redirect is Location:. Curl does not follow Location: headers by default, but will simply display such pages in the same manner it displays all HTTP replies. It does however feature an option that will make it attempt to follow the Location: pointers. To tell curl to follow a Location: curl --location http://www.example.com If you use curl to POST to a site that immediately redirects you to another page, you can safely use --location (-L) and --data/--form together. Curl will only use POST in the first request, and then revert to GET in the following operations. 8.2 Other redirects Browser typically support at least two other ways of redirects that curl doesn't: first the html may contain a meta refresh tag that asks the browser to load a specific URL after a set number of seconds, or it may use javascript to do it. 9. Cookies 9.1 Cookie Basics The way the web browsers do "client side state control" is by using cookies. Cookies are just names with associated contents. The cookies are sent to the client by the server. The server tells the client for what path and host name it wants the cookie sent back, and it also sends an expiration date and a few more properties. When a client communicates with a server with a name and path as previously specified in a received cookie, the client sends back the cookies and their contents to the server, unless of course they are expired. Many applications and servers use this method to connect a series of requests into a single logical session. To be able to use curl in such occasions, we must be able to record and send back cookies the way the web application expects them. The same way browsers deal with them. 9.2 Cookie options The simplest way to send a few cookies to the server when getting a page with curl is to add them on the command line like: curl --cookie "name=Daniel" http://www.example.com Cookies are sent as common HTTP headers. This is practical as it allows curl to record cookies simply by recording headers. Record cookies with curl by using the --dump-header (-D) option like: curl --dump-header headers_and_cookies http://www.example.com (Take note that the --cookie-jar option described below is a better way to store cookies.) Curl has a full blown cookie parsing engine built-in that comes in use if you want to reconnect to a server and use cookies that were stored from a previous connection (or hand-crafted manually to fool the server into believing you had a previous connection). To use previously stored cookies, you run curl like: curl --cookie stored_cookies_in_file http://www.example.com Curl's "cookie engine" gets enabled when you use the --cookie option. If you only want curl to understand received cookies, use --cookie with a file that doesn't exist. Example, if you want to let curl understand cookies from a page and follow a location (and thus possibly send back cookies it received), you can invoke it like: curl --cookie nada --location http://www.example.com Curl has the ability to read and write cookie files that use the same file format that Netscape and Mozilla once used. It is a convenient way to share cookies between scripts or invokes. The --cookie (-b) switch automatically detects if a given file is such a cookie file and parses it, and by using the --cookie-jar (-c) option you'll make curl write a new cookie file at the end of an operation: curl --cookie cookies.txt --cookie-jar newcookies.txt \ http://www.example.com 10. HTTPS 10.1 HTTPS is HTTP secure There are a few ways to do secure HTTP transfers. By far the most common protocol for doing this is what is generally known as HTTPS, HTTP over SSL. SSL encrypts all the data that is sent and received over the network and thus makes it harder for attackers to spy on sensitive information. SSL (or TLS as the latest version of the standard is called) offers a truckload of advanced features to allow all those encryptions and key infrastructure mechanisms encrypted HTTP requires. Curl supports encrypted fetches when built to use a TLS library and it can be built to use one out of a fairly large set of libraries - "curl -V" will show which one your curl was built to use (if any!). To get a page from a HTTPS server, simply run curl like: curl https://secure.example.com 10.2 Certificates In the HTTPS world, you use certificates to validate that you are the one you claim to be, as an addition to normal passwords. Curl supports client- side certificates. All certificates are locked with a pass phrase, which you need to enter before the certificate can be used by curl. The pass phrase can be specified on the command line or if not, entered interactively when curl queries for it. Use a certificate with curl on a HTTPS server like: curl --cert mycert.pem https://secure.example.com curl also tries to verify that the server is who it claims to be, by verifying the server's certificate against a locally stored CA cert bundle. Failing the verification will cause curl to deny the connection. You must then use --insecure (-k) in case you want to tell curl to ignore that the server can't be verified. More about server certificate verification and ca cert bundles can be read in the SSLCERTS document, available online here: https://curl.haxx.se/docs/sslcerts.html At times you may end up with your own CA cert store and then you can tell curl to use that to verify the server's certificate: curl --cacert ca-bundle.pem https://example.com/ 11. Custom Request Elements 11.1 Modify method and headers Doing fancy stuff, you may need to add or change elements of a single curl request. For example, you can change the POST request to a PROPFIND and send the data as "Content-Type: text/xml" (instead of the default Content-Type) like this: curl --data "<xml>" --header "Content-Type: text/xml" \ --request PROPFIND url.com You can delete a default header by providing one without content. Like you can ruin the request by chopping off the Host: header: curl --header "Host:" http://www.example.com You can add headers the same way. Your server may want a "Destination:" header, and you can add it: curl --header "Destination: http://nowhere" http://example.com 11.2 More on changed methods It should be noted that curl selects which methods to use on its own depending on what action to ask for. -d will do POST, -I will do HEAD and so on. If you use the --request / -X option you can change the method keyword curl selects, but you will not modify curl's behavior. This means that if you for example use -d "data" to do a POST, you can modify the method to a PROPFIND with -X and curl will still think it sends a POST. You can change the normal GET to a POST method by simply adding -X POST in a command line like: curl -X POST http://example.org/ ... but curl will still think and act as if it sent a GET so it won't send any request body etc. 12. Web Login 12.1 Some login tricks While not strictly just HTTP related, it still causes a lot of people problems so here's the executive run-down of how the vast majority of all login forms work and how to login to them using curl. It can also be noted that to do this properly in an automated fashion, you will most certainly need to script things and do multiple curl invokes etc. First, servers mostly use cookies to track the logged-in status of the client, so you will need to capture the cookies you receive in the responses. Then, many sites also set a special cookie on the login page (to make sure you got there through their login page) so you should make a habit of first getting the login-form page to capture the cookies set there. Some web-based login systems feature various amounts of javascript, and sometimes they use such code to set or modify cookie contents. Possibly they do that to prevent programmed logins, like this manual describes how to... Anyway, if reading the code isn't enough to let you repeat the behavior manually, capturing the HTTP requests done by your browsers and analyzing the sent cookies is usually a working method to work out how to shortcut the javascript need. In the actual <form> tag for the login, lots of sites fill-in random/session or otherwise secretly generated hidden tags and you may need to first capture the HTML code for the login form and extract all the hidden fields to be able to do a proper login POST. Remember that the contents need to be URL encoded when sent in a normal POST. 13. Debug 13.1 Some debug tricks Many times when you run curl on a site, you'll notice that the site doesn't seem to respond the same way to your curl requests as it does to your browser's. Then you need to start making your curl requests more similar to your browser's requests: * Use the --trace-ascii option to store fully detailed logs of the requests for easier analyzing and better understanding * Make sure you check for and use cookies when needed (both reading with --cookie and writing with --cookie-jar) * Set user-agent to one like a recent popular browser does * Set referer like it is set by the browser * If you use POST, make sure you send all the fields and in the same order as the browser does it. A very good helper to make sure you do this right, is the LiveHTTPHeader tool that lets you view all headers you send and receive with Mozilla/Firefox (even when using HTTPS). Chrome features similar functionality out of the box among the developer's tools. A more raw approach is to capture the HTTP traffic on the network with tools such as ethereal or tcpdump and check what headers that were sent and received by the browser. (HTTPS makes this technique inefficient.) 14. References 14.1 Standards RFC 7230 is a must to read if you want in-depth understanding of the HTTP protocol RFC 3986 explains the URL syntax RFC 1867 defines the HTTP post upload format RFC 6525 defines how HTTP cookies work 14.2 Sites https://curl.haxx.se is the home of the curl project |
Added scriptlibs/softwareupdate/curl/docs/VERSIONS.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 | Version Numbers and Releases ============================ Curl is not only curl. Curl is also libcurl. They're actually individually versioned, but they mostly follow each other rather closely. The version numbering is always built up using the same system: X.Y.Z - X is main version number - Y is release number - Z is patch number ## Bumping numbers One of these numbers will get bumped in each new release. The numbers to the right of a bumped number will be reset to zero. If Z is zero, it may not be included in the version number. The main version number will get bumped when *really* big, world colliding changes are made. The release number is bumped when changes are performed or things/features are added. The patch number is bumped when the changes are mere bugfixes. It means that after release 1.2.3, we can release 2.0 if something really big has been made, 1.3 if not that big changes were made or 1.2.4 if mostly bugs were fixed. Bumping, as in increasing the number with 1, is unconditionally only affecting one of the numbers (except the ones to the right of it, that may be set to zero). 1 becomes 2, 3 becomes 4, 9 becomes 10, 88 becomes 89 and 99 becomes 100. So, after 1.2.9 comes 1.2.10. After 3.99.3, 3.100 might come. All original curl source release archives are named according to the libcurl version (not according to the curl client version that, as said before, might differ). As a service to any application that might want to support new libcurl features while still being able to build with older versions, all releases have the libcurl version stored in the curl/curlver.h file using a static numbering scheme that can be used for comparison. The version number is defined as: #define LIBCURL_VERSION_NUM 0xXXYYZZ Where XX, YY and ZZ are the main version, release and patch numbers in hexadecimal. All three number fields are always represented using two digits (eight bits each). 1.2 would appear as "0x010200" while version 9.11.7 appears as "0x090b07". This 6-digit hexadecimal number is always a greater number in a more recent release. It makes comparisons with greater than and less than work. This number is also available as three separate defines: `LIBCURL_VERSION_MAJOR`, `LIBCURL_VERSION_MINOR` and `LIBCURL_VERSION_PATCH`. |
Added scriptlibs/softwareupdate/curl/docs/libcurl/ABI.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 | ABI - Application Binary Interface ================================== "ABI" describes the low-level interface between an application program and a library. Calling conventions, function arguments, return values, struct sizes/defines and more. [Wikipedia has a longer description](https://en.wikipedia.org/wiki/Application_binary_interface) Upgrades -------- In the vast majority of all cases, a typical libcurl upgrade does not break the ABI at all. Your application can remain using libcurl just as before, only with less bugs and possibly with added new features. You need to read the release notes, and if they mention an ABI break/soname bump, you may have to verify that your application still builds fine and uses libcurl as it now is defined to work. Version Numbers --------------- In libcurl land, you really can't tell by the libcurl version number if that libcurl is binary compatible or not with another libcurl version. Soname Bumps ------------ Whenever there are changes done to the library that will cause an ABI breakage, that may require your application to get attention or possibly be changed to adhere to new things, we will bump the soname. Then the library will get a different output name and thus can in fact be installed in parallel with an older installed lib (on most systems). Thus, old applications built against the previous ABI version will remain working and using the older lib, while newer applications build and use the newer one. During the first seven years of libcurl releases, there have only been four ABI breakages. We are determined to bump the SONAME as rarely as possible. Ideally, we never do it again. Downgrades ---------- Going to an older libcurl version from one you're currently using can be a tricky thing. Mostly we add features and options to newer libcurls as that won't break ABI or hamper existing applications. This has the implication that going backwards may get you in a situation where you pick a libcurl that doesn't support the options your application needs. Or possibly you even downgrade so far so you cross an ABI break border and thus a different soname, and then your application may need to adapt to the modified ABI. History ------- The previous major library soname number bumps (breaking backwards compatibility) have happened the following times: 0 - libcurl 7.1, August 2000 1 - libcurl 7.5 December 2000 2 - libcurl 7.7 March 2001 3 - libcurl 7.12.0 June 2004 4 - libcurl 7.16.0 October 2006 |
Added scriptlibs/softwareupdate/curl/docs/libcurl/index.html.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Index to libcurl documentation</title> </head> <body> <h1 align="center">Index to libcurl documentation</h1> <h2>Programs</h2> <p><a href="../index.html">curl and tools</a> <h2>Overviews</h2> <A HREF="libcurl.html">libcurl</A> <br><a href="libcurl-easy.html">libcurl-easy</a> <br><a href="libcurl-multi.html">libcurl-multi</a> <br><a href="libcurl-share.html">libcurl-share</a> <br><a href="libcurl-errors.html">libcurl-errors</a> <br><a href="libcurl-tutorial.html">libcurl-tutorial</a> <br><a href="libcurl-thread.html">libcurl-thread</a> <H2>Library Functions (A-Z)</H2> <a href="curl_easy_cleanup.html">curl_easy_cleanup</A> <br><a href="curl_easy_duphandle.html">curl_easy_duphandle</A> <br><a href="curl_easy_escape.html">curl_easy_escape</A> <br><a href="curl_easy_getinfo.html">curl_easy_getinfo</A> <br><a href="curl_easy_init.html">curl_easy_init</A> <br><a href="curl_easy_pause.html">curl_easy_pause</A> <br><a href="curl_easy_perform.html">curl_easy_perform</A> <br><a href="curl_easy_recv.html">curl_easy_recv</A> <br><a href="curl_easy_reset.html">curl_easy_reset</A> <br><a href="curl_easy_send.html">curl_easy_send</A> <br><a href="curl_easy_setopt.html">curl_easy_setopt</A> <br><a href="curl_easy_strerror.html">curl_easy_strerror</A> <br><a href="curl_easy_unescape.html">curl_easy_unescape</A> <br><a href="curl_escape.html">curl_escape</A> (deprecated) <br><a href="curl_formadd.html">curl_formadd</A> <br><a href="curl_formfree.html">curl_formfree</A> <br><a href="curl_formget.html">curl_formget</A> <br><a href="curl_free.html">curl_free</A> <br><a href="curl_getdate.html">curl_getdate</A> <br><a href="curl_getenv.html">curl_getenv</A> (deprecated) <br><a href="curl_global_cleanup.html">curl_global_cleanup</A> <br><a href="curl_global_init.html">curl_global_init</A> <br><a href="curl_global_init_mem.html">curl_global_init_mem</A> <br><a href="curl_mprintf.html">curl_mprintf</A> (deprecated) <br><a href="curl_multi_add_handle.html">curl_multi_add_handle</a> <br><a href="curl_multi_assign.html">curl_multi_assign</a> <br><a href="curl_multi_cleanup.html">curl_multi_cleanup</a> <br><a href="curl_multi_fdset.html">curl_multi_fdset</a> <br><a href="curl_multi_info_read.html">curl_multi_info_read</a> <br><a href="curl_multi_init.html">curl_multi_init</a> <br><a href="curl_multi_perform.html">curl_multi_perform</a> <br><a href="curl_multi_remove_handle.html">curl_multi_remove_handle</a> <br><a href="curl_multi_setopt.html">curl_multi_setopt</a> <br><a href="curl_multi_socket.html">curl_multi_socket</a> (deprecated) <br><a href="curl_multi_socket_action.html">curl_multi_socket_action</a> <br><a href="curl_multi_strerror.html">curl_multi_strerror</a> <br><a href="curl_multi_timeout.html">curl_multi_timeout</a> (deprecated) <br><a href="curl_share_cleanup.html">curl_share_cleanup</A> <br><a href="curl_share_init.html">curl_share_init</A> <br><a href="curl_share_setopt.html">curl_share_setopt</A> <br><a href="curl_share_strerror.html">curl_share_strerror</a> <br><a href="curl_slist_append.html">curl_slist_append</A> <br><a href="curl_slist_free_all.html">curl_slist_free_all</A> <br><a href="curl_strequal.html">curl_strequal and curl_strnequal</A> <br><a href="curl_unescape.html">curl_unescape</A> (deprecated) <br><a href="curl_version.html">curl_version</A> <br><a href="curl_version_info.html">curl_version_info</A> </body></html> |
Added scriptlibs/softwareupdate/curl/docs/libcurl/symbols-in-versions.txt.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 | _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | | (__| |_| | _ <| |___ \___|\___/|_| \_\_____| This document lists defines and other symbols present in libcurl, together with exact information about the first libcurl version that provides the symbol, the first version in which the symbol was marked as deprecated and for a few symbols the last version that featured it. The names appear in alphabetical order. Name Introduced Deprecated Removed CURLAUTH_ANY 7.10.6 CURLAUTH_ANYSAFE 7.10.6 CURLAUTH_BASIC 7.10.6 CURLAUTH_DIGEST 7.10.6 CURLAUTH_DIGEST_IE 7.19.3 CURLAUTH_GSSNEGOTIATE 7.10.6 7.38.0 CURLAUTH_NEGOTIATE 7.38.0 CURLAUTH_NONE 7.10.6 CURLAUTH_NTLM 7.10.6 CURLAUTH_NTLM_WB 7.22.0 CURLAUTH_ONLY 7.21.3 CURLCLOSEPOLICY_CALLBACK 7.7 CURLCLOSEPOLICY_LEAST_RECENTLY_USED 7.7 CURLCLOSEPOLICY_LEAST_TRAFFIC 7.7 CURLCLOSEPOLICY_NONE 7.7 CURLCLOSEPOLICY_OLDEST 7.7 CURLCLOSEPOLICY_SLOWEST 7.7 CURLE_ABORTED_BY_CALLBACK 7.1 CURLE_AGAIN 7.18.2 CURLE_ALREADY_COMPLETE 7.7.2 CURLE_BAD_CALLING_ORDER 7.1 7.17.0 CURLE_BAD_CONTENT_ENCODING 7.10 CURLE_BAD_DOWNLOAD_RESUME 7.10 CURLE_BAD_FUNCTION_ARGUMENT 7.1 CURLE_BAD_PASSWORD_ENTERED 7.4.2 7.17.0 CURLE_CHUNK_FAILED 7.21.0 CURLE_CONV_FAILED 7.15.4 CURLE_CONV_REQD 7.15.4 CURLE_COULDNT_CONNECT 7.1 CURLE_COULDNT_RESOLVE_HOST 7.1 CURLE_COULDNT_RESOLVE_PROXY 7.1 CURLE_FAILED_INIT 7.1 CURLE_FILESIZE_EXCEEDED 7.10.8 CURLE_FILE_COULDNT_READ_FILE 7.1 CURLE_FTP_ACCEPT_FAILED 7.24.0 CURLE_FTP_ACCEPT_TIMEOUT 7.24.0 CURLE_FTP_ACCESS_DENIED 7.1 CURLE_FTP_BAD_DOWNLOAD_RESUME 7.1 7.1 CURLE_FTP_BAD_FILE_LIST 7.21.0 CURLE_FTP_CANT_GET_HOST 7.1 CURLE_FTP_CANT_RECONNECT 7.1 7.17.0 CURLE_FTP_COULDNT_GET_SIZE 7.1 7.17.0 CURLE_FTP_COULDNT_RETR_FILE 7.1 CURLE_FTP_COULDNT_SET_ASCII 7.1 7.17.0 CURLE_FTP_COULDNT_SET_BINARY 7.1 7.17.0 CURLE_FTP_COULDNT_SET_TYPE 7.17.0 CURLE_FTP_COULDNT_STOR_FILE 7.1 CURLE_FTP_COULDNT_USE_REST 7.1 CURLE_FTP_PARTIAL_FILE 7.1 7.1 CURLE_FTP_PORT_FAILED 7.1 CURLE_FTP_PRET_FAILED 7.20.0 CURLE_FTP_QUOTE_ERROR 7.1 7.17.0 CURLE_FTP_SSL_FAILED 7.11.0 7.17.0 CURLE_FTP_USER_PASSWORD_INCORRECT 7.1 7.17.0 CURLE_FTP_WEIRD_227_FORMAT 7.1 CURLE_FTP_WEIRD_PASS_REPLY 7.1 CURLE_FTP_WEIRD_PASV_REPLY 7.1 CURLE_FTP_WEIRD_SERVER_REPLY 7.1 CURLE_FTP_WEIRD_USER_REPLY 7.1 7.17.0 CURLE_FTP_WRITE_ERROR 7.1 7.17.0 CURLE_FUNCTION_NOT_FOUND 7.1 CURLE_GOT_NOTHING 7.9.1 CURLE_HTTP2 7.38.0 CURLE_HTTP2_STREAM 7.49.0 CURLE_HTTP_NOT_FOUND 7.1 CURLE_HTTP_PORT_FAILED 7.3 7.12.0 CURLE_HTTP_POST_ERROR 7.1 CURLE_HTTP_RANGE_ERROR 7.1 7.17.0 CURLE_HTTP_RETURNED_ERROR 7.10.3 CURLE_INTERFACE_FAILED 7.12.0 CURLE_LDAP_CANNOT_BIND 7.1 CURLE_LDAP_INVALID_URL 7.10.8 CURLE_LDAP_SEARCH_FAILED 7.1 CURLE_LIBRARY_NOT_FOUND 7.1 7.17.0 CURLE_LOGIN_DENIED 7.13.1 CURLE_MALFORMAT_USER 7.1 7.17.0 CURLE_NOT_BUILT_IN 7.21.5 CURLE_NO_CONNECTION_AVAILABLE 7.30.0 CURLE_OK 7.1 CURLE_OPERATION_TIMEDOUT 7.10.2 CURLE_OPERATION_TIMEOUTED 7.1 7.17.0 CURLE_OUT_OF_MEMORY 7.1 CURLE_PARTIAL_FILE 7.1 CURLE_PEER_FAILED_VERIFICATION 7.17.1 CURLE_QUOTE_ERROR 7.17.0 CURLE_RANGE_ERROR 7.17.0 CURLE_READ_ERROR 7.1 CURLE_RECV_ERROR 7.10 CURLE_REMOTE_ACCESS_DENIED 7.17.0 CURLE_REMOTE_DISK_FULL 7.17.0 CURLE_REMOTE_FILE_EXISTS 7.17.0 CURLE_REMOTE_FILE_NOT_FOUND 7.16.1 CURLE_RTSP_CSEQ_ERROR 7.20.0 CURLE_RTSP_SESSION_ERROR 7.20.0 CURLE_SEND_ERROR 7.10 CURLE_SEND_FAIL_REWIND 7.12.3 CURLE_SHARE_IN_USE 7.9.6 7.17.0 CURLE_SSH 7.16.1 CURLE_SSL_CACERT 7.10 CURLE_SSL_CACERT_BADFILE 7.16.0 CURLE_SSL_CERTPROBLEM 7.10 CURLE_SSL_CIPHER 7.10 CURLE_SSL_CONNECT_ERROR 7.1 CURLE_SSL_CRL_BADFILE 7.19.0 CURLE_SSL_ENGINE_INITFAILED 7.12.3 CURLE_SSL_ENGINE_NOTFOUND 7.9.3 CURLE_SSL_ENGINE_SETFAILED 7.9.3 CURLE_SSL_INVALIDCERTSTATUS 7.41.0 CURLE_SSL_ISSUER_ERROR 7.19.0 CURLE_SSL_PEER_CERTIFICATE 7.8 7.17.1 CURLE_SSL_PINNEDPUBKEYNOTMATCH 7.39.0 CURLE_SSL_SHUTDOWN_FAILED 7.16.1 CURLE_TELNET_OPTION_SYNTAX 7.7 CURLE_TFTP_DISKFULL 7.15.0 7.17.0 CURLE_TFTP_EXISTS 7.15.0 7.17.0 CURLE_TFTP_ILLEGAL 7.15.0 CURLE_TFTP_NOSUCHUSER 7.15.0 CURLE_TFTP_NOTFOUND 7.15.0 CURLE_TFTP_PERM 7.15.0 CURLE_TFTP_UNKNOWNID 7.15.0 CURLE_TOO_MANY_REDIRECTS 7.5 CURLE_UNKNOWN_OPTION 7.21.5 CURLE_UNKNOWN_TELNET_OPTION 7.7 CURLE_UNSUPPORTED_PROTOCOL 7.1 CURLE_UPLOAD_FAILED 7.16.3 CURLE_URL_MALFORMAT 7.1 CURLE_URL_MALFORMAT_USER 7.1 7.17.0 CURLE_USE_SSL_FAILED 7.17.0 CURLE_WEIRD_SERVER_REPLY 7.51.0 CURLE_WRITE_ERROR 7.1 CURLFILETYPE_DEVICE_BLOCK 7.21.0 CURLFILETYPE_DEVICE_CHAR 7.21.0 CURLFILETYPE_DIRECTORY 7.21.0 CURLFILETYPE_DOOR 7.21.0 CURLFILETYPE_FILE 7.21.0 CURLFILETYPE_NAMEDPIPE 7.21.0 CURLFILETYPE_SOCKET 7.21.0 CURLFILETYPE_SYMLINK 7.21.0 CURLFILETYPE_UNKNOWN 7.21.0 CURLFINFOFLAG_KNOWN_FILENAME 7.21.0 CURLFINFOFLAG_KNOWN_FILETYPE 7.21.0 CURLFINFOFLAG_KNOWN_GID 7.21.0 CURLFINFOFLAG_KNOWN_HLINKCOUNT 7.21.0 CURLFINFOFLAG_KNOWN_PERM 7.21.0 CURLFINFOFLAG_KNOWN_SIZE 7.21.0 CURLFINFOFLAG_KNOWN_TIME 7.21.0 CURLFINFOFLAG_KNOWN_UID 7.21.0 CURLFORM_ARRAY 7.9.1 CURLFORM_ARRAY_END 7.9.1 7.9.5 7.9.6 CURLFORM_ARRAY_START 7.9.1 7.9.5 7.9.6 CURLFORM_BUFFER 7.9.8 CURLFORM_BUFFERLENGTH 7.9.8 CURLFORM_BUFFERPTR 7.9.8 CURLFORM_CONTENTHEADER 7.9.3 CURLFORM_CONTENTLEN 7.46.0 CURLFORM_CONTENTSLENGTH 7.9 CURLFORM_CONTENTTYPE 7.9 CURLFORM_COPYCONTENTS 7.9 CURLFORM_COPYNAME 7.9 CURLFORM_END 7.9 CURLFORM_FILE 7.9 CURLFORM_FILECONTENT 7.9.1 CURLFORM_FILENAME 7.9.6 CURLFORM_NAMELENGTH 7.9 CURLFORM_NOTHING 7.9 CURLFORM_PTRCONTENTS 7.9 CURLFORM_PTRNAME 7.9 CURLFORM_STREAM 7.18.2 CURLFTPAUTH_DEFAULT 7.12.2 CURLFTPAUTH_SSL 7.12.2 CURLFTPAUTH_TLS 7.12.2 CURLFTPMETHOD_DEFAULT 7.15.3 CURLFTPMETHOD_MULTICWD 7.15.3 CURLFTPMETHOD_NOCWD 7.15.3 CURLFTPMETHOD_SINGLECWD 7.15.3 CURLFTPSSL_ALL 7.11.0 7.17.0 CURLFTPSSL_CCC_ACTIVE 7.16.2 CURLFTPSSL_CCC_NONE 7.16.2 CURLFTPSSL_CCC_PASSIVE 7.16.1 CURLFTPSSL_CONTROL 7.11.0 7.17.0 CURLFTPSSL_NONE 7.11.0 7.17.0 CURLFTPSSL_TRY 7.11.0 7.17.0 CURLFTP_CREATE_DIR 7.19.4 CURLFTP_CREATE_DIR_NONE 7.19.4 CURLFTP_CREATE_DIR_RETRY 7.19.4 CURLGSSAPI_DELEGATION_FLAG 7.22.0 CURLGSSAPI_DELEGATION_NONE 7.22.0 CURLGSSAPI_DELEGATION_POLICY_FLAG 7.22.0 CURLHEADER_SEPARATE 7.37.0 CURLHEADER_UNIFIED 7.37.0 CURLINFO_ACTIVESOCKET 7.45.0 CURLINFO_APPCONNECT_TIME 7.19.0 CURLINFO_CERTINFO 7.19.1 CURLINFO_CONDITION_UNMET 7.19.4 CURLINFO_CONNECT_TIME 7.4.1 CURLINFO_CONTENT_LENGTH_DOWNLOAD 7.6.1 CURLINFO_CONTENT_LENGTH_UPLOAD 7.6.1 CURLINFO_CONTENT_TYPE 7.9.4 CURLINFO_COOKIELIST 7.14.1 CURLINFO_DATA_IN 7.9.6 CURLINFO_DATA_OUT 7.9.6 CURLINFO_DOUBLE 7.4.1 CURLINFO_EFFECTIVE_URL 7.4 CURLINFO_END 7.9.6 CURLINFO_FILETIME 7.5 CURLINFO_FTP_ENTRY_PATH 7.15.4 CURLINFO_HEADER_IN 7.9.6 CURLINFO_HEADER_OUT 7.9.6 CURLINFO_HEADER_SIZE 7.4.1 CURLINFO_HTTPAUTH_AVAIL 7.10.8 CURLINFO_HTTP_CODE 7.4.1 7.10.8 CURLINFO_HTTP_CONNECTCODE 7.10.7 CURLINFO_HTTP_VERSION 7.50.0 CURLINFO_LASTONE 7.4.1 CURLINFO_LASTSOCKET 7.15.2 CURLINFO_LOCAL_IP 7.21.0 CURLINFO_LOCAL_PORT 7.21.0 CURLINFO_LONG 7.4.1 CURLINFO_MASK 7.4.1 CURLINFO_NAMELOOKUP_TIME 7.4.1 CURLINFO_NONE 7.4.1 CURLINFO_NUM_CONNECTS 7.12.3 CURLINFO_OS_ERRNO 7.12.2 CURLINFO_PRETRANSFER_TIME 7.4.1 CURLINFO_PRIMARY_IP 7.19.0 CURLINFO_PRIMARY_PORT 7.21.0 CURLINFO_PRIVATE 7.10.3 CURLINFO_PROTOCOL 7.52.0 CURLINFO_PROXYAUTH_AVAIL 7.10.8 CURLINFO_PROXY_SSL_VERIFYRESULT 7.52.0 CURLINFO_REDIRECT_COUNT 7.9.7 CURLINFO_REDIRECT_TIME 7.9.7 CURLINFO_REDIRECT_URL 7.18.2 CURLINFO_REQUEST_SIZE 7.4.1 CURLINFO_RESPONSE_CODE 7.10.8 CURLINFO_RTSP_CLIENT_CSEQ 7.20.0 CURLINFO_RTSP_CSEQ_RECV 7.20.0 CURLINFO_RTSP_SERVER_CSEQ 7.20.0 CURLINFO_RTSP_SESSION_ID 7.20.0 CURLINFO_SCHEME 7.52.0 CURLINFO_SIZE_DOWNLOAD 7.4.1 CURLINFO_SIZE_UPLOAD 7.4.1 CURLINFO_SLIST 7.12.3 CURLINFO_SOCKET 7.45.0 CURLINFO_SPEED_DOWNLOAD 7.4.1 CURLINFO_SPEED_UPLOAD 7.4.1 CURLINFO_SSL_DATA_IN 7.12.1 CURLINFO_SSL_DATA_OUT 7.12.1 CURLINFO_SSL_ENGINES 7.12.3 CURLINFO_SSL_VERIFYRESULT 7.5 CURLINFO_STARTTRANSFER_TIME 7.9.2 CURLINFO_STRING 7.4.1 CURLINFO_TEXT 7.9.6 CURLINFO_TLS_SESSION 7.34.0 7.48.0 CURLINFO_TLS_SSL_PTR 7.48.0 CURLINFO_TOTAL_TIME 7.4.1 CURLINFO_TYPEMASK 7.4.1 CURLIOCMD_NOP 7.12.3 CURLIOCMD_RESTARTREAD 7.12.3 CURLIOE_FAILRESTART 7.12.3 CURLIOE_OK 7.12.3 CURLIOE_UNKNOWNCMD 7.12.3 CURLKHMATCH_MISMATCH 7.19.6 CURLKHMATCH_MISSING 7.19.6 CURLKHMATCH_OK 7.19.6 CURLKHSTAT_DEFER 7.19.6 CURLKHSTAT_FINE 7.19.6 CURLKHSTAT_FINE_ADD_TO_FILE 7.19.6 CURLKHSTAT_REJECT 7.19.6 CURLKHTYPE_DSS 7.19.6 CURLKHTYPE_RSA 7.19.6 CURLKHTYPE_RSA1 7.19.6 CURLKHTYPE_UNKNOWN 7.19.6 CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE 7.30.0 CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE 7.30.0 CURLMOPT_MAXCONNECTS 7.16.3 CURLMOPT_MAX_HOST_CONNECTIONS 7.30.0 CURLMOPT_MAX_PIPELINE_LENGTH 7.30.0 CURLMOPT_MAX_TOTAL_CONNECTIONS 7.30.0 CURLMOPT_PIPELINING 7.16.0 CURLMOPT_PIPELINING_SERVER_BL 7.30.0 CURLMOPT_PIPELINING_SITE_BL 7.30.0 CURLMOPT_PUSHDATA 7.44.0 CURLMOPT_PUSHFUNCTION 7.44.0 CURLMOPT_SOCKETDATA 7.15.4 CURLMOPT_SOCKETFUNCTION 7.15.4 CURLMOPT_TIMERDATA 7.16.0 CURLMOPT_TIMERFUNCTION 7.16.0 CURLMSG_DONE 7.9.6 CURLMSG_NONE 7.9.6 CURLM_ADDED_ALREADY 7.32.1 CURLM_BAD_EASY_HANDLE 7.9.6 CURLM_BAD_HANDLE 7.9.6 CURLM_BAD_SOCKET 7.15.4 CURLM_CALL_MULTI_PERFORM 7.9.6 CURLM_CALL_MULTI_SOCKET 7.15.5 CURLM_INTERNAL_ERROR 7.9.6 CURLM_OK 7.9.6 CURLM_OUT_OF_MEMORY 7.9.6 CURLM_UNKNOWN_OPTION 7.15.4 CURLOPTTYPE_FUNCTIONPOINT 7.1 CURLOPTTYPE_LONG 7.1 CURLOPTTYPE_OBJECTPOINT 7.1 CURLOPTTYPE_OFF_T 7.11.0 CURLOPTTYPE_STRINGPOINT 7.46.0 CURLOPT_ABSTRACT_UNIX_SOCKET 7.53.0 CURLOPT_ACCEPTTIMEOUT_MS 7.24.0 CURLOPT_ACCEPT_ENCODING 7.21.6 CURLOPT_ADDRESS_SCOPE 7.19.0 CURLOPT_APPEND 7.17.0 CURLOPT_AUTOREFERER 7.1 CURLOPT_BUFFERSIZE 7.10 CURLOPT_CAINFO 7.4.2 CURLOPT_CAPATH 7.9.8 CURLOPT_CERTINFO 7.19.1 CURLOPT_CHUNK_BGN_FUNCTION 7.21.0 CURLOPT_CHUNK_DATA 7.21.0 CURLOPT_CHUNK_END_FUNCTION 7.21.0 CURLOPT_CLOSEFUNCTION 7.7 7.11.1 7.15.5 CURLOPT_CLOSEPOLICY 7.7 7.16.1 CURLOPT_CLOSESOCKETDATA 7.21.7 CURLOPT_CLOSESOCKETFUNCTION 7.21.7 CURLOPT_CONNECTTIMEOUT 7.7 CURLOPT_CONNECTTIMEOUT_MS 7.16.2 CURLOPT_CONNECT_ONLY 7.15.2 CURLOPT_CONNECT_TO 7.49.0 CURLOPT_CONV_FROM_NETWORK_FUNCTION 7.15.4 CURLOPT_CONV_FROM_UTF8_FUNCTION 7.15.4 CURLOPT_CONV_TO_NETWORK_FUNCTION 7.15.4 CURLOPT_COOKIE 7.1 CURLOPT_COOKIEFILE 7.1 CURLOPT_COOKIEJAR 7.9 CURLOPT_COOKIELIST 7.14.1 CURLOPT_COOKIESESSION 7.9.7 CURLOPT_COPYPOSTFIELDS 7.17.1 CURLOPT_CRLF 7.1 CURLOPT_CRLFILE 7.19.0 CURLOPT_CUSTOMREQUEST 7.1 CURLOPT_DEBUGDATA 7.9.6 CURLOPT_DEBUGFUNCTION 7.9.6 CURLOPT_DEFAULT_PROTOCOL 7.45.0 CURLOPT_DIRLISTONLY 7.17.0 CURLOPT_DNS_CACHE_TIMEOUT 7.9.3 CURLOPT_DNS_INTERFACE 7.33.0 CURLOPT_DNS_LOCAL_IP4 7.33.0 CURLOPT_DNS_LOCAL_IP6 7.33.0 CURLOPT_DNS_SERVERS 7.24.0 CURLOPT_DNS_USE_GLOBAL_CACHE 7.9.3 7.11.1 CURLOPT_EGDSOCKET 7.7 CURLOPT_ENCODING 7.10 CURLOPT_ERRORBUFFER 7.1 CURLOPT_EXPECT_100_TIMEOUT_MS 7.36.0 CURLOPT_FAILONERROR 7.1 CURLOPT_FILE 7.1 7.9.7 CURLOPT_FILETIME 7.5 CURLOPT_FNMATCH_DATA 7.21.0 CURLOPT_FNMATCH_FUNCTION 7.21.0 CURLOPT_FOLLOWLOCATION 7.1 CURLOPT_FORBID_REUSE 7.7 CURLOPT_FRESH_CONNECT 7.7 CURLOPT_FTPAPPEND 7.1 7.16.4 CURLOPT_FTPASCII 7.1 7.11.1 7.15.5 CURLOPT_FTPLISTONLY 7.1 7.16.4 CURLOPT_FTPPORT 7.1 CURLOPT_FTPSSLAUTH 7.12.2 CURLOPT_FTP_ACCOUNT 7.13.0 CURLOPT_FTP_ALTERNATIVE_TO_USER 7.15.5 CURLOPT_FTP_CREATE_MISSING_DIRS 7.10.7 CURLOPT_FTP_FILEMETHOD 7.15.1 CURLOPT_FTP_RESPONSE_TIMEOUT 7.10.8 CURLOPT_FTP_SKIP_PASV_IP 7.15.0 CURLOPT_FTP_SSL 7.11.0 7.16.4 CURLOPT_FTP_SSL_CCC 7.16.1 CURLOPT_FTP_USE_EPRT 7.10.5 CURLOPT_FTP_USE_EPSV 7.9.2 CURLOPT_FTP_USE_PRET 7.20.0 CURLOPT_GSSAPI_DELEGATION 7.22.0 CURLOPT_HEADER 7.1 CURLOPT_HEADERDATA 7.10 CURLOPT_HEADERFUNCTION 7.7.2 CURLOPT_HEADEROPT 7.37.0 CURLOPT_HTTP200ALIASES 7.10.3 CURLOPT_HTTPAUTH 7.10.6 CURLOPT_HTTPGET 7.8.1 CURLOPT_HTTPHEADER 7.1 CURLOPT_HTTPPOST 7.1 CURLOPT_HTTPPROXYTUNNEL 7.3 CURLOPT_HTTPREQUEST 7.1 - 7.15.5 CURLOPT_HTTP_CONTENT_DECODING 7.16.2 CURLOPT_HTTP_TRANSFER_DECODING 7.16.2 CURLOPT_HTTP_VERSION 7.9.1 CURLOPT_IGNORE_CONTENT_LENGTH 7.14.1 CURLOPT_INFILE 7.1 7.9.7 CURLOPT_INFILESIZE 7.1 CURLOPT_INFILESIZE_LARGE 7.11.0 CURLOPT_INTERFACE 7.3 CURLOPT_INTERLEAVEDATA 7.20.0 CURLOPT_INTERLEAVEFUNCTION 7.20.0 CURLOPT_IOCTLDATA 7.12.3 CURLOPT_IOCTLFUNCTION 7.12.3 CURLOPT_IPRESOLVE 7.10.8 CURLOPT_ISSUERCERT 7.19.0 CURLOPT_KEYPASSWD 7.17.0 CURLOPT_KEEP_SENDING_ON_ERROR 7.51.0 CURLOPT_KRB4LEVEL 7.3 7.17.0 CURLOPT_KRBLEVEL 7.16.4 CURLOPT_LOCALPORT 7.15.2 CURLOPT_LOCALPORTRANGE 7.15.2 CURLOPT_LOGIN_OPTIONS 7.34.0 CURLOPT_LOW_SPEED_LIMIT 7.1 CURLOPT_LOW_SPEED_TIME 7.1 CURLOPT_MAIL_AUTH 7.25.0 CURLOPT_MAIL_FROM 7.20.0 CURLOPT_MAIL_RCPT 7.20.0 CURLOPT_MAXCONNECTS 7.7 CURLOPT_MAXFILESIZE 7.10.8 CURLOPT_MAXFILESIZE_LARGE 7.11.0 CURLOPT_MAXREDIRS 7.5 CURLOPT_MAX_RECV_SPEED_LARGE 7.15.5 CURLOPT_MAX_SEND_SPEED_LARGE 7.15.5 CURLOPT_MUTE 7.1 7.8 7.15.5 CURLOPT_NETRC 7.1 CURLOPT_NETRC_FILE 7.11.0 CURLOPT_NEW_DIRECTORY_PERMS 7.16.4 CURLOPT_NEW_FILE_PERMS 7.16.4 CURLOPT_NOBODY 7.1 CURLOPT_NOPROGRESS 7.1 CURLOPT_NOPROXY 7.19.4 CURLOPT_NOSIGNAL 7.10 CURLOPT_NOTHING 7.1.1 7.11.1 7.11.0 CURLOPT_OPENSOCKETDATA 7.17.1 CURLOPT_OPENSOCKETFUNCTION 7.17.1 CURLOPT_PASSWDDATA 7.4.2 7.11.1 7.15.5 CURLOPT_PASSWDFUNCTION 7.4.2 7.11.1 7.15.5 CURLOPT_PASSWORD 7.19.1 CURLOPT_PASV_HOST 7.12.1 7.16.0 7.15.5 CURLOPT_PATH_AS_IS 7.42.0 CURLOPT_PINNEDPUBLICKEY 7.39.0 CURLOPT_PIPEWAIT 7.43.0 CURLOPT_PORT 7.1 CURLOPT_POST 7.1 CURLOPT_POST301 7.17.1 7.19.1 CURLOPT_POSTFIELDS 7.1 CURLOPT_POSTFIELDSIZE 7.2 CURLOPT_POSTFIELDSIZE_LARGE 7.11.1 CURLOPT_POSTQUOTE 7.1 CURLOPT_POSTREDIR 7.19.1 CURLOPT_PREQUOTE 7.9.5 CURLOPT_PRE_PROXY 7.52.0 CURLOPT_PRIVATE 7.10.3 CURLOPT_PROGRESSDATA 7.1 CURLOPT_PROGRESSFUNCTION 7.1 7.32.0 CURLOPT_PROTOCOLS 7.19.4 CURLOPT_PROXY 7.1 CURLOPT_PROXYAUTH 7.10.7 CURLOPT_PROXYHEADER 7.37.0 CURLOPT_PROXYPASSWORD 7.19.1 CURLOPT_PROXYPORT 7.1 CURLOPT_PROXYTYPE 7.10 CURLOPT_PROXYUSERNAME 7.19.1 CURLOPT_PROXYUSERPWD 7.1 CURLOPT_PROXY_CAINFO 7.52.0 CURLOPT_PROXY_CAPATH 7.52.0 CURLOPT_PROXY_CRLFILE 7.52.0 CURLOPT_PROXY_KEYPASSWD 7.52.0 CURLOPT_PROXY_PINNEDPUBLICKEY 7.52.0 CURLOPT_PROXY_SERVICE_NAME 7.43.0 CURLOPT_PROXY_SSLCERT 7.52.0 CURLOPT_PROXY_SSLCERTTYPE 7.52.0 CURLOPT_PROXY_SSLKEY 7.52.0 CURLOPT_PROXY_SSLKEYTYPE 7.52.0 CURLOPT_PROXY_SSLVERSION 7.52.0 CURLOPT_PROXY_SSL_CIPHER_LIST 7.52.0 CURLOPT_PROXY_SSL_OPTIONS 7.52.0 CURLOPT_PROXY_SSL_VERIFYHOST 7.52.0 CURLOPT_PROXY_SSL_VERIFYPEER 7.52.0 CURLOPT_PROXY_TLSAUTH_PASSWORD 7.52.0 CURLOPT_PROXY_TLSAUTH_TYPE 7.52.0 CURLOPT_PROXY_TLSAUTH_USERNAME 7.52.0 CURLOPT_PROXY_TRANSFER_MODE 7.18.0 CURLOPT_PUT 7.1 CURLOPT_QUOTE 7.1 CURLOPT_RANDOM_FILE 7.7 CURLOPT_RANGE 7.1 CURLOPT_READDATA 7.9.7 CURLOPT_READFUNCTION 7.1 CURLOPT_REDIR_PROTOCOLS 7.19.4 CURLOPT_REFERER 7.1 CURLOPT_RESOLVE 7.21.3 CURLOPT_RESUME_FROM 7.1 CURLOPT_RESUME_FROM_LARGE 7.11.0 CURLOPT_RTSPHEADER 7.20.0 CURLOPT_RTSP_CLIENT_CSEQ 7.20.0 CURLOPT_RTSP_REQUEST 7.20.0 CURLOPT_RTSP_SERVER_CSEQ 7.20.0 CURLOPT_RTSP_SESSION_ID 7.20.0 CURLOPT_RTSP_STREAM_URI 7.20.0 CURLOPT_RTSP_TRANSPORT 7.20.0 CURLOPT_SASL_IR 7.31.0 CURLOPT_SEEKDATA 7.18.0 CURLOPT_SEEKFUNCTION 7.18.0 CURLOPT_SERVER_RESPONSE_TIMEOUT 7.20.0 CURLOPT_SERVICE_NAME 7.43.0 CURLOPT_SHARE 7.10 CURLOPT_SOCKOPTDATA 7.16.0 CURLOPT_SOCKOPTFUNCTION 7.16.0 CURLOPT_SOCKS5_GSSAPI_NEC 7.19.4 CURLOPT_SOCKS5_GSSAPI_SERVICE 7.19.4 7.49.0 CURLOPT_SOURCE_HOST 7.12.1 - 7.15.5 CURLOPT_SOURCE_PATH 7.12.1 - 7.15.5 CURLOPT_SOURCE_PORT 7.12.1 - 7.15.5 CURLOPT_SOURCE_POSTQUOTE 7.12.1 - 7.15.5 CURLOPT_SOURCE_PREQUOTE 7.12.1 - 7.15.5 CURLOPT_SOURCE_QUOTE 7.13.0 - 7.15.5 CURLOPT_SOURCE_URL 7.13.0 - 7.15.5 CURLOPT_SOURCE_USERPWD 7.12.1 - 7.15.5 CURLOPT_SSH_AUTH_TYPES 7.16.1 CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 7.17.1 CURLOPT_SSH_KEYDATA 7.19.6 CURLOPT_SSH_KEYFUNCTION 7.19.6 CURLOPT_SSH_KNOWNHOSTS 7.19.6 CURLOPT_SSH_PRIVATE_KEYFILE 7.16.1 CURLOPT_SSH_PUBLIC_KEYFILE 7.16.1 CURLOPT_SSLCERT 7.1 CURLOPT_SSLCERTPASSWD 7.1.1 7.17.0 CURLOPT_SSLCERTTYPE 7.9.3 CURLOPT_SSLENGINE 7.9.3 CURLOPT_SSLENGINE_DEFAULT 7.9.3 CURLOPT_SSLKEY 7.9.3 CURLOPT_SSLKEYPASSWD 7.9.3 7.17.0 CURLOPT_SSLKEYTYPE 7.9.3 CURLOPT_SSLVERSION 7.1 CURLOPT_SSL_CIPHER_LIST 7.9 CURLOPT_SSL_CTX_DATA 7.10.6 CURLOPT_SSL_CTX_FUNCTION 7.10.6 CURLOPT_SSL_ENABLE_ALPN 7.36.0 CURLOPT_SSL_ENABLE_NPN 7.36.0 CURLOPT_SSL_FALSESTART 7.42.0 CURLOPT_SSL_OPTIONS 7.25.0 CURLOPT_SSL_SESSIONID_CACHE 7.16.0 CURLOPT_SSL_VERIFYHOST 7.8.1 CURLOPT_SSL_VERIFYPEER 7.4.2 CURLOPT_SSL_VERIFYSTATUS 7.41.0 CURLOPT_STDERR 7.1 CURLOPT_STREAM_DEPENDS 7.46.0 CURLOPT_STREAM_DEPENDS_E 7.46.0 CURLOPT_STREAM_WEIGHT 7.46.0 CURLOPT_TCP_KEEPALIVE 7.25.0 CURLOPT_TCP_KEEPIDLE 7.25.0 CURLOPT_TCP_KEEPINTVL 7.25.0 CURLOPT_TCP_NODELAY 7.11.2 CURLOPT_TCP_FASTOPEN 7.49.0 CURLOPT_TELNETOPTIONS 7.7 CURLOPT_TFTP_BLKSIZE 7.19.4 CURLOPT_TFTP_NO_OPTIONS 7.48.0 CURLOPT_TIMECONDITION 7.1 CURLOPT_TIMEOUT 7.1 CURLOPT_TIMEOUT_MS 7.16.2 CURLOPT_TIMEVALUE 7.1 CURLOPT_TLSAUTH_PASSWORD 7.21.4 CURLOPT_TLSAUTH_TYPE 7.21.4 CURLOPT_TLSAUTH_USERNAME 7.21.4 CURLOPT_TRANSFERTEXT 7.1.1 CURLOPT_TRANSFER_ENCODING 7.21.6 CURLOPT_UNIX_SOCKET_PATH 7.40.0 CURLOPT_UNRESTRICTED_AUTH 7.10.4 CURLOPT_UPLOAD 7.1 CURLOPT_URL 7.1 CURLOPT_USERAGENT 7.1 CURLOPT_USERNAME 7.19.1 CURLOPT_USERPWD 7.1 CURLOPT_USE_SSL 7.17.0 CURLOPT_VERBOSE 7.1 CURLOPT_WILDCARDMATCH 7.21.0 CURLOPT_WRITEDATA 7.9.7 CURLOPT_WRITEFUNCTION 7.1 CURLOPT_WRITEHEADER 7.1 CURLOPT_WRITEINFO 7.1 CURLOPT_XFERINFODATA 7.32.0 CURLOPT_XFERINFOFUNCTION 7.32.0 CURLOPT_XOAUTH2_BEARER 7.33.0 CURLPAUSE_ALL 7.18.0 CURLPAUSE_CONT 7.18.0 CURLPAUSE_RECV 7.18.0 CURLPAUSE_RECV_CONT 7.18.0 CURLPAUSE_SEND 7.18.0 CURLPAUSE_SEND_CONT 7.18.0 CURLPIPE_HTTP1 7.43.0 CURLPIPE_MULTIPLEX 7.43.0 CURLPIPE_NOTHING 7.43.0 CURLPROTO_ALL 7.19.4 CURLPROTO_DICT 7.19.4 CURLPROTO_FILE 7.19.4 CURLPROTO_FTP 7.19.4 CURLPROTO_FTPS 7.19.4 CURLPROTO_GOPHER 7.21.2 CURLPROTO_HTTP 7.19.4 CURLPROTO_HTTPS 7.19.4 CURLPROTO_IMAP 7.20.0 CURLPROTO_IMAPS 7.20.0 CURLPROTO_LDAP 7.19.4 CURLPROTO_LDAPS 7.19.4 CURLPROTO_POP3 7.20.0 CURLPROTO_POP3S 7.20.0 CURLPROTO_RTMP 7.21.0 CURLPROTO_RTMPE 7.21.0 CURLPROTO_RTMPS 7.21.0 CURLPROTO_RTMPT 7.21.0 CURLPROTO_RTMPTE 7.21.0 CURLPROTO_RTMPTS 7.21.0 CURLPROTO_RTSP 7.20.0 CURLPROTO_SCP 7.19.4 CURLPROTO_SFTP 7.19.4 CURLPROTO_SMB 7.40.0 CURLPROTO_SMBS 7.40.0 CURLPROTO_SMTP 7.20.0 CURLPROTO_SMTPS 7.20.0 CURLPROTO_TELNET 7.19.4 CURLPROTO_TFTP 7.19.4 CURLPROXY_HTTP 7.10 CURLPROXY_HTTP_1_0 7.19.4 CURLPROXY_HTTPS 7.52.0 CURLPROXY_SOCKS4 7.10 CURLPROXY_SOCKS4A 7.18.0 CURLPROXY_SOCKS5 7.10 CURLPROXY_SOCKS5_HOSTNAME 7.18.0 CURLSHE_BAD_OPTION 7.10.3 CURLSHE_INVALID 7.10.3 CURLSHE_IN_USE 7.10.3 CURLSHE_NOMEM 7.12.0 CURLSHE_NOT_BUILT_IN 7.23.0 CURLSHE_OK 7.10.3 CURLSHOPT_LOCKFUNC 7.10.3 CURLSHOPT_NONE 7.10.3 CURLSHOPT_SHARE 7.10.3 CURLSHOPT_UNLOCKFUNC 7.10.3 CURLSHOPT_UNSHARE 7.10.3 CURLSHOPT_USERDATA 7.10.3 CURLSOCKTYPE_ACCEPT 7.28.0 CURLSOCKTYPE_IPCXN 7.16.0 CURLSSH_AUTH_AGENT 7.28.0 CURLSSH_AUTH_ANY 7.16.1 CURLSSH_AUTH_DEFAULT 7.16.1 CURLSSH_AUTH_HOST 7.16.1 CURLSSH_AUTH_KEYBOARD 7.16.1 CURLSSH_AUTH_NONE 7.16.1 CURLSSH_AUTH_PASSWORD 7.16.1 CURLSSH_AUTH_PUBLICKEY 7.16.1 CURLSSLBACKEND_AXTLS 7.38.0 CURLSSLBACKEND_BORINGSSL 7.49.0 CURLSSLBACKEND_CYASSL 7.34.0 CURLSSLBACKEND_DARWINSSL 7.34.0 CURLSSLBACKEND_GNUTLS 7.34.0 CURLSSLBACKEND_GSKIT 7.34.0 CURLSSLBACKEND_LIBRESSL 7.49.0 CURLSSLBACKEND_MBEDTLS 7.46.0 CURLSSLBACKEND_NONE 7.34.0 CURLSSLBACKEND_NSS 7.34.0 CURLSSLBACKEND_OPENSSL 7.34.0 CURLSSLBACKEND_POLARSSL 7.34.0 CURLSSLBACKEND_QSOSSL 7.34.0 - 7.38.1 CURLSSLBACKEND_SCHANNEL 7.34.0 CURLSSLBACKEND_WOLFSSL 7.49.0 CURLSSLOPT_ALLOW_BEAST 7.25.0 CURLSSLOPT_NO_REVOKE 7.44.0 CURLUSESSL_ALL 7.17.0 CURLUSESSL_CONTROL 7.17.0 CURLUSESSL_NONE 7.17.0 CURLUSESSL_TRY 7.17.0 CURLVERSION_FIRST 7.10 CURLVERSION_FOURTH 7.16.1 CURLVERSION_NOW 7.10 CURLVERSION_SECOND 7.11.1 CURLVERSION_THIRD 7.12.0 CURL_CHUNK_BGN_FUNC_FAIL 7.21.0 CURL_CHUNK_BGN_FUNC_OK 7.21.0 CURL_CHUNK_BGN_FUNC_SKIP 7.21.0 CURL_CHUNK_END_FUNC_FAIL 7.21.0 CURL_CHUNK_END_FUNC_OK 7.21.0 CURL_CSELECT_ERR 7.16.3 CURL_CSELECT_IN 7.16.3 CURL_CSELECT_OUT 7.16.3 CURL_DID_MEMORY_FUNC_TYPEDEFS 7.49.0 CURL_EASY_NONE 7.14.0 - 7.15.4 CURL_EASY_TIMEOUT 7.14.0 - 7.15.4 CURL_ERROR_SIZE 7.1 CURL_FNMATCHFUNC_FAIL 7.21.0 CURL_FNMATCHFUNC_MATCH 7.21.0 CURL_FNMATCHFUNC_NOMATCH 7.21.0 CURL_FORMADD_DISABLED 7.12.1 CURL_FORMADD_ILLEGAL_ARRAY 7.9.8 CURL_FORMADD_INCOMPLETE 7.9.8 CURL_FORMADD_MEMORY 7.9.8 CURL_FORMADD_NULL 7.9.8 CURL_FORMADD_OK 7.9.8 CURL_FORMADD_OPTION_TWICE 7.9.8 CURL_FORMADD_UNKNOWN_OPTION 7.9.8 CURL_GLOBAL_ACK_EINTR 7.30.0 CURL_GLOBAL_ALL 7.8 CURL_GLOBAL_DEFAULT 7.8 CURL_GLOBAL_NOTHING 7.8 CURL_GLOBAL_SSL 7.8 CURL_GLOBAL_WIN32 7.8.1 CURL_HTTPPOST_BUFFER 7.46.0 CURL_HTTPPOST_CALLBACK 7.46.0 CURL_HTTPPOST_FILENAME 7.46.0 CURL_HTTPPOST_LARGE 7.46.0 CURL_HTTPPOST_PTRBUFFER 7.46.0 CURL_HTTPPOST_PTRCONTENTS 7.46.0 CURL_HTTPPOST_PTRNAME 7.46.0 CURL_HTTPPOST_READFILE 7.46.0 CURL_HTTP_VERSION_1_0 7.9.1 CURL_HTTP_VERSION_1_1 7.9.1 CURL_HTTP_VERSION_2 7.43.0 CURL_HTTP_VERSION_2_0 7.33.0 CURL_HTTP_VERSION_2TLS 7.47.0 CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE 7.49.0 CURL_HTTP_VERSION_NONE 7.9.1 CURL_IPRESOLVE_V4 7.10.8 CURL_IPRESOLVE_V6 7.10.8 CURL_IPRESOLVE_WHATEVER 7.10.8 CURL_LOCK_ACCESS_NONE 7.10.3 CURL_LOCK_ACCESS_SHARED 7.10.3 CURL_LOCK_ACCESS_SINGLE 7.10.3 CURL_LOCK_DATA_CONNECT 7.10.3 CURL_LOCK_DATA_COOKIE 7.10.3 CURL_LOCK_DATA_DNS 7.10.3 CURL_LOCK_DATA_NONE 7.10.3 CURL_LOCK_DATA_SHARE 7.10.4 CURL_LOCK_DATA_SSL_SESSION 7.10.3 CURL_LOCK_TYPE_CONNECT 7.10 - 7.10.2 CURL_LOCK_TYPE_COOKIE 7.10 - 7.10.2 CURL_LOCK_TYPE_DNS 7.10 - 7.10.2 CURL_LOCK_TYPE_NONE 7.10 - 7.10.2 CURL_LOCK_TYPE_SSL_SESSION 7.10 - 7.10.2 CURL_MAX_HTTP_HEADER 7.19.7 CURL_MAX_READ_SIZE 7.53.0 CURL_MAX_WRITE_SIZE 7.9.7 CURL_NETRC_IGNORED 7.9.8 CURL_NETRC_OPTIONAL 7.9.8 CURL_NETRC_REQUIRED 7.9.8 CURL_POLL_IN 7.14.0 CURL_POLL_INOUT 7.14.0 CURL_POLL_NONE 7.14.0 CURL_POLL_OUT 7.14.0 CURL_POLL_REMOVE 7.14.0 CURL_PROGRESS_BAR 7.1.1 - 7.4.1 CURL_PROGRESS_STATS 7.1.1 - 7.4.1 CURL_PUSH_DENY 7.44.0 CURL_PUSH_OK 7.44.0 CURL_READFUNC_ABORT 7.12.1 CURL_READFUNC_PAUSE 7.18.0 CURL_REDIR_GET_ALL 7.19.1 CURL_REDIR_POST_301 7.19.1 CURL_REDIR_POST_302 7.19.1 CURL_REDIR_POST_303 7.25.1 CURL_REDIR_POST_ALL 7.19.1 CURL_RTSPREQ_ANNOUNCE 7.20.0 CURL_RTSPREQ_DESCRIBE 7.20.0 CURL_RTSPREQ_GET_PARAMETER 7.20.0 CURL_RTSPREQ_NONE 7.20.0 CURL_RTSPREQ_OPTIONS 7.20.0 CURL_RTSPREQ_PAUSE 7.20.0 CURL_RTSPREQ_PLAY 7.20.0 CURL_RTSPREQ_RECEIVE 7.20.0 CURL_RTSPREQ_RECORD 7.20.0 CURL_RTSPREQ_SETUP 7.20.0 CURL_RTSPREQ_SET_PARAMETER 7.20.0 CURL_RTSPREQ_TEARDOWN 7.20.0 CURL_SEEKFUNC_CANTSEEK 7.19.5 CURL_SEEKFUNC_FAIL 7.19.5 CURL_SEEKFUNC_OK 7.19.5 CURL_SOCKET_BAD 7.14.0 CURL_SOCKET_TIMEOUT 7.14.0 CURL_SOCKOPT_ALREADY_CONNECTED 7.21.5 CURL_SOCKOPT_ERROR 7.21.5 CURL_SOCKOPT_OK 7.21.5 CURL_STRICTER 7.50.2 CURL_SSLVERSION_DEFAULT 7.9.2 CURL_SSLVERSION_SSLv2 7.9.2 CURL_SSLVERSION_SSLv3 7.9.2 CURL_SSLVERSION_TLSv1 7.9.2 CURL_SSLVERSION_TLSv1_0 7.34.0 CURL_SSLVERSION_TLSv1_1 7.34.0 CURL_SSLVERSION_TLSv1_2 7.34.0 CURL_SSLVERSION_TLSv1_3 7.52.0 CURL_TIMECOND_IFMODSINCE 7.9.7 CURL_TIMECOND_IFUNMODSINCE 7.9.7 CURL_TIMECOND_LASTMOD 7.9.7 CURL_TIMECOND_NONE 7.9.7 CURL_TLSAUTH_NONE 7.21.4 CURL_TLSAUTH_SRP 7.21.4 CURL_VERSION_ASYNCHDNS 7.10.7 CURL_VERSION_CONV 7.15.4 CURL_VERSION_CURLDEBUG 7.19.6 CURL_VERSION_DEBUG 7.10.6 CURL_VERSION_GSSAPI 7.38.0 CURL_VERSION_GSSNEGOTIATE 7.10.6 7.38.0 CURL_VERSION_HTTP2 7.33.0 CURL_VERSION_HTTPS_PROXY 7.52.0 CURL_VERSION_IDN 7.12.0 CURL_VERSION_IPV6 7.10 CURL_VERSION_KERBEROS4 7.10 7.33.0 CURL_VERSION_KERBEROS5 7.40.0 CURL_VERSION_LARGEFILE 7.11.1 CURL_VERSION_LIBZ 7.10 CURL_VERSION_NTLM 7.10.6 CURL_VERSION_NTLM_WB 7.22.0 CURL_VERSION_PSL 7.47.0 CURL_VERSION_SPNEGO 7.10.8 CURL_VERSION_SSL 7.10 CURL_VERSION_SSPI 7.13.2 CURL_VERSION_TLSAUTH_SRP 7.21.4 CURL_VERSION_UNIX_SOCKETS 7.40.0 CURL_WAIT_POLLIN 7.28.0 CURL_WAIT_POLLOUT 7.28.0 CURL_WAIT_POLLPRI 7.28.0 CURL_WRITEFUNC_PAUSE 7.18.0 |
Added scriptlibs/softwareupdate/curl/include/curl/curl.h.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679 1680 1681 1682 1683 1684 1685 1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 1704 1705 1706 1707 1708 1709 1710 1711 1712 1713 1714 1715 1716 1717 1718 1719 1720 1721 1722 1723 1724 1725 1726 1727 1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 1747 1748 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 1796 1797 1798 1799 1800 1801 1802 1803 1804 1805 1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 1816 1817 1818 1819 1820 1821 1822 1823 1824 1825 1826 1827 1828 1829 1830 1831 1832 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850 1851 1852 1853 1854 1855 1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868 1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 1893 1894 1895 1896 1897 1898 1899 1900 1901 1902 1903 1904 1905 1906 1907 1908 1909 1910 1911 1912 1913 1914 1915 1916 1917 1918 1919 1920 1921 1922 1923 1924 1925 1926 1927 1928 1929 1930 1931 1932 1933 1934 1935 1936 1937 1938 1939 1940 1941 1942 1943 1944 1945 1946 1947 1948 1949 1950 1951 1952 1953 1954 1955 1956 1957 1958 1959 1960 1961 1962 1963 1964 1965 1966 1967 1968 1969 1970 1971 1972 1973 1974 1975 1976 1977 1978 1979 1980 1981 1982 1983 1984 1985 1986 1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025 2026 2027 2028 2029 2030 2031 2032 2033 2034 2035 2036 2037 2038 2039 2040 2041 2042 2043 2044 2045 2046 2047 2048 2049 2050 2051 2052 2053 2054 2055 2056 2057 2058 2059 2060 2061 2062 2063 2064 2065 2066 2067 2068 2069 2070 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 2086 2087 2088 2089 2090 2091 2092 2093 2094 2095 2096 2097 2098 2099 2100 2101 2102 2103 2104 2105 2106 2107 2108 2109 2110 2111 2112 2113 2114 2115 2116 2117 2118 2119 2120 2121 2122 2123 2124 2125 2126 2127 2128 2129 2130 2131 2132 2133 2134 2135 2136 2137 2138 2139 2140 2141 2142 2143 2144 2145 2146 2147 2148 2149 2150 2151 2152 2153 2154 2155 2156 2157 2158 2159 2160 2161 2162 2163 2164 2165 2166 2167 2168 2169 2170 2171 2172 2173 2174 2175 2176 2177 2178 2179 2180 2181 2182 2183 2184 2185 2186 2187 2188 2189 2190 2191 2192 2193 2194 2195 2196 2197 2198 2199 2200 2201 2202 2203 2204 2205 2206 2207 2208 2209 2210 2211 2212 2213 2214 2215 2216 2217 2218 2219 2220 2221 2222 2223 2224 2225 2226 2227 2228 2229 2230 2231 2232 2233 2234 2235 2236 2237 2238 2239 2240 2241 2242 2243 2244 2245 2246 2247 2248 2249 2250 2251 2252 2253 2254 2255 2256 2257 2258 2259 2260 2261 2262 2263 2264 2265 2266 2267 2268 2269 2270 2271 2272 2273 2274 2275 2276 2277 2278 2279 2280 2281 2282 2283 2284 2285 2286 2287 2288 2289 2290 2291 2292 2293 2294 2295 2296 2297 2298 2299 2300 2301 2302 2303 2304 2305 2306 2307 2308 2309 2310 2311 2312 2313 2314 2315 2316 2317 2318 2319 2320 2321 2322 2323 2324 2325 2326 2327 2328 2329 2330 2331 2332 2333 2334 2335 2336 2337 2338 2339 2340 2341 2342 2343 2344 2345 2346 2347 2348 2349 2350 2351 2352 2353 2354 2355 2356 2357 2358 2359 2360 2361 2362 2363 2364 2365 2366 2367 2368 2369 2370 2371 2372 2373 2374 2375 2376 2377 2378 2379 2380 2381 2382 2383 2384 2385 2386 2387 2388 2389 2390 2391 2392 2393 2394 2395 2396 2397 2398 2399 2400 2401 2402 2403 2404 2405 2406 2407 2408 2409 2410 2411 2412 2413 2414 2415 2416 2417 2418 2419 2420 2421 2422 2423 2424 2425 2426 2427 2428 2429 2430 2431 2432 2433 2434 2435 2436 2437 2438 2439 2440 2441 2442 2443 2444 2445 2446 2447 2448 2449 2450 2451 2452 2453 2454 2455 2456 2457 2458 2459 2460 2461 2462 2463 2464 2465 2466 2467 2468 2469 2470 2471 2472 2473 2474 2475 2476 2477 2478 2479 2480 2481 2482 2483 2484 2485 2486 2487 2488 2489 2490 2491 2492 2493 2494 2495 2496 2497 2498 2499 2500 2501 2502 2503 2504 2505 2506 2507 2508 2509 2510 2511 2512 2513 2514 2515 2516 2517 2518 2519 2520 2521 2522 2523 2524 2525 2526 2527 2528 2529 2530 2531 2532 2533 2534 2535 2536 | #ifndef __CURL_CURL_H #define __CURL_CURL_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at https://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * ***************************************************************************/ /* * If you have libcurl problems, all docs and details are found here: * https://curl.haxx.se/libcurl/ * * curl-library mailing list subscription and unsubscription web interface: * https://cool.haxx.se/mailman/listinfo/curl-library/ */ #ifdef CURL_NO_OLDIES #define CURL_STRICTER #endif #include "curlver.h" /* libcurl version defines */ #include "curlbuild.h" /* libcurl build definitions */ #include "curlrules.h" /* libcurl rules enforcement */ /* * Define WIN32 when build target is Win32 API */ #if (defined(_WIN32) || defined(__WIN32__)) && \ !defined(WIN32) && !defined(__SYMBIAN32__) #define WIN32 #endif #include <stdio.h> #include <limits.h> #if defined(__FreeBSD__) && (__FreeBSD__ >= 2) /* Needed for __FreeBSD_version symbol definition */ #include <osreldate.h> #endif /* The include stuff here below is mainly for time_t! */ #include <sys/types.h> #include <time.h> #if defined(WIN32) && !defined(_WIN32_WCE) && !defined(__CYGWIN__) #if !(defined(_WINSOCKAPI_) || defined(_WINSOCK_H) || \ defined(__LWIP_OPT_H__) || defined(LWIP_HDR_OPT_H)) /* The check above prevents the winsock2 inclusion if winsock.h already was included, since they can't co-exist without problems */ #include <winsock2.h> #include <ws2tcpip.h> #endif #endif /* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish libc5-based Linux systems. Only include it on systems that are known to require it! */ #if defined(_AIX) || defined(__NOVELL_LIBC__) || defined(__NetBSD__) || \ defined(__minix) || defined(__SYMBIAN32__) || defined(__INTEGRITY) || \ defined(ANDROID) || defined(__ANDROID__) || defined(__OpenBSD__) || \ (defined(__FreeBSD_version) && (__FreeBSD_version < 800000)) #include <sys/select.h> #endif #if !defined(WIN32) && !defined(_WIN32_WCE) #include <sys/socket.h> #endif #if !defined(WIN32) && !defined(__WATCOMC__) && !defined(__VXWORKS__) #include <sys/time.h> #endif #ifdef __BEOS__ #include <support/SupportDefs.h> #endif #ifdef __cplusplus extern "C" { #endif #if defined(BUILDING_LIBCURL) || defined(CURL_STRICTER) typedef struct Curl_easy CURL; typedef struct Curl_share CURLSH; #else typedef void CURL; typedef void CURLSH; #endif /* * libcurl external API function linkage decorations. */ #ifdef CURL_STATICLIB # define CURL_EXTERN #elif defined(WIN32) || defined(_WIN32) || defined(__SYMBIAN32__) # if defined(BUILDING_LIBCURL) # define CURL_EXTERN __declspec(dllexport) # else # define CURL_EXTERN __declspec(dllimport) # endif #elif defined(BUILDING_LIBCURL) && defined(CURL_HIDDEN_SYMBOLS) # define CURL_EXTERN CURL_EXTERN_SYMBOL #else # define CURL_EXTERN #endif #ifndef curl_socket_typedef /* socket typedef */ #if defined(WIN32) && !defined(__LWIP_OPT_H__) && !defined(LWIP_HDR_OPT_H) typedef SOCKET curl_socket_t; #define CURL_SOCKET_BAD INVALID_SOCKET #else typedef int curl_socket_t; #define CURL_SOCKET_BAD -1 #endif #define curl_socket_typedef #endif /* curl_socket_typedef */ struct curl_httppost { struct curl_httppost *next; /* next entry in the list */ char *name; /* pointer to allocated name */ long namelength; /* length of name length */ char *contents; /* pointer to allocated data contents */ long contentslength; /* length of contents field, see also CURL_HTTPPOST_LARGE */ char *buffer; /* pointer to allocated buffer contents */ long bufferlength; /* length of buffer field */ char *contenttype; /* Content-Type */ struct curl_slist *contentheader; /* list of extra headers for this form */ struct curl_httppost *more; /* if one field name has more than one file, this link should link to following files */ long flags; /* as defined below */ /* specified content is a file name */ #define CURL_HTTPPOST_FILENAME (1<<0) /* specified content is a file name */ #define CURL_HTTPPOST_READFILE (1<<1) /* name is only stored pointer do not free in formfree */ #define CURL_HTTPPOST_PTRNAME (1<<2) /* contents is only stored pointer do not free in formfree */ #define CURL_HTTPPOST_PTRCONTENTS (1<<3) /* upload file from buffer */ #define CURL_HTTPPOST_BUFFER (1<<4) /* upload file from pointer contents */ #define CURL_HTTPPOST_PTRBUFFER (1<<5) /* upload file contents by using the regular read callback to get the data and pass the given pointer as custom pointer */ #define CURL_HTTPPOST_CALLBACK (1<<6) /* use size in 'contentlen', added in 7.46.0 */ #define CURL_HTTPPOST_LARGE (1<<7) char *showfilename; /* The file name to show. If not set, the actual file name will be used (if this is a file part) */ void *userp; /* custom pointer used for HTTPPOST_CALLBACK posts */ curl_off_t contentlen; /* alternative length of contents field. Used if CURL_HTTPPOST_LARGE is set. Added in 7.46.0 */ }; /* This is the CURLOPT_PROGRESSFUNCTION callback proto. It is now considered deprecated but was the only choice up until 7.31.0 */ typedef int (*curl_progress_callback)(void *clientp, double dltotal, double dlnow, double ultotal, double ulnow); /* This is the CURLOPT_XFERINFOFUNCTION callback proto. It was introduced in 7.32.0, it avoids floating point and provides more detailed information. */ typedef int (*curl_xferinfo_callback)(void *clientp, curl_off_t dltotal, curl_off_t dlnow, curl_off_t ultotal, curl_off_t ulnow); #ifndef CURL_MAX_READ_SIZE /* The maximum receive buffer size configurable via CURLOPT_BUFFERSIZE. */ #define CURL_MAX_READ_SIZE 524288 #endif #ifndef CURL_MAX_WRITE_SIZE /* Tests have proven that 20K is a very bad buffer size for uploads on Windows, while 16K for some odd reason performed a lot better. We do the ifndef check to allow this value to easier be changed at build time for those who feel adventurous. The practical minimum is about 400 bytes since libcurl uses a buffer of this size as a scratch area (unrelated to network send operations). */ #define CURL_MAX_WRITE_SIZE 16384 #endif #ifndef CURL_MAX_HTTP_HEADER /* The only reason to have a max limit for this is to avoid the risk of a bad server feeding libcurl with a never-ending header that will cause reallocs infinitely */ #define CURL_MAX_HTTP_HEADER (100*1024) #endif /* This is a magic return code for the write callback that, when returned, will signal libcurl to pause receiving on the current transfer. */ #define CURL_WRITEFUNC_PAUSE 0x10000001 typedef size_t (*curl_write_callback)(char *buffer, size_t size, size_t nitems, void *outstream); /* enumeration of file types */ typedef enum { CURLFILETYPE_FILE = 0, CURLFILETYPE_DIRECTORY, CURLFILETYPE_SYMLINK, CURLFILETYPE_DEVICE_BLOCK, CURLFILETYPE_DEVICE_CHAR, CURLFILETYPE_NAMEDPIPE, CURLFILETYPE_SOCKET, CURLFILETYPE_DOOR, /* is possible only on Sun Solaris now */ CURLFILETYPE_UNKNOWN /* should never occur */ } curlfiletype; #define CURLFINFOFLAG_KNOWN_FILENAME (1<<0) #define CURLFINFOFLAG_KNOWN_FILETYPE (1<<1) #define CURLFINFOFLAG_KNOWN_TIME (1<<2) #define CURLFINFOFLAG_KNOWN_PERM (1<<3) #define CURLFINFOFLAG_KNOWN_UID (1<<4) #define CURLFINFOFLAG_KNOWN_GID (1<<5) #define CURLFINFOFLAG_KNOWN_SIZE (1<<6) #define CURLFINFOFLAG_KNOWN_HLINKCOUNT (1<<7) /* Content of this structure depends on information which is known and is achievable (e.g. by FTP LIST parsing). Please see the url_easy_setopt(3) man page for callbacks returning this structure -- some fields are mandatory, some others are optional. The FLAG field has special meaning. */ struct curl_fileinfo { char *filename; curlfiletype filetype; time_t time; unsigned int perm; int uid; int gid; curl_off_t size; long int hardlinks; struct { /* If some of these fields is not NULL, it is a pointer to b_data. */ char *time; char *perm; char *user; char *group; char *target; /* pointer to the target filename of a symlink */ } strings; unsigned int flags; /* used internally */ char *b_data; size_t b_size; size_t b_used; }; /* return codes for CURLOPT_CHUNK_BGN_FUNCTION */ #define CURL_CHUNK_BGN_FUNC_OK 0 #define CURL_CHUNK_BGN_FUNC_FAIL 1 /* tell the lib to end the task */ #define CURL_CHUNK_BGN_FUNC_SKIP 2 /* skip this chunk over */ /* if splitting of data transfer is enabled, this callback is called before download of an individual chunk started. Note that parameter "remains" works only for FTP wildcard downloading (for now), otherwise is not used */ typedef long (*curl_chunk_bgn_callback)(const void *transfer_info, void *ptr, int remains); /* return codes for CURLOPT_CHUNK_END_FUNCTION */ #define CURL_CHUNK_END_FUNC_OK 0 #define CURL_CHUNK_END_FUNC_FAIL 1 /* tell the lib to end the task */ /* If splitting of data transfer is enabled this callback is called after download of an individual chunk finished. Note! After this callback was set then it have to be called FOR ALL chunks. Even if downloading of this chunk was skipped in CHUNK_BGN_FUNC. This is the reason why we don't need "transfer_info" parameter in this callback and we are not interested in "remains" parameter too. */ typedef long (*curl_chunk_end_callback)(void *ptr); /* return codes for FNMATCHFUNCTION */ #define CURL_FNMATCHFUNC_MATCH 0 /* string corresponds to the pattern */ #define CURL_FNMATCHFUNC_NOMATCH 1 /* pattern doesn't match the string */ #define CURL_FNMATCHFUNC_FAIL 2 /* an error occurred */ /* callback type for wildcard downloading pattern matching. If the string matches the pattern, return CURL_FNMATCHFUNC_MATCH value, etc. */ typedef int (*curl_fnmatch_callback)(void *ptr, const char *pattern, const char *string); /* These are the return codes for the seek callbacks */ #define CURL_SEEKFUNC_OK 0 #define CURL_SEEKFUNC_FAIL 1 /* fail the entire transfer */ #define CURL_SEEKFUNC_CANTSEEK 2 /* tell libcurl seeking can't be done, so libcurl might try other means instead */ typedef int (*curl_seek_callback)(void *instream, curl_off_t offset, int origin); /* 'whence' */ /* This is a return code for the read callback that, when returned, will signal libcurl to immediately abort the current transfer. */ #define CURL_READFUNC_ABORT 0x10000000 /* This is a return code for the read callback that, when returned, will signal libcurl to pause sending data on the current transfer. */ #define CURL_READFUNC_PAUSE 0x10000001 typedef size_t (*curl_read_callback)(char *buffer, size_t size, size_t nitems, void *instream); typedef enum { CURLSOCKTYPE_IPCXN, /* socket created for a specific IP connection */ CURLSOCKTYPE_ACCEPT, /* socket created by accept() call */ CURLSOCKTYPE_LAST /* never use */ } curlsocktype; /* The return code from the sockopt_callback can signal information back to libcurl: */ #define CURL_SOCKOPT_OK 0 #define CURL_SOCKOPT_ERROR 1 /* causes libcurl to abort and return CURLE_ABORTED_BY_CALLBACK */ #define CURL_SOCKOPT_ALREADY_CONNECTED 2 typedef int (*curl_sockopt_callback)(void *clientp, curl_socket_t curlfd, curlsocktype purpose); struct curl_sockaddr { int family; int socktype; int protocol; unsigned int addrlen; /* addrlen was a socklen_t type before 7.18.0 but it turned really ugly and painful on the systems that lack this type */ struct sockaddr addr; }; typedef curl_socket_t (*curl_opensocket_callback)(void *clientp, curlsocktype purpose, struct curl_sockaddr *address); typedef int (*curl_closesocket_callback)(void *clientp, curl_socket_t item); typedef enum { CURLIOE_OK, /* I/O operation successful */ CURLIOE_UNKNOWNCMD, /* command was unknown to callback */ CURLIOE_FAILRESTART, /* failed to restart the read */ CURLIOE_LAST /* never use */ } curlioerr; typedef enum { CURLIOCMD_NOP, /* no operation */ CURLIOCMD_RESTARTREAD, /* restart the read stream from start */ CURLIOCMD_LAST /* never use */ } curliocmd; typedef curlioerr (*curl_ioctl_callback)(CURL *handle, int cmd, void *clientp); #ifndef CURL_DID_MEMORY_FUNC_TYPEDEFS /* * The following typedef's are signatures of malloc, free, realloc, strdup and * calloc respectively. Function pointers of these types can be passed to the * curl_global_init_mem() function to set user defined memory management * callback routines. */ typedef void *(*curl_malloc_callback)(size_t size); typedef void (*curl_free_callback)(void *ptr); typedef void *(*curl_realloc_callback)(void *ptr, size_t size); typedef char *(*curl_strdup_callback)(const char *str); typedef void *(*curl_calloc_callback)(size_t nmemb, size_t size); #define CURL_DID_MEMORY_FUNC_TYPEDEFS #endif /* the kind of data that is passed to information_callback*/ typedef enum { CURLINFO_TEXT = 0, CURLINFO_HEADER_IN, /* 1 */ CURLINFO_HEADER_OUT, /* 2 */ CURLINFO_DATA_IN, /* 3 */ CURLINFO_DATA_OUT, /* 4 */ CURLINFO_SSL_DATA_IN, /* 5 */ CURLINFO_SSL_DATA_OUT, /* 6 */ CURLINFO_END } curl_infotype; typedef int (*curl_debug_callback) (CURL *handle, /* the handle/transfer this concerns */ curl_infotype type, /* what kind of data */ char *data, /* points to the data */ size_t size, /* size of the data pointed to */ void *userptr); /* whatever the user please */ /* All possible error codes from all sorts of curl functions. Future versions may return other values, stay prepared. Always add new return codes last. Never *EVER* remove any. The return codes must remain the same! */ typedef enum { CURLE_OK = 0, CURLE_UNSUPPORTED_PROTOCOL, /* 1 */ CURLE_FAILED_INIT, /* 2 */ CURLE_URL_MALFORMAT, /* 3 */ CURLE_NOT_BUILT_IN, /* 4 - [was obsoleted in August 2007 for 7.17.0, reused in April 2011 for 7.21.5] */ CURLE_COULDNT_RESOLVE_PROXY, /* 5 */ CURLE_COULDNT_RESOLVE_HOST, /* 6 */ CURLE_COULDNT_CONNECT, /* 7 */ CURLE_WEIRD_SERVER_REPLY, /* 8 */ CURLE_REMOTE_ACCESS_DENIED, /* 9 a service was denied by the server due to lack of access - when login fails this is not returned. */ CURLE_FTP_ACCEPT_FAILED, /* 10 - [was obsoleted in April 2006 for 7.15.4, reused in Dec 2011 for 7.24.0]*/ CURLE_FTP_WEIRD_PASS_REPLY, /* 11 */ CURLE_FTP_ACCEPT_TIMEOUT, /* 12 - timeout occurred accepting server [was obsoleted in August 2007 for 7.17.0, reused in Dec 2011 for 7.24.0]*/ CURLE_FTP_WEIRD_PASV_REPLY, /* 13 */ CURLE_FTP_WEIRD_227_FORMAT, /* 14 */ CURLE_FTP_CANT_GET_HOST, /* 15 */ CURLE_HTTP2, /* 16 - A problem in the http2 framing layer. [was obsoleted in August 2007 for 7.17.0, reused in July 2014 for 7.38.0] */ CURLE_FTP_COULDNT_SET_TYPE, /* 17 */ CURLE_PARTIAL_FILE, /* 18 */ CURLE_FTP_COULDNT_RETR_FILE, /* 19 */ CURLE_OBSOLETE20, /* 20 - NOT USED */ CURLE_QUOTE_ERROR, /* 21 - quote command failure */ CURLE_HTTP_RETURNED_ERROR, /* 22 */ CURLE_WRITE_ERROR, /* 23 */ CURLE_OBSOLETE24, /* 24 - NOT USED */ CURLE_UPLOAD_FAILED, /* 25 - failed upload "command" */ CURLE_READ_ERROR, /* 26 - couldn't open/read from file */ CURLE_OUT_OF_MEMORY, /* 27 */ /* Note: CURLE_OUT_OF_MEMORY may sometimes indicate a conversion error instead of a memory allocation error if CURL_DOES_CONVERSIONS is defined */ CURLE_OPERATION_TIMEDOUT, /* 28 - the timeout time was reached */ CURLE_OBSOLETE29, /* 29 - NOT USED */ CURLE_FTP_PORT_FAILED, /* 30 - FTP PORT operation failed */ CURLE_FTP_COULDNT_USE_REST, /* 31 - the REST command failed */ CURLE_OBSOLETE32, /* 32 - NOT USED */ CURLE_RANGE_ERROR, /* 33 - RANGE "command" didn't work */ CURLE_HTTP_POST_ERROR, /* 34 */ CURLE_SSL_CONNECT_ERROR, /* 35 - wrong when connecting with SSL */ CURLE_BAD_DOWNLOAD_RESUME, /* 36 - couldn't resume download */ CURLE_FILE_COULDNT_READ_FILE, /* 37 */ CURLE_LDAP_CANNOT_BIND, /* 38 */ CURLE_LDAP_SEARCH_FAILED, /* 39 */ CURLE_OBSOLETE40, /* 40 - NOT USED */ CURLE_FUNCTION_NOT_FOUND, /* 41 - NOT USED starting with 7.53.0 */ CURLE_ABORTED_BY_CALLBACK, /* 42 */ CURLE_BAD_FUNCTION_ARGUMENT, /* 43 */ CURLE_OBSOLETE44, /* 44 - NOT USED */ CURLE_INTERFACE_FAILED, /* 45 - CURLOPT_INTERFACE failed */ CURLE_OBSOLETE46, /* 46 - NOT USED */ CURLE_TOO_MANY_REDIRECTS, /* 47 - catch endless re-direct loops */ CURLE_UNKNOWN_OPTION, /* 48 - User specified an unknown option */ CURLE_TELNET_OPTION_SYNTAX, /* 49 - Malformed telnet option */ CURLE_OBSOLETE50, /* 50 - NOT USED */ CURLE_PEER_FAILED_VERIFICATION, /* 51 - peer's certificate or fingerprint wasn't verified fine */ CURLE_GOT_NOTHING, /* 52 - when this is a specific error */ CURLE_SSL_ENGINE_NOTFOUND, /* 53 - SSL crypto engine not found */ CURLE_SSL_ENGINE_SETFAILED, /* 54 - can not set SSL crypto engine as default */ CURLE_SEND_ERROR, /* 55 - failed sending network data */ CURLE_RECV_ERROR, /* 56 - failure in receiving network data */ CURLE_OBSOLETE57, /* 57 - NOT IN USE */ CURLE_SSL_CERTPROBLEM, /* 58 - problem with the local certificate */ CURLE_SSL_CIPHER, /* 59 - couldn't use specified cipher */ CURLE_SSL_CACERT, /* 60 - problem with the CA cert (path?) */ CURLE_BAD_CONTENT_ENCODING, /* 61 - Unrecognized/bad encoding */ CURLE_LDAP_INVALID_URL, /* 62 - Invalid LDAP URL */ CURLE_FILESIZE_EXCEEDED, /* 63 - Maximum file size exceeded */ CURLE_USE_SSL_FAILED, /* 64 - Requested FTP SSL level failed */ CURLE_SEND_FAIL_REWIND, /* 65 - Sending the data requires a rewind that failed */ CURLE_SSL_ENGINE_INITFAILED, /* 66 - failed to initialise ENGINE */ CURLE_LOGIN_DENIED, /* 67 - user, password or similar was not accepted and we failed to login */ CURLE_TFTP_NOTFOUND, /* 68 - file not found on server */ CURLE_TFTP_PERM, /* 69 - permission problem on server */ CURLE_REMOTE_DISK_FULL, /* 70 - out of disk space on server */ CURLE_TFTP_ILLEGAL, /* 71 - Illegal TFTP operation */ CURLE_TFTP_UNKNOWNID, /* 72 - Unknown transfer ID */ CURLE_REMOTE_FILE_EXISTS, /* 73 - File already exists */ CURLE_TFTP_NOSUCHUSER, /* 74 - No such user */ CURLE_CONV_FAILED, /* 75 - conversion failed */ CURLE_CONV_REQD, /* 76 - caller must register conversion callbacks using curl_easy_setopt options CURLOPT_CONV_FROM_NETWORK_FUNCTION, CURLOPT_CONV_TO_NETWORK_FUNCTION, and CURLOPT_CONV_FROM_UTF8_FUNCTION */ CURLE_SSL_CACERT_BADFILE, /* 77 - could not load CACERT file, missing or wrong format */ CURLE_REMOTE_FILE_NOT_FOUND, /* 78 - remote file not found */ CURLE_SSH, /* 79 - error from the SSH layer, somewhat generic so the error message will be of interest when this has happened */ CURLE_SSL_SHUTDOWN_FAILED, /* 80 - Failed to shut down the SSL connection */ CURLE_AGAIN, /* 81 - socket is not ready for send/recv, wait till it's ready and try again (Added in 7.18.2) */ CURLE_SSL_CRL_BADFILE, /* 82 - could not load CRL file, missing or wrong format (Added in 7.19.0) */ CURLE_SSL_ISSUER_ERROR, /* 83 - Issuer check failed. (Added in 7.19.0) */ CURLE_FTP_PRET_FAILED, /* 84 - a PRET command failed */ CURLE_RTSP_CSEQ_ERROR, /* 85 - mismatch of RTSP CSeq numbers */ CURLE_RTSP_SESSION_ERROR, /* 86 - mismatch of RTSP Session Ids */ CURLE_FTP_BAD_FILE_LIST, /* 87 - unable to parse FTP file list */ CURLE_CHUNK_FAILED, /* 88 - chunk callback reported error */ CURLE_NO_CONNECTION_AVAILABLE, /* 89 - No connection available, the session will be queued */ CURLE_SSL_PINNEDPUBKEYNOTMATCH, /* 90 - specified pinned public key did not match */ CURLE_SSL_INVALIDCERTSTATUS, /* 91 - invalid certificate status */ CURLE_HTTP2_STREAM, /* 92 - stream error in HTTP/2 framing layer */ CURL_LAST /* never use! */ } CURLcode; #ifndef CURL_NO_OLDIES /* define this to test if your app builds with all the obsolete stuff removed! */ /* Previously obsolete error code re-used in 7.38.0 */ #define CURLE_OBSOLETE16 CURLE_HTTP2 /* Previously obsolete error codes re-used in 7.24.0 */ #define CURLE_OBSOLETE10 CURLE_FTP_ACCEPT_FAILED #define CURLE_OBSOLETE12 CURLE_FTP_ACCEPT_TIMEOUT /* compatibility with older names */ #define CURLOPT_ENCODING CURLOPT_ACCEPT_ENCODING #define CURLE_FTP_WEIRD_SERVER_REPLY CURLE_WEIRD_SERVER_REPLY /* The following were added in 7.21.5, April 2011 */ #define CURLE_UNKNOWN_TELNET_OPTION CURLE_UNKNOWN_OPTION /* The following were added in 7.17.1 */ /* These are scheduled to disappear by 2009 */ #define CURLE_SSL_PEER_CERTIFICATE CURLE_PEER_FAILED_VERIFICATION /* The following were added in 7.17.0 */ /* These are scheduled to disappear by 2009 */ #define CURLE_OBSOLETE CURLE_OBSOLETE50 /* no one should be using this! */ #define CURLE_BAD_PASSWORD_ENTERED CURLE_OBSOLETE46 #define CURLE_BAD_CALLING_ORDER CURLE_OBSOLETE44 #define CURLE_FTP_USER_PASSWORD_INCORRECT CURLE_OBSOLETE10 #define CURLE_FTP_CANT_RECONNECT CURLE_OBSOLETE16 #define CURLE_FTP_COULDNT_GET_SIZE CURLE_OBSOLETE32 #define CURLE_FTP_COULDNT_SET_ASCII CURLE_OBSOLETE29 #define CURLE_FTP_WEIRD_USER_REPLY CURLE_OBSOLETE12 #define CURLE_FTP_WRITE_ERROR CURLE_OBSOLETE20 #define CURLE_LIBRARY_NOT_FOUND CURLE_OBSOLETE40 #define CURLE_MALFORMAT_USER CURLE_OBSOLETE24 #define CURLE_SHARE_IN_USE CURLE_OBSOLETE57 #define CURLE_URL_MALFORMAT_USER CURLE_NOT_BUILT_IN #define CURLE_FTP_ACCESS_DENIED CURLE_REMOTE_ACCESS_DENIED #define CURLE_FTP_COULDNT_SET_BINARY CURLE_FTP_COULDNT_SET_TYPE #define CURLE_FTP_QUOTE_ERROR CURLE_QUOTE_ERROR #define CURLE_TFTP_DISKFULL CURLE_REMOTE_DISK_FULL #define CURLE_TFTP_EXISTS CURLE_REMOTE_FILE_EXISTS #define CURLE_HTTP_RANGE_ERROR CURLE_RANGE_ERROR #define CURLE_FTP_SSL_FAILED CURLE_USE_SSL_FAILED /* The following were added earlier */ #define CURLE_OPERATION_TIMEOUTED CURLE_OPERATION_TIMEDOUT #define CURLE_HTTP_NOT_FOUND CURLE_HTTP_RETURNED_ERROR #define CURLE_HTTP_PORT_FAILED CURLE_INTERFACE_FAILED #define CURLE_FTP_COULDNT_STOR_FILE CURLE_UPLOAD_FAILED #define CURLE_FTP_PARTIAL_FILE CURLE_PARTIAL_FILE #define CURLE_FTP_BAD_DOWNLOAD_RESUME CURLE_BAD_DOWNLOAD_RESUME /* This was the error code 50 in 7.7.3 and a few earlier versions, this is no longer used by libcurl but is instead #defined here only to not make programs break */ #define CURLE_ALREADY_COMPLETE 99999 /* Provide defines for really old option names */ #define CURLOPT_FILE CURLOPT_WRITEDATA /* name changed in 7.9.7 */ #define CURLOPT_INFILE CURLOPT_READDATA /* name changed in 7.9.7 */ #define CURLOPT_WRITEHEADER CURLOPT_HEADERDATA /* Since long deprecated options with no code in the lib that does anything with them. */ #define CURLOPT_WRITEINFO CURLOPT_OBSOLETE40 #define CURLOPT_CLOSEPOLICY CURLOPT_OBSOLETE72 #endif /*!CURL_NO_OLDIES*/ /* This prototype applies to all conversion callbacks */ typedef CURLcode (*curl_conv_callback)(char *buffer, size_t length); typedef CURLcode (*curl_ssl_ctx_callback)(CURL *curl, /* easy handle */ void *ssl_ctx, /* actually an OpenSSL SSL_CTX */ void *userptr); typedef enum { CURLPROXY_HTTP = 0, /* added in 7.10, new in 7.19.4 default is to use CONNECT HTTP/1.1 */ CURLPROXY_HTTP_1_0 = 1, /* added in 7.19.4, force to use CONNECT HTTP/1.0 */ CURLPROXY_HTTPS = 2, /* added in 7.52.0 */ CURLPROXY_SOCKS4 = 4, /* support added in 7.15.2, enum existed already in 7.10 */ CURLPROXY_SOCKS5 = 5, /* added in 7.10 */ CURLPROXY_SOCKS4A = 6, /* added in 7.18.0 */ CURLPROXY_SOCKS5_HOSTNAME = 7 /* Use the SOCKS5 protocol but pass along the host name rather than the IP address. added in 7.18.0 */ } curl_proxytype; /* this enum was added in 7.10 */ /* * Bitmasks for CURLOPT_HTTPAUTH and CURLOPT_PROXYAUTH options: * * CURLAUTH_NONE - No HTTP authentication * CURLAUTH_BASIC - HTTP Basic authentication (default) * CURLAUTH_DIGEST - HTTP Digest authentication * CURLAUTH_NEGOTIATE - HTTP Negotiate (SPNEGO) authentication * CURLAUTH_GSSNEGOTIATE - Alias for CURLAUTH_NEGOTIATE (deprecated) * CURLAUTH_NTLM - HTTP NTLM authentication * CURLAUTH_DIGEST_IE - HTTP Digest authentication with IE flavour * CURLAUTH_NTLM_WB - HTTP NTLM authentication delegated to winbind helper * CURLAUTH_ONLY - Use together with a single other type to force no * authentication or just that single type * CURLAUTH_ANY - All fine types set * CURLAUTH_ANYSAFE - All fine types except Basic */ #define CURLAUTH_NONE ((unsigned long)0) #define CURLAUTH_BASIC (((unsigned long)1)<<0) #define CURLAUTH_DIGEST (((unsigned long)1)<<1) #define CURLAUTH_NEGOTIATE (((unsigned long)1)<<2) /* Deprecated since the advent of CURLAUTH_NEGOTIATE */ #define CURLAUTH_GSSNEGOTIATE CURLAUTH_NEGOTIATE #define CURLAUTH_NTLM (((unsigned long)1)<<3) #define CURLAUTH_DIGEST_IE (((unsigned long)1)<<4) #define CURLAUTH_NTLM_WB (((unsigned long)1)<<5) #define CURLAUTH_ONLY (((unsigned long)1)<<31) #define CURLAUTH_ANY (~CURLAUTH_DIGEST_IE) #define CURLAUTH_ANYSAFE (~(CURLAUTH_BASIC|CURLAUTH_DIGEST_IE)) #define CURLSSH_AUTH_ANY ~0 /* all types supported by the server */ #define CURLSSH_AUTH_NONE 0 /* none allowed, silly but complete */ #define CURLSSH_AUTH_PUBLICKEY (1<<0) /* public/private key files */ #define CURLSSH_AUTH_PASSWORD (1<<1) /* password */ #define CURLSSH_AUTH_HOST (1<<2) /* host key files */ #define CURLSSH_AUTH_KEYBOARD (1<<3) /* keyboard interactive */ #define CURLSSH_AUTH_AGENT (1<<4) /* agent (ssh-agent, pageant...) */ #define CURLSSH_AUTH_DEFAULT CURLSSH_AUTH_ANY #define CURLGSSAPI_DELEGATION_NONE 0 /* no delegation (default) */ #define CURLGSSAPI_DELEGATION_POLICY_FLAG (1<<0) /* if permitted by policy */ #define CURLGSSAPI_DELEGATION_FLAG (1<<1) /* delegate always */ #define CURL_ERROR_SIZE 256 enum curl_khtype { CURLKHTYPE_UNKNOWN, CURLKHTYPE_RSA1, CURLKHTYPE_RSA, CURLKHTYPE_DSS }; struct curl_khkey { const char *key; /* points to a zero-terminated string encoded with base64 if len is zero, otherwise to the "raw" data */ size_t len; enum curl_khtype keytype; }; /* this is the set of return values expected from the curl_sshkeycallback callback */ enum curl_khstat { CURLKHSTAT_FINE_ADD_TO_FILE, CURLKHSTAT_FINE, CURLKHSTAT_REJECT, /* reject the connection, return an error */ CURLKHSTAT_DEFER, /* do not accept it, but we can't answer right now so this causes a CURLE_DEFER error but otherwise the connection will be left intact etc */ CURLKHSTAT_LAST /* not for use, only a marker for last-in-list */ }; /* this is the set of status codes pass in to the callback */ enum curl_khmatch { CURLKHMATCH_OK, /* match */ CURLKHMATCH_MISMATCH, /* host found, key mismatch! */ CURLKHMATCH_MISSING, /* no matching host/key found */ CURLKHMATCH_LAST /* not for use, only a marker for last-in-list */ }; typedef int (*curl_sshkeycallback) (CURL *easy, /* easy handle */ const struct curl_khkey *knownkey, /* known */ const struct curl_khkey *foundkey, /* found */ enum curl_khmatch, /* libcurl's view on the keys */ void *clientp); /* custom pointer passed from app */ /* parameter for the CURLOPT_USE_SSL option */ typedef enum { CURLUSESSL_NONE, /* do not attempt to use SSL */ CURLUSESSL_TRY, /* try using SSL, proceed anyway otherwise */ CURLUSESSL_CONTROL, /* SSL for the control connection or fail */ CURLUSESSL_ALL, /* SSL for all communication or fail */ CURLUSESSL_LAST /* not an option, never use */ } curl_usessl; /* Definition of bits for the CURLOPT_SSL_OPTIONS argument: */ /* - ALLOW_BEAST tells libcurl to allow the BEAST SSL vulnerability in the name of improving interoperability with older servers. Some SSL libraries have introduced work-arounds for this flaw but those work-arounds sometimes make the SSL communication fail. To regain functionality with those broken servers, a user can this way allow the vulnerability back. */ #define CURLSSLOPT_ALLOW_BEAST (1<<0) /* - NO_REVOKE tells libcurl to disable certificate revocation checks for those SSL backends where such behavior is present. */ #define CURLSSLOPT_NO_REVOKE (1<<1) #ifndef CURL_NO_OLDIES /* define this to test if your app builds with all the obsolete stuff removed! */ /* Backwards compatibility with older names */ /* These are scheduled to disappear by 2009 */ #define CURLFTPSSL_NONE CURLUSESSL_NONE #define CURLFTPSSL_TRY CURLUSESSL_TRY #define CURLFTPSSL_CONTROL CURLUSESSL_CONTROL #define CURLFTPSSL_ALL CURLUSESSL_ALL #define CURLFTPSSL_LAST CURLUSESSL_LAST #define curl_ftpssl curl_usessl #endif /*!CURL_NO_OLDIES*/ /* parameter for the CURLOPT_FTP_SSL_CCC option */ typedef enum { CURLFTPSSL_CCC_NONE, /* do not send CCC */ CURLFTPSSL_CCC_PASSIVE, /* Let the server initiate the shutdown */ CURLFTPSSL_CCC_ACTIVE, /* Initiate the shutdown */ CURLFTPSSL_CCC_LAST /* not an option, never use */ } curl_ftpccc; /* parameter for the CURLOPT_FTPSSLAUTH option */ typedef enum { CURLFTPAUTH_DEFAULT, /* let libcurl decide */ CURLFTPAUTH_SSL, /* use "AUTH SSL" */ CURLFTPAUTH_TLS, /* use "AUTH TLS" */ CURLFTPAUTH_LAST /* not an option, never use */ } curl_ftpauth; /* parameter for the CURLOPT_FTP_CREATE_MISSING_DIRS option */ typedef enum { CURLFTP_CREATE_DIR_NONE, /* do NOT create missing dirs! */ CURLFTP_CREATE_DIR, /* (FTP/SFTP) if CWD fails, try MKD and then CWD again if MKD succeeded, for SFTP this does similar magic */ CURLFTP_CREATE_DIR_RETRY, /* (FTP only) if CWD fails, try MKD and then CWD again even if MKD failed! */ CURLFTP_CREATE_DIR_LAST /* not an option, never use */ } curl_ftpcreatedir; /* parameter for the CURLOPT_FTP_FILEMETHOD option */ typedef enum { CURLFTPMETHOD_DEFAULT, /* let libcurl pick */ CURLFTPMETHOD_MULTICWD, /* single CWD operation for each path part */ CURLFTPMETHOD_NOCWD, /* no CWD at all */ CURLFTPMETHOD_SINGLECWD, /* one CWD to full dir, then work on file */ CURLFTPMETHOD_LAST /* not an option, never use */ } curl_ftpmethod; /* bitmask defines for CURLOPT_HEADEROPT */ #define CURLHEADER_UNIFIED 0 #define CURLHEADER_SEPARATE (1<<0) /* CURLPROTO_ defines are for the CURLOPT_*PROTOCOLS options */ #define CURLPROTO_HTTP (1<<0) #define CURLPROTO_HTTPS (1<<1) #define CURLPROTO_FTP (1<<2) #define CURLPROTO_FTPS (1<<3) #define CURLPROTO_SCP (1<<4) #define CURLPROTO_SFTP (1<<5) #define CURLPROTO_TELNET (1<<6) #define CURLPROTO_LDAP (1<<7) #define CURLPROTO_LDAPS (1<<8) #define CURLPROTO_DICT (1<<9) #define CURLPROTO_FILE (1<<10) #define CURLPROTO_TFTP (1<<11) #define CURLPROTO_IMAP (1<<12) #define CURLPROTO_IMAPS (1<<13) #define CURLPROTO_POP3 (1<<14) #define CURLPROTO_POP3S (1<<15) #define CURLPROTO_SMTP (1<<16) #define CURLPROTO_SMTPS (1<<17) #define CURLPROTO_RTSP (1<<18) #define CURLPROTO_RTMP (1<<19) #define CURLPROTO_RTMPT (1<<20) #define CURLPROTO_RTMPE (1<<21) #define CURLPROTO_RTMPTE (1<<22) #define CURLPROTO_RTMPS (1<<23) #define CURLPROTO_RTMPTS (1<<24) #define CURLPROTO_GOPHER (1<<25) #define CURLPROTO_SMB (1<<26) #define CURLPROTO_SMBS (1<<27) #define CURLPROTO_ALL (~0) /* enable everything */ /* long may be 32 or 64 bits, but we should never depend on anything else but 32 */ #define CURLOPTTYPE_LONG 0 #define CURLOPTTYPE_OBJECTPOINT 10000 #define CURLOPTTYPE_STRINGPOINT 10000 #define CURLOPTTYPE_FUNCTIONPOINT 20000 #define CURLOPTTYPE_OFF_T 30000 /* *STRINGPOINT is an alias for OBJECTPOINT to allow tools to extract the string options from the header file */ /* name is uppercase CURLOPT_<name>, type is one of the defined CURLOPTTYPE_<type> number is unique identifier */ #ifdef CINIT #undef CINIT #endif #ifdef CURL_ISOCPP #define CINIT(na,t,nu) CURLOPT_ ## na = CURLOPTTYPE_ ## t + nu #else /* The macro "##" is ISO C, we assume pre-ISO C doesn't support it. */ #define LONG CURLOPTTYPE_LONG #define OBJECTPOINT CURLOPTTYPE_OBJECTPOINT #define STRINGPOINT CURLOPTTYPE_OBJECTPOINT #define FUNCTIONPOINT CURLOPTTYPE_FUNCTIONPOINT #define OFF_T CURLOPTTYPE_OFF_T #define CINIT(name,type,number) CURLOPT_/**/name = type + number #endif /* * This macro-mania below setups the CURLOPT_[what] enum, to be used with * curl_easy_setopt(). The first argument in the CINIT() macro is the [what] * word. */ typedef enum { /* This is the FILE * or void * the regular output should be written to. */ CINIT(WRITEDATA, OBJECTPOINT, 1), /* The full URL to get/put */ CINIT(URL, STRINGPOINT, 2), /* Port number to connect to, if other than default. */ CINIT(PORT, LONG, 3), /* Name of proxy to use. */ CINIT(PROXY, STRINGPOINT, 4), /* "user:password;options" to use when fetching. */ CINIT(USERPWD, STRINGPOINT, 5), /* "user:password" to use with proxy. */ CINIT(PROXYUSERPWD, STRINGPOINT, 6), /* Range to get, specified as an ASCII string. */ CINIT(RANGE, STRINGPOINT, 7), /* not used */ /* Specified file stream to upload from (use as input): */ CINIT(READDATA, OBJECTPOINT, 9), /* Buffer to receive error messages in, must be at least CURL_ERROR_SIZE * bytes big. If this is not used, error messages go to stderr instead: */ CINIT(ERRORBUFFER, OBJECTPOINT, 10), /* Function that will be called to store the output (instead of fwrite). The * parameters will use fwrite() syntax, make sure to follow them. */ CINIT(WRITEFUNCTION, FUNCTIONPOINT, 11), /* Function that will be called to read the input (instead of fread). The * parameters will use fread() syntax, make sure to follow them. */ CINIT(READFUNCTION, FUNCTIONPOINT, 12), /* Time-out the read operation after this amount of seconds */ CINIT(TIMEOUT, LONG, 13), /* If the CURLOPT_INFILE is used, this can be used to inform libcurl about * how large the file being sent really is. That allows better error * checking and better verifies that the upload was successful. -1 means * unknown size. * * For large file support, there is also a _LARGE version of the key * which takes an off_t type, allowing platforms with larger off_t * sizes to handle larger files. See below for INFILESIZE_LARGE. */ CINIT(INFILESIZE, LONG, 14), /* POST static input fields. */ CINIT(POSTFIELDS, OBJECTPOINT, 15), /* Set the referrer page (needed by some CGIs) */ CINIT(REFERER, STRINGPOINT, 16), /* Set the FTP PORT string (interface name, named or numerical IP address) Use i.e '-' to use default address. */ CINIT(FTPPORT, STRINGPOINT, 17), /* Set the User-Agent string (examined by some CGIs) */ CINIT(USERAGENT, STRINGPOINT, 18), /* If the download receives less than "low speed limit" bytes/second * during "low speed time" seconds, the operations is aborted. * You could i.e if you have a pretty high speed connection, abort if * it is less than 2000 bytes/sec during 20 seconds. */ /* Set the "low speed limit" */ CINIT(LOW_SPEED_LIMIT, LONG, 19), /* Set the "low speed time" */ CINIT(LOW_SPEED_TIME, LONG, 20), /* Set the continuation offset. * * Note there is also a _LARGE version of this key which uses * off_t types, allowing for large file offsets on platforms which * use larger-than-32-bit off_t's. Look below for RESUME_FROM_LARGE. */ CINIT(RESUME_FROM, LONG, 21), /* Set cookie in request: */ CINIT(COOKIE, STRINGPOINT, 22), /* This points to a linked list of headers, struct curl_slist kind. This list is also used for RTSP (in spite of its name) */ CINIT(HTTPHEADER, OBJECTPOINT, 23), /* This points to a linked list of post entries, struct curl_httppost */ CINIT(HTTPPOST, OBJECTPOINT, 24), /* name of the file keeping your private SSL-certificate */ CINIT(SSLCERT, STRINGPOINT, 25), /* password for the SSL or SSH private key */ CINIT(KEYPASSWD, STRINGPOINT, 26), /* send TYPE parameter? */ CINIT(CRLF, LONG, 27), /* send linked-list of QUOTE commands */ CINIT(QUOTE, OBJECTPOINT, 28), /* send FILE * or void * to store headers to, if you use a callback it is simply passed to the callback unmodified */ CINIT(HEADERDATA, OBJECTPOINT, 29), /* point to a file to read the initial cookies from, also enables "cookie awareness" */ CINIT(COOKIEFILE, STRINGPOINT, 31), /* What version to specifically try to use. See CURL_SSLVERSION defines below. */ CINIT(SSLVERSION, LONG, 32), /* What kind of HTTP time condition to use, see defines */ CINIT(TIMECONDITION, LONG, 33), /* Time to use with the above condition. Specified in number of seconds since 1 Jan 1970 */ CINIT(TIMEVALUE, LONG, 34), /* 35 = OBSOLETE */ /* Custom request, for customizing the get command like HTTP: DELETE, TRACE and others FTP: to use a different list command */ CINIT(CUSTOMREQUEST, STRINGPOINT, 36), /* FILE handle to use instead of stderr */ CINIT(STDERR, OBJECTPOINT, 37), /* 38 is not used */ /* send linked-list of post-transfer QUOTE commands */ CINIT(POSTQUOTE, OBJECTPOINT, 39), CINIT(OBSOLETE40, OBJECTPOINT, 40), /* OBSOLETE, do not use! */ CINIT(VERBOSE, LONG, 41), /* talk a lot */ CINIT(HEADER, LONG, 42), /* throw the header out too */ CINIT(NOPROGRESS, LONG, 43), /* shut off the progress meter */ CINIT(NOBODY, LONG, 44), /* use HEAD to get http document */ CINIT(FAILONERROR, LONG, 45), /* no output on http error codes >= 400 */ CINIT(UPLOAD, LONG, 46), /* this is an upload */ CINIT(POST, LONG, 47), /* HTTP POST method */ CINIT(DIRLISTONLY, LONG, 48), /* bare names when listing directories */ CINIT(APPEND, LONG, 50), /* Append instead of overwrite on upload! */ /* Specify whether to read the user+password from the .netrc or the URL. * This must be one of the CURL_NETRC_* enums below. */ CINIT(NETRC, LONG, 51), CINIT(FOLLOWLOCATION, LONG, 52), /* use Location: Luke! */ CINIT(TRANSFERTEXT, LONG, 53), /* transfer data in text/ASCII format */ CINIT(PUT, LONG, 54), /* HTTP PUT */ /* 55 = OBSOLETE */ /* DEPRECATED * Function that will be called instead of the internal progress display * function. This function should be defined as the curl_progress_callback * prototype defines. */ CINIT(PROGRESSFUNCTION, FUNCTIONPOINT, 56), /* Data passed to the CURLOPT_PROGRESSFUNCTION and CURLOPT_XFERINFOFUNCTION callbacks */ CINIT(PROGRESSDATA, OBJECTPOINT, 57), #define CURLOPT_XFERINFODATA CURLOPT_PROGRESSDATA /* We want the referrer field set automatically when following locations */ CINIT(AUTOREFERER, LONG, 58), /* Port of the proxy, can be set in the proxy string as well with: "[host]:[port]" */ CINIT(PROXYPORT, LONG, 59), /* size of the POST input data, if strlen() is not good to use */ CINIT(POSTFIELDSIZE, LONG, 60), /* tunnel non-http operations through a HTTP proxy */ CINIT(HTTPPROXYTUNNEL, LONG, 61), /* Set the interface string to use as outgoing network interface */ CINIT(INTERFACE, STRINGPOINT, 62), /* Set the krb4/5 security level, this also enables krb4/5 awareness. This * is a string, 'clear', 'safe', 'confidential' or 'private'. If the string * is set but doesn't match one of these, 'private' will be used. */ CINIT(KRBLEVEL, STRINGPOINT, 63), /* Set if we should verify the peer in ssl handshake, set 1 to verify. */ CINIT(SSL_VERIFYPEER, LONG, 64), /* The CApath or CAfile used to validate the peer certificate this option is used only if SSL_VERIFYPEER is true */ CINIT(CAINFO, STRINGPOINT, 65), /* 66 = OBSOLETE */ /* 67 = OBSOLETE */ /* Maximum number of http redirects to follow */ CINIT(MAXREDIRS, LONG, 68), /* Pass a long set to 1 to get the date of the requested document (if possible)! Pass a zero to shut it off. */ CINIT(FILETIME, LONG, 69), /* This points to a linked list of telnet options */ CINIT(TELNETOPTIONS, OBJECTPOINT, 70), /* Max amount of cached alive connections */ CINIT(MAXCONNECTS, LONG, 71), CINIT(OBSOLETE72, LONG, 72), /* OBSOLETE, do not use! */ /* 73 = OBSOLETE */ /* Set to explicitly use a new connection for the upcoming transfer. Do not use this unless you're absolutely sure of this, as it makes the operation slower and is less friendly for the network. */ CINIT(FRESH_CONNECT, LONG, 74), /* Set to explicitly forbid the upcoming transfer's connection to be re-used when done. Do not use this unless you're absolutely sure of this, as it makes the operation slower and is less friendly for the network. */ CINIT(FORBID_REUSE, LONG, 75), /* Set to a file name that contains random data for libcurl to use to seed the random engine when doing SSL connects. */ CINIT(RANDOM_FILE, STRINGPOINT, 76), /* Set to the Entropy Gathering Daemon socket pathname */ CINIT(EGDSOCKET, STRINGPOINT, 77), /* Time-out connect operations after this amount of seconds, if connects are OK within this time, then fine... This only aborts the connect phase. */ CINIT(CONNECTTIMEOUT, LONG, 78), /* Function that will be called to store headers (instead of fwrite). The * parameters will use fwrite() syntax, make sure to follow them. */ CINIT(HEADERFUNCTION, FUNCTIONPOINT, 79), /* Set this to force the HTTP request to get back to GET. Only really usable if POST, PUT or a custom request have been used first. */ CINIT(HTTPGET, LONG, 80), /* Set if we should verify the Common name from the peer certificate in ssl * handshake, set 1 to check existence, 2 to ensure that it matches the * provided hostname. */ CINIT(SSL_VERIFYHOST, LONG, 81), /* Specify which file name to write all known cookies in after completed operation. Set file name to "-" (dash) to make it go to stdout. */ CINIT(COOKIEJAR, STRINGPOINT, 82), /* Specify which SSL ciphers to use */ CINIT(SSL_CIPHER_LIST, STRINGPOINT, 83), /* Specify which HTTP version to use! This must be set to one of the CURL_HTTP_VERSION* enums set below. */ CINIT(HTTP_VERSION, LONG, 84), /* Specifically switch on or off the FTP engine's use of the EPSV command. By default, that one will always be attempted before the more traditional PASV command. */ CINIT(FTP_USE_EPSV, LONG, 85), /* type of the file keeping your SSL-certificate ("DER", "PEM", "ENG") */ CINIT(SSLCERTTYPE, STRINGPOINT, 86), /* name of the file keeping your private SSL-key */ CINIT(SSLKEY, STRINGPOINT, 87), /* type of the file keeping your private SSL-key ("DER", "PEM", "ENG") */ CINIT(SSLKEYTYPE, STRINGPOINT, 88), /* crypto engine for the SSL-sub system */ CINIT(SSLENGINE, STRINGPOINT, 89), /* set the crypto engine for the SSL-sub system as default the param has no meaning... */ CINIT(SSLENGINE_DEFAULT, LONG, 90), /* Non-zero value means to use the global dns cache */ CINIT(DNS_USE_GLOBAL_CACHE, LONG, 91), /* DEPRECATED, do not use! */ /* DNS cache timeout */ CINIT(DNS_CACHE_TIMEOUT, LONG, 92), /* send linked-list of pre-transfer QUOTE commands */ CINIT(PREQUOTE, OBJECTPOINT, 93), /* set the debug function */ CINIT(DEBUGFUNCTION, FUNCTIONPOINT, 94), /* set the data for the debug function */ CINIT(DEBUGDATA, OBJECTPOINT, 95), /* mark this as start of a cookie session */ CINIT(COOKIESESSION, LONG, 96), /* The CApath directory used to validate the peer certificate this option is used only if SSL_VERIFYPEER is true */ CINIT(CAPATH, STRINGPOINT, 97), /* Instruct libcurl to use a smaller receive buffer */ CINIT(BUFFERSIZE, LONG, 98), /* Instruct libcurl to not use any signal/alarm handlers, even when using timeouts. This option is useful for multi-threaded applications. See libcurl-the-guide for more background information. */ CINIT(NOSIGNAL, LONG, 99), /* Provide a CURLShare for mutexing non-ts data */ CINIT(SHARE, OBJECTPOINT, 100), /* indicates type of proxy. accepted values are CURLPROXY_HTTP (default), CURLPROXY_HTTPS, CURLPROXY_SOCKS4, CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5. */ CINIT(PROXYTYPE, LONG, 101), /* Set the Accept-Encoding string. Use this to tell a server you would like the response to be compressed. Before 7.21.6, this was known as CURLOPT_ENCODING */ CINIT(ACCEPT_ENCODING, STRINGPOINT, 102), /* Set pointer to private data */ CINIT(PRIVATE, OBJECTPOINT, 103), /* Set aliases for HTTP 200 in the HTTP Response header */ CINIT(HTTP200ALIASES, OBJECTPOINT, 104), /* Continue to send authentication (user+password) when following locations, even when hostname changed. This can potentially send off the name and password to whatever host the server decides. */ CINIT(UNRESTRICTED_AUTH, LONG, 105), /* Specifically switch on or off the FTP engine's use of the EPRT command ( it also disables the LPRT attempt). By default, those ones will always be attempted before the good old traditional PORT command. */ CINIT(FTP_USE_EPRT, LONG, 106), /* Set this to a bitmask value to enable the particular authentications methods you like. Use this in combination with CURLOPT_USERPWD. Note that setting multiple bits may cause extra network round-trips. */ CINIT(HTTPAUTH, LONG, 107), /* Set the ssl context callback function, currently only for OpenSSL ssl_ctx in second argument. The function must be matching the curl_ssl_ctx_callback proto. */ CINIT(SSL_CTX_FUNCTION, FUNCTIONPOINT, 108), /* Set the userdata for the ssl context callback function's third argument */ CINIT(SSL_CTX_DATA, OBJECTPOINT, 109), /* FTP Option that causes missing dirs to be created on the remote server. In 7.19.4 we introduced the convenience enums for this option using the CURLFTP_CREATE_DIR prefix. */ CINIT(FTP_CREATE_MISSING_DIRS, LONG, 110), /* Set this to a bitmask value to enable the particular authentications methods you like. Use this in combination with CURLOPT_PROXYUSERPWD. Note that setting multiple bits may cause extra network round-trips. */ CINIT(PROXYAUTH, LONG, 111), /* FTP option that changes the timeout, in seconds, associated with getting a response. This is different from transfer timeout time and essentially places a demand on the FTP server to acknowledge commands in a timely manner. */ CINIT(FTP_RESPONSE_TIMEOUT, LONG, 112), #define CURLOPT_SERVER_RESPONSE_TIMEOUT CURLOPT_FTP_RESPONSE_TIMEOUT /* Set this option to one of the CURL_IPRESOLVE_* defines (see below) to tell libcurl to resolve names to those IP versions only. This only has affect on systems with support for more than one, i.e IPv4 _and_ IPv6. */ CINIT(IPRESOLVE, LONG, 113), /* Set this option to limit the size of a file that will be downloaded from an HTTP or FTP server. Note there is also _LARGE version which adds large file support for platforms which have larger off_t sizes. See MAXFILESIZE_LARGE below. */ CINIT(MAXFILESIZE, LONG, 114), /* See the comment for INFILESIZE above, but in short, specifies * the size of the file being uploaded. -1 means unknown. */ CINIT(INFILESIZE_LARGE, OFF_T, 115), /* Sets the continuation offset. There is also a LONG version of this; * look above for RESUME_FROM. */ CINIT(RESUME_FROM_LARGE, OFF_T, 116), /* Sets the maximum size of data that will be downloaded from * an HTTP or FTP server. See MAXFILESIZE above for the LONG version. */ CINIT(MAXFILESIZE_LARGE, OFF_T, 117), /* Set this option to the file name of your .netrc file you want libcurl to parse (using the CURLOPT_NETRC option). If not set, libcurl will do a poor attempt to find the user's home directory and check for a .netrc file in there. */ CINIT(NETRC_FILE, STRINGPOINT, 118), /* Enable SSL/TLS for FTP, pick one of: CURLUSESSL_TRY - try using SSL, proceed anyway otherwise CURLUSESSL_CONTROL - SSL for the control connection or fail CURLUSESSL_ALL - SSL for all communication or fail */ CINIT(USE_SSL, LONG, 119), /* The _LARGE version of the standard POSTFIELDSIZE option */ CINIT(POSTFIELDSIZE_LARGE, OFF_T, 120), /* Enable/disable the TCP Nagle algorithm */ CINIT(TCP_NODELAY, LONG, 121), /* 122 OBSOLETE, used in 7.12.3. Gone in 7.13.0 */ /* 123 OBSOLETE. Gone in 7.16.0 */ /* 124 OBSOLETE, used in 7.12.3. Gone in 7.13.0 */ /* 125 OBSOLETE, used in 7.12.3. Gone in 7.13.0 */ /* 126 OBSOLETE, used in 7.12.3. Gone in 7.13.0 */ /* 127 OBSOLETE. Gone in 7.16.0 */ /* 128 OBSOLETE. Gone in 7.16.0 */ /* When FTP over SSL/TLS is selected (with CURLOPT_USE_SSL), this option can be used to change libcurl's default action which is to first try "AUTH SSL" and then "AUTH TLS" in this order, and proceed when a OK response has been received. Available parameters are: CURLFTPAUTH_DEFAULT - let libcurl decide CURLFTPAUTH_SSL - try "AUTH SSL" first, then TLS CURLFTPAUTH_TLS - try "AUTH TLS" first, then SSL */ CINIT(FTPSSLAUTH, LONG, 129), CINIT(IOCTLFUNCTION, FUNCTIONPOINT, 130), CINIT(IOCTLDATA, OBJECTPOINT, 131), /* 132 OBSOLETE. Gone in 7.16.0 */ /* 133 OBSOLETE. Gone in 7.16.0 */ /* zero terminated string for pass on to the FTP server when asked for "account" info */ CINIT(FTP_ACCOUNT, STRINGPOINT, 134), /* feed cookie into cookie engine */ CINIT(COOKIELIST, STRINGPOINT, 135), /* ignore Content-Length */ CINIT(IGNORE_CONTENT_LENGTH, LONG, 136), /* Set to non-zero to skip the IP address received in a 227 PASV FTP server response. Typically used for FTP-SSL purposes but is not restricted to that. libcurl will then instead use the same IP address it used for the control connection. */ CINIT(FTP_SKIP_PASV_IP, LONG, 137), /* Select "file method" to use when doing FTP, see the curl_ftpmethod above. */ CINIT(FTP_FILEMETHOD, LONG, 138), /* Local port number to bind the socket to */ CINIT(LOCALPORT, LONG, 139), /* Number of ports to try, including the first one set with LOCALPORT. Thus, setting it to 1 will make no additional attempts but the first. */ CINIT(LOCALPORTRANGE, LONG, 140), /* no transfer, set up connection and let application use the socket by extracting it with CURLINFO_LASTSOCKET */ CINIT(CONNECT_ONLY, LONG, 141), /* Function that will be called to convert from the network encoding (instead of using the iconv calls in libcurl) */ CINIT(CONV_FROM_NETWORK_FUNCTION, FUNCTIONPOINT, 142), /* Function that will be called to convert to the network encoding (instead of using the iconv calls in libcurl) */ CINIT(CONV_TO_NETWORK_FUNCTION, FUNCTIONPOINT, 143), /* Function that will be called to convert from UTF8 (instead of using the iconv calls in libcurl) Note that this is used only for SSL certificate processing */ CINIT(CONV_FROM_UTF8_FUNCTION, FUNCTIONPOINT, 144), /* if the connection proceeds too quickly then need to slow it down */ /* limit-rate: maximum number of bytes per second to send or receive */ CINIT(MAX_SEND_SPEED_LARGE, OFF_T, 145), CINIT(MAX_RECV_SPEED_LARGE, OFF_T, 146), /* Pointer to command string to send if USER/PASS fails. */ CINIT(FTP_ALTERNATIVE_TO_USER, STRINGPOINT, 147), /* callback function for setting socket options */ CINIT(SOCKOPTFUNCTION, FUNCTIONPOINT, 148), CINIT(SOCKOPTDATA, OBJECTPOINT, 149), /* set to 0 to disable session ID re-use for this transfer, default is enabled (== 1) */ CINIT(SSL_SESSIONID_CACHE, LONG, 150), /* allowed SSH authentication methods */ CINIT(SSH_AUTH_TYPES, LONG, 151), /* Used by scp/sftp to do public/private key authentication */ CINIT(SSH_PUBLIC_KEYFILE, STRINGPOINT, 152), CINIT(SSH_PRIVATE_KEYFILE, STRINGPOINT, 153), /* Send CCC (Clear Command Channel) after authentication */ CINIT(FTP_SSL_CCC, LONG, 154), /* Same as TIMEOUT and CONNECTTIMEOUT, but with ms resolution */ CINIT(TIMEOUT_MS, LONG, 155), CINIT(CONNECTTIMEOUT_MS, LONG, 156), /* set to zero to disable the libcurl's decoding and thus pass the raw body data to the application even when it is encoded/compressed */ CINIT(HTTP_TRANSFER_DECODING, LONG, 157), CINIT(HTTP_CONTENT_DECODING, LONG, 158), /* Permission used when creating new files and directories on the remote server for protocols that support it, SFTP/SCP/FILE */ CINIT(NEW_FILE_PERMS, LONG, 159), CINIT(NEW_DIRECTORY_PERMS, LONG, 160), /* Set the behaviour of POST when redirecting. Values must be set to one of CURL_REDIR* defines below. This used to be called CURLOPT_POST301 */ CINIT(POSTREDIR, LONG, 161), /* used by scp/sftp to verify the host's public key */ CINIT(SSH_HOST_PUBLIC_KEY_MD5, STRINGPOINT, 162), /* Callback function for opening socket (instead of socket(2)). Optionally, callback is able change the address or refuse to connect returning CURL_SOCKET_BAD. The callback should have type curl_opensocket_callback */ CINIT(OPENSOCKETFUNCTION, FUNCTIONPOINT, 163), CINIT(OPENSOCKETDATA, OBJECTPOINT, 164), /* POST volatile input fields. */ CINIT(COPYPOSTFIELDS, OBJECTPOINT, 165), /* set transfer mode (;type=<a|i>) when doing FTP via an HTTP proxy */ CINIT(PROXY_TRANSFER_MODE, LONG, 166), /* Callback function for seeking in the input stream */ CINIT(SEEKFUNCTION, FUNCTIONPOINT, 167), CINIT(SEEKDATA, OBJECTPOINT, 168), /* CRL file */ CINIT(CRLFILE, STRINGPOINT, 169), /* Issuer certificate */ CINIT(ISSUERCERT, STRINGPOINT, 170), /* (IPv6) Address scope */ CINIT(ADDRESS_SCOPE, LONG, 171), /* Collect certificate chain info and allow it to get retrievable with CURLINFO_CERTINFO after the transfer is complete. */ CINIT(CERTINFO, LONG, 172), /* "name" and "pwd" to use when fetching. */ CINIT(USERNAME, STRINGPOINT, 173), CINIT(PASSWORD, STRINGPOINT, 174), /* "name" and "pwd" to use with Proxy when fetching. */ CINIT(PROXYUSERNAME, STRINGPOINT, 175), CINIT(PROXYPASSWORD, STRINGPOINT, 176), /* Comma separated list of hostnames defining no-proxy zones. These should match both hostnames directly, and hostnames within a domain. For example, local.com will match local.com and www.local.com, but NOT notlocal.com or www.notlocal.com. For compatibility with other implementations of this, .local.com will be considered to be the same as local.com. A single * is the only valid wildcard, and effectively disables the use of proxy. */ CINIT(NOPROXY, STRINGPOINT, 177), /* block size for TFTP transfers */ CINIT(TFTP_BLKSIZE, LONG, 178), /* Socks Service */ CINIT(SOCKS5_GSSAPI_SERVICE, STRINGPOINT, 179), /* DEPRECATED, do not use! */ /* Socks Service */ CINIT(SOCKS5_GSSAPI_NEC, LONG, 180), /* set the bitmask for the protocols that are allowed to be used for the transfer, which thus helps the app which takes URLs from users or other external inputs and want to restrict what protocol(s) to deal with. Defaults to CURLPROTO_ALL. */ CINIT(PROTOCOLS, LONG, 181), /* set the bitmask for the protocols that libcurl is allowed to follow to, as a subset of the CURLOPT_PROTOCOLS ones. That means the protocol needs to be set in both bitmasks to be allowed to get redirected to. Defaults to all protocols except FILE and SCP. */ CINIT(REDIR_PROTOCOLS, LONG, 182), /* set the SSH knownhost file name to use */ CINIT(SSH_KNOWNHOSTS, STRINGPOINT, 183), /* set the SSH host key callback, must point to a curl_sshkeycallback function */ CINIT(SSH_KEYFUNCTION, FUNCTIONPOINT, 184), /* set the SSH host key callback custom pointer */ CINIT(SSH_KEYDATA, OBJECTPOINT, 185), /* set the SMTP mail originator */ CINIT(MAIL_FROM, STRINGPOINT, 186), /* set the list of SMTP mail receiver(s) */ CINIT(MAIL_RCPT, OBJECTPOINT, 187), /* FTP: send PRET before PASV */ CINIT(FTP_USE_PRET, LONG, 188), /* RTSP request method (OPTIONS, SETUP, PLAY, etc...) */ CINIT(RTSP_REQUEST, LONG, 189), /* The RTSP session identifier */ CINIT(RTSP_SESSION_ID, STRINGPOINT, 190), /* The RTSP stream URI */ CINIT(RTSP_STREAM_URI, STRINGPOINT, 191), /* The Transport: header to use in RTSP requests */ CINIT(RTSP_TRANSPORT, STRINGPOINT, 192), /* Manually initialize the client RTSP CSeq for this handle */ CINIT(RTSP_CLIENT_CSEQ, LONG, 193), /* Manually initialize the server RTSP CSeq for this handle */ CINIT(RTSP_SERVER_CSEQ, LONG, 194), /* The stream to pass to INTERLEAVEFUNCTION. */ CINIT(INTERLEAVEDATA, OBJECTPOINT, 195), /* Let the application define a custom write method for RTP data */ CINIT(INTERLEAVEFUNCTION, FUNCTIONPOINT, 196), /* Turn on wildcard matching */ CINIT(WILDCARDMATCH, LONG, 197), /* Directory matching callback called before downloading of an individual file (chunk) started */ CINIT(CHUNK_BGN_FUNCTION, FUNCTIONPOINT, 198), /* Directory matching callback called after the file (chunk) was downloaded, or skipped */ CINIT(CHUNK_END_FUNCTION, FUNCTIONPOINT, 199), /* Change match (fnmatch-like) callback for wildcard matching */ CINIT(FNMATCH_FUNCTION, FUNCTIONPOINT, 200), /* Let the application define custom chunk data pointer */ CINIT(CHUNK_DATA, OBJECTPOINT, 201), /* FNMATCH_FUNCTION user pointer */ CINIT(FNMATCH_DATA, OBJECTPOINT, 202), /* send linked-list of name:port:address sets */ CINIT(RESOLVE, OBJECTPOINT, 203), /* Set a username for authenticated TLS */ CINIT(TLSAUTH_USERNAME, STRINGPOINT, 204), /* Set a password for authenticated TLS */ CINIT(TLSAUTH_PASSWORD, STRINGPOINT, 205), /* Set authentication type for authenticated TLS */ CINIT(TLSAUTH_TYPE, STRINGPOINT, 206), /* Set to 1 to enable the "TE:" header in HTTP requests to ask for compressed transfer-encoded responses. Set to 0 to disable the use of TE: in outgoing requests. The current default is 0, but it might change in a future libcurl release. libcurl will ask for the compressed methods it knows of, and if that isn't any, it will not ask for transfer-encoding at all even if this option is set to 1. */ CINIT(TRANSFER_ENCODING, LONG, 207), /* Callback function for closing socket (instead of close(2)). The callback should have type curl_closesocket_callback */ CINIT(CLOSESOCKETFUNCTION, FUNCTIONPOINT, 208), CINIT(CLOSESOCKETDATA, OBJECTPOINT, 209), /* allow GSSAPI credential delegation */ CINIT(GSSAPI_DELEGATION, LONG, 210), /* Set the name servers to use for DNS resolution */ CINIT(DNS_SERVERS, STRINGPOINT, 211), /* Time-out accept operations (currently for FTP only) after this amount of miliseconds. */ CINIT(ACCEPTTIMEOUT_MS, LONG, 212), /* Set TCP keepalive */ CINIT(TCP_KEEPALIVE, LONG, 213), /* non-universal keepalive knobs (Linux, AIX, HP-UX, more) */ CINIT(TCP_KEEPIDLE, LONG, 214), CINIT(TCP_KEEPINTVL, LONG, 215), /* Enable/disable specific SSL features with a bitmask, see CURLSSLOPT_* */ CINIT(SSL_OPTIONS, LONG, 216), /* Set the SMTP auth originator */ CINIT(MAIL_AUTH, STRINGPOINT, 217), /* Enable/disable SASL initial response */ CINIT(SASL_IR, LONG, 218), /* Function that will be called instead of the internal progress display * function. This function should be defined as the curl_xferinfo_callback * prototype defines. (Deprecates CURLOPT_PROGRESSFUNCTION) */ CINIT(XFERINFOFUNCTION, FUNCTIONPOINT, 219), /* The XOAUTH2 bearer token */ CINIT(XOAUTH2_BEARER, STRINGPOINT, 220), /* Set the interface string to use as outgoing network * interface for DNS requests. * Only supported by the c-ares DNS backend */ CINIT(DNS_INTERFACE, STRINGPOINT, 221), /* Set the local IPv4 address to use for outgoing DNS requests. * Only supported by the c-ares DNS backend */ CINIT(DNS_LOCAL_IP4, STRINGPOINT, 222), /* Set the local IPv4 address to use for outgoing DNS requests. * Only supported by the c-ares DNS backend */ CINIT(DNS_LOCAL_IP6, STRINGPOINT, 223), /* Set authentication options directly */ CINIT(LOGIN_OPTIONS, STRINGPOINT, 224), /* Enable/disable TLS NPN extension (http2 over ssl might fail without) */ CINIT(SSL_ENABLE_NPN, LONG, 225), /* Enable/disable TLS ALPN extension (http2 over ssl might fail without) */ CINIT(SSL_ENABLE_ALPN, LONG, 226), /* Time to wait for a response to a HTTP request containing an * Expect: 100-continue header before sending the data anyway. */ CINIT(EXPECT_100_TIMEOUT_MS, LONG, 227), /* This points to a linked list of headers used for proxy requests only, struct curl_slist kind */ CINIT(PROXYHEADER, OBJECTPOINT, 228), /* Pass in a bitmask of "header options" */ CINIT(HEADEROPT, LONG, 229), /* The public key in DER form used to validate the peer public key this option is used only if SSL_VERIFYPEER is true */ CINIT(PINNEDPUBLICKEY, STRINGPOINT, 230), /* Path to Unix domain socket */ CINIT(UNIX_SOCKET_PATH, STRINGPOINT, 231), /* Set if we should verify the certificate status. */ CINIT(SSL_VERIFYSTATUS, LONG, 232), /* Set if we should enable TLS false start. */ CINIT(SSL_FALSESTART, LONG, 233), /* Do not squash dot-dot sequences */ CINIT(PATH_AS_IS, LONG, 234), /* Proxy Service Name */ CINIT(PROXY_SERVICE_NAME, STRINGPOINT, 235), /* Service Name */ CINIT(SERVICE_NAME, STRINGPOINT, 236), /* Wait/don't wait for pipe/mutex to clarify */ CINIT(PIPEWAIT, LONG, 237), /* Set the protocol used when curl is given a URL without a protocol */ CINIT(DEFAULT_PROTOCOL, STRINGPOINT, 238), /* Set stream weight, 1 - 256 (default is 16) */ CINIT(STREAM_WEIGHT, LONG, 239), /* Set stream dependency on another CURL handle */ CINIT(STREAM_DEPENDS, OBJECTPOINT, 240), /* Set E-xclusive stream dependency on another CURL handle */ CINIT(STREAM_DEPENDS_E, OBJECTPOINT, 241), /* Do not send any tftp option requests to the server */ CINIT(TFTP_NO_OPTIONS, LONG, 242), /* Linked-list of host:port:connect-to-host:connect-to-port, overrides the URL's host:port (only for the network layer) */ CINIT(CONNECT_TO, OBJECTPOINT, 243), /* Set TCP Fast Open */ CINIT(TCP_FASTOPEN, LONG, 244), /* Continue to send data if the server responds early with an * HTTP status code >= 300 */ CINIT(KEEP_SENDING_ON_ERROR, LONG, 245), /* The CApath or CAfile used to validate the proxy certificate this option is used only if PROXY_SSL_VERIFYPEER is true */ CINIT(PROXY_CAINFO, STRINGPOINT, 246), /* The CApath directory used to validate the proxy certificate this option is used only if PROXY_SSL_VERIFYPEER is true */ CINIT(PROXY_CAPATH, STRINGPOINT, 247), /* Set if we should verify the proxy in ssl handshake, set 1 to verify. */ CINIT(PROXY_SSL_VERIFYPEER, LONG, 248), /* Set if we should verify the Common name from the proxy certificate in ssl * handshake, set 1 to check existence, 2 to ensure that it matches * the provided hostname. */ CINIT(PROXY_SSL_VERIFYHOST, LONG, 249), /* What version to specifically try to use for proxy. See CURL_SSLVERSION defines below. */ CINIT(PROXY_SSLVERSION, LONG, 250), /* Set a username for authenticated TLS for proxy */ CINIT(PROXY_TLSAUTH_USERNAME, STRINGPOINT, 251), /* Set a password for authenticated TLS for proxy */ CINIT(PROXY_TLSAUTH_PASSWORD, STRINGPOINT, 252), /* Set authentication type for authenticated TLS for proxy */ CINIT(PROXY_TLSAUTH_TYPE, STRINGPOINT, 253), /* name of the file keeping your private SSL-certificate for proxy */ CINIT(PROXY_SSLCERT, STRINGPOINT, 254), /* type of the file keeping your SSL-certificate ("DER", "PEM", "ENG") for proxy */ CINIT(PROXY_SSLCERTTYPE, STRINGPOINT, 255), /* name of the file keeping your private SSL-key for proxy */ CINIT(PROXY_SSLKEY, STRINGPOINT, 256), /* type of the file keeping your private SSL-key ("DER", "PEM", "ENG") for proxy */ CINIT(PROXY_SSLKEYTYPE, STRINGPOINT, 257), /* password for the SSL private key for proxy */ CINIT(PROXY_KEYPASSWD, STRINGPOINT, 258), /* Specify which SSL ciphers to use for proxy */ CINIT(PROXY_SSL_CIPHER_LIST, STRINGPOINT, 259), /* CRL file for proxy */ CINIT(PROXY_CRLFILE, STRINGPOINT, 260), /* Enable/disable specific SSL features with a bitmask for proxy, see CURLSSLOPT_* */ CINIT(PROXY_SSL_OPTIONS, LONG, 261), /* Name of pre proxy to use. */ CINIT(PRE_PROXY, STRINGPOINT, 262), /* The public key in DER form used to validate the proxy public key this option is used only if PROXY_SSL_VERIFYPEER is true */ CINIT(PROXY_PINNEDPUBLICKEY, STRINGPOINT, 263), /* Path to an abstract Unix domain socket */ CINIT(ABSTRACT_UNIX_SOCKET, STRINGPOINT, 264), CURLOPT_LASTENTRY /* the last unused */ } CURLoption; #ifndef CURL_NO_OLDIES /* define this to test if your app builds with all the obsolete stuff removed! */ /* Backwards compatibility with older names */ /* These are scheduled to disappear by 2011 */ /* This was added in version 7.19.1 */ #define CURLOPT_POST301 CURLOPT_POSTREDIR /* These are scheduled to disappear by 2009 */ /* The following were added in 7.17.0 */ #define CURLOPT_SSLKEYPASSWD CURLOPT_KEYPASSWD #define CURLOPT_FTPAPPEND CURLOPT_APPEND #define CURLOPT_FTPLISTONLY CURLOPT_DIRLISTONLY #define CURLOPT_FTP_SSL CURLOPT_USE_SSL /* The following were added earlier */ #define CURLOPT_SSLCERTPASSWD CURLOPT_KEYPASSWD #define CURLOPT_KRB4LEVEL CURLOPT_KRBLEVEL #else /* This is set if CURL_NO_OLDIES is defined at compile-time */ #undef CURLOPT_DNS_USE_GLOBAL_CACHE /* soon obsolete */ #endif /* Below here follows defines for the CURLOPT_IPRESOLVE option. If a host name resolves addresses using more than one IP protocol version, this option might be handy to force libcurl to use a specific IP version. */ #define CURL_IPRESOLVE_WHATEVER 0 /* default, resolves addresses to all IP versions that your system allows */ #define CURL_IPRESOLVE_V4 1 /* resolve to IPv4 addresses */ #define CURL_IPRESOLVE_V6 2 /* resolve to IPv6 addresses */ /* three convenient "aliases" that follow the name scheme better */ #define CURLOPT_RTSPHEADER CURLOPT_HTTPHEADER /* These enums are for use with the CURLOPT_HTTP_VERSION option. */ enum { CURL_HTTP_VERSION_NONE, /* setting this means we don't care, and that we'd like the library to choose the best possible for us! */ CURL_HTTP_VERSION_1_0, /* please use HTTP 1.0 in the request */ CURL_HTTP_VERSION_1_1, /* please use HTTP 1.1 in the request */ CURL_HTTP_VERSION_2_0, /* please use HTTP 2 in the request */ CURL_HTTP_VERSION_2TLS, /* use version 2 for HTTPS, version 1.1 for HTTP */ CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE, /* please use HTTP 2 without HTTP/1.1 Upgrade */ CURL_HTTP_VERSION_LAST /* *ILLEGAL* http version */ }; /* Convenience definition simple because the name of the version is HTTP/2 and not 2.0. The 2_0 version of the enum name was set while the version was still planned to be 2.0 and we stick to it for compatibility. */ #define CURL_HTTP_VERSION_2 CURL_HTTP_VERSION_2_0 /* * Public API enums for RTSP requests */ enum { CURL_RTSPREQ_NONE, /* first in list */ CURL_RTSPREQ_OPTIONS, CURL_RTSPREQ_DESCRIBE, CURL_RTSPREQ_ANNOUNCE, CURL_RTSPREQ_SETUP, CURL_RTSPREQ_PLAY, CURL_RTSPREQ_PAUSE, CURL_RTSPREQ_TEARDOWN, CURL_RTSPREQ_GET_PARAMETER, CURL_RTSPREQ_SET_PARAMETER, CURL_RTSPREQ_RECORD, CURL_RTSPREQ_RECEIVE, CURL_RTSPREQ_LAST /* last in list */ }; /* These enums are for use with the CURLOPT_NETRC option. */ enum CURL_NETRC_OPTION { CURL_NETRC_IGNORED, /* The .netrc will never be read. * This is the default. */ CURL_NETRC_OPTIONAL, /* A user:password in the URL will be preferred * to one in the .netrc. */ CURL_NETRC_REQUIRED, /* A user:password in the URL will be ignored. * Unless one is set programmatically, the .netrc * will be queried. */ CURL_NETRC_LAST }; enum { CURL_SSLVERSION_DEFAULT, CURL_SSLVERSION_TLSv1, /* TLS 1.x */ CURL_SSLVERSION_SSLv2, CURL_SSLVERSION_SSLv3, CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1, CURL_SSLVERSION_TLSv1_2, CURL_SSLVERSION_TLSv1_3, CURL_SSLVERSION_LAST /* never use, keep last */ }; enum CURL_TLSAUTH { CURL_TLSAUTH_NONE, CURL_TLSAUTH_SRP, CURL_TLSAUTH_LAST /* never use, keep last */ }; /* symbols to use with CURLOPT_POSTREDIR. CURL_REDIR_POST_301, CURL_REDIR_POST_302 and CURL_REDIR_POST_303 can be bitwise ORed so that CURL_REDIR_POST_301 | CURL_REDIR_POST_302 | CURL_REDIR_POST_303 == CURL_REDIR_POST_ALL */ #define CURL_REDIR_GET_ALL 0 #define CURL_REDIR_POST_301 1 #define CURL_REDIR_POST_302 2 #define CURL_REDIR_POST_303 4 #define CURL_REDIR_POST_ALL \ (CURL_REDIR_POST_301|CURL_REDIR_POST_302|CURL_REDIR_POST_303) typedef enum { CURL_TIMECOND_NONE, CURL_TIMECOND_IFMODSINCE, CURL_TIMECOND_IFUNMODSINCE, CURL_TIMECOND_LASTMOD, CURL_TIMECOND_LAST } curl_TimeCond; /* curl_strequal() and curl_strnequal() are subject for removal in a future libcurl, see lib/README.curlx for details !checksrc! disable SPACEBEFOREPAREN 2 */ CURL_EXTERN int (curl_strequal)(const char *s1, const char *s2); CURL_EXTERN int (curl_strnequal)(const char *s1, const char *s2, size_t n); /* name is uppercase CURLFORM_<name> */ #ifdef CFINIT #undef CFINIT #endif #ifdef CURL_ISOCPP #define CFINIT(name) CURLFORM_ ## name #else /* The macro "##" is ISO C, we assume pre-ISO C doesn't support it. */ #define CFINIT(name) CURLFORM_/**/name #endif typedef enum { CFINIT(NOTHING), /********* the first one is unused ************/ /* */ CFINIT(COPYNAME), CFINIT(PTRNAME), CFINIT(NAMELENGTH), CFINIT(COPYCONTENTS), CFINIT(PTRCONTENTS), CFINIT(CONTENTSLENGTH), CFINIT(FILECONTENT), CFINIT(ARRAY), CFINIT(OBSOLETE), CFINIT(FILE), CFINIT(BUFFER), CFINIT(BUFFERPTR), CFINIT(BUFFERLENGTH), CFINIT(CONTENTTYPE), CFINIT(CONTENTHEADER), CFINIT(FILENAME), CFINIT(END), CFINIT(OBSOLETE2), CFINIT(STREAM), CFINIT(CONTENTLEN), /* added in 7.46.0, provide a curl_off_t length */ CURLFORM_LASTENTRY /* the last unused */ } CURLformoption; #undef CFINIT /* done */ /* structure to be used as parameter for CURLFORM_ARRAY */ struct curl_forms { CURLformoption option; const char *value; }; /* use this for multipart formpost building */ /* Returns code for curl_formadd() * * Returns: * CURL_FORMADD_OK on success * CURL_FORMADD_MEMORY if the FormInfo allocation fails * CURL_FORMADD_OPTION_TWICE if one option is given twice for one Form * CURL_FORMADD_NULL if a null pointer was given for a char * CURL_FORMADD_MEMORY if the allocation of a FormInfo struct failed * CURL_FORMADD_UNKNOWN_OPTION if an unknown option was used * CURL_FORMADD_INCOMPLETE if the some FormInfo is not complete (or error) * CURL_FORMADD_MEMORY if a curl_httppost struct cannot be allocated * CURL_FORMADD_MEMORY if some allocation for string copying failed. * CURL_FORMADD_ILLEGAL_ARRAY if an illegal option is used in an array * ***************************************************************************/ typedef enum { CURL_FORMADD_OK, /* first, no error */ CURL_FORMADD_MEMORY, CURL_FORMADD_OPTION_TWICE, CURL_FORMADD_NULL, CURL_FORMADD_UNKNOWN_OPTION, CURL_FORMADD_INCOMPLETE, CURL_FORMADD_ILLEGAL_ARRAY, CURL_FORMADD_DISABLED, /* libcurl was built with this disabled */ CURL_FORMADD_LAST /* last */ } CURLFORMcode; /* * NAME curl_formadd() * * DESCRIPTION * * Pretty advanced function for building multi-part formposts. Each invoke * adds one part that together construct a full post. Then use * CURLOPT_HTTPPOST to send it off to libcurl. */ CURL_EXTERN CURLFORMcode curl_formadd(struct curl_httppost **httppost, struct curl_httppost **last_post, ...); /* * callback function for curl_formget() * The void *arg pointer will be the one passed as second argument to * curl_formget(). * The character buffer passed to it must not be freed. * Should return the buffer length passed to it as the argument "len" on * success. */ typedef size_t (*curl_formget_callback)(void *arg, const char *buf, size_t len); /* * NAME curl_formget() * * DESCRIPTION * * Serialize a curl_httppost struct built with curl_formadd(). * Accepts a void pointer as second argument which will be passed to * the curl_formget_callback function. * Returns 0 on success. */ CURL_EXTERN int curl_formget(struct curl_httppost *form, void *arg, curl_formget_callback append); /* * NAME curl_formfree() * * DESCRIPTION * * Free a multipart formpost previously built with curl_formadd(). */ CURL_EXTERN void curl_formfree(struct curl_httppost *form); /* * NAME curl_getenv() * * DESCRIPTION * * Returns a malloc()'ed string that MUST be curl_free()ed after usage is * complete. DEPRECATED - see lib/README.curlx */ CURL_EXTERN char *curl_getenv(const char *variable); /* * NAME curl_version() * * DESCRIPTION * * Returns a static ascii string of the libcurl version. */ CURL_EXTERN char *curl_version(void); /* * NAME curl_easy_escape() * * DESCRIPTION * * Escapes URL strings (converts all letters consider illegal in URLs to their * %XX versions). This function returns a new allocated string or NULL if an * error occurred. */ CURL_EXTERN char *curl_easy_escape(CURL *handle, const char *string, int length); /* the previous version: */ CURL_EXTERN char *curl_escape(const char *string, int length); /* * NAME curl_easy_unescape() * * DESCRIPTION * * Unescapes URL encoding in strings (converts all %XX codes to their 8bit * versions). This function returns a new allocated string or NULL if an error * occurred. * Conversion Note: On non-ASCII platforms the ASCII %XX codes are * converted into the host encoding. */ CURL_EXTERN char *curl_easy_unescape(CURL *handle, const char *string, int length, int *outlength); /* the previous version */ CURL_EXTERN char *curl_unescape(const char *string, int length); /* * NAME curl_free() * * DESCRIPTION * * Provided for de-allocation in the same translation unit that did the * allocation. Added in libcurl 7.10 */ CURL_EXTERN void curl_free(void *p); /* * NAME curl_global_init() * * DESCRIPTION * * curl_global_init() should be invoked exactly once for each application that * uses libcurl and before any call of other libcurl functions. * * This function is not thread-safe! */ CURL_EXTERN CURLcode curl_global_init(long flags); /* * NAME curl_global_init_mem() * * DESCRIPTION * * curl_global_init() or curl_global_init_mem() should be invoked exactly once * for each application that uses libcurl. This function can be used to * initialize libcurl and set user defined memory management callback * functions. Users can implement memory management routines to check for * memory leaks, check for mis-use of the curl library etc. User registered * callback routines with be invoked by this library instead of the system * memory management routines like malloc, free etc. */ CURL_EXTERN CURLcode curl_global_init_mem(long flags, curl_malloc_callback m, curl_free_callback f, curl_realloc_callback r, curl_strdup_callback s, curl_calloc_callback c); /* * NAME curl_global_cleanup() * * DESCRIPTION * * curl_global_cleanup() should be invoked exactly once for each application * that uses libcurl */ CURL_EXTERN void curl_global_cleanup(void); /* linked-list structure for the CURLOPT_QUOTE option (and other) */ struct curl_slist { char *data; struct curl_slist *next; }; /* * NAME curl_slist_append() * * DESCRIPTION * * Appends a string to a linked list. If no list exists, it will be created * first. Returns the new list, after appending. */ CURL_EXTERN struct curl_slist *curl_slist_append(struct curl_slist *, const char *); /* * NAME curl_slist_free_all() * * DESCRIPTION * * free a previously built curl_slist. */ CURL_EXTERN void curl_slist_free_all(struct curl_slist *); /* * NAME curl_getdate() * * DESCRIPTION * * Returns the time, in seconds since 1 Jan 1970 of the time string given in * the first argument. The time argument in the second parameter is unused * and should be set to NULL. */ CURL_EXTERN time_t curl_getdate(const char *p, const time_t *unused); /* info about the certificate chain, only for OpenSSL builds. Asked for with CURLOPT_CERTINFO / CURLINFO_CERTINFO */ struct curl_certinfo { int num_of_certs; /* number of certificates with information */ struct curl_slist **certinfo; /* for each index in this array, there's a linked list with textual information in the format "name: value" */ }; /* enum for the different supported SSL backends */ typedef enum { CURLSSLBACKEND_NONE = 0, CURLSSLBACKEND_OPENSSL = 1, CURLSSLBACKEND_GNUTLS = 2, CURLSSLBACKEND_NSS = 3, CURLSSLBACKEND_OBSOLETE4 = 4, /* Was QSOSSL. */ CURLSSLBACKEND_GSKIT = 5, CURLSSLBACKEND_POLARSSL = 6, CURLSSLBACKEND_CYASSL = 7, CURLSSLBACKEND_SCHANNEL = 8, CURLSSLBACKEND_DARWINSSL = 9, CURLSSLBACKEND_AXTLS = 10, CURLSSLBACKEND_MBEDTLS = 11 } curl_sslbackend; /* aliases for library clones and renames */ #define CURLSSLBACKEND_LIBRESSL 1 #define CURLSSLBACKEND_BORINGSSL 1 #define CURLSSLBACKEND_WOLFSSL 6 /* Information about the SSL library used and the respective internal SSL handle, which can be used to obtain further information regarding the connection. Asked for with CURLINFO_TLS_SSL_PTR or CURLINFO_TLS_SESSION. */ struct curl_tlssessioninfo { curl_sslbackend backend; void *internals; }; #define CURLINFO_STRING 0x100000 #define CURLINFO_LONG 0x200000 #define CURLINFO_DOUBLE 0x300000 #define CURLINFO_SLIST 0x400000 #define CURLINFO_SOCKET 0x500000 #define CURLINFO_MASK 0x0fffff #define CURLINFO_TYPEMASK 0xf00000 typedef enum { CURLINFO_NONE, /* first, never use this */ CURLINFO_EFFECTIVE_URL = CURLINFO_STRING + 1, CURLINFO_RESPONSE_CODE = CURLINFO_LONG + 2, CURLINFO_TOTAL_TIME = CURLINFO_DOUBLE + 3, CURLINFO_NAMELOOKUP_TIME = CURLINFO_DOUBLE + 4, CURLINFO_CONNECT_TIME = CURLINFO_DOUBLE + 5, CURLINFO_PRETRANSFER_TIME = CURLINFO_DOUBLE + 6, CURLINFO_SIZE_UPLOAD = CURLINFO_DOUBLE + 7, CURLINFO_SIZE_DOWNLOAD = CURLINFO_DOUBLE + 8, CURLINFO_SPEED_DOWNLOAD = CURLINFO_DOUBLE + 9, CURLINFO_SPEED_UPLOAD = CURLINFO_DOUBLE + 10, CURLINFO_HEADER_SIZE = CURLINFO_LONG + 11, CURLINFO_REQUEST_SIZE = CURLINFO_LONG + 12, CURLINFO_SSL_VERIFYRESULT = CURLINFO_LONG + 13, CURLINFO_FILETIME = CURLINFO_LONG + 14, CURLINFO_CONTENT_LENGTH_DOWNLOAD = CURLINFO_DOUBLE + 15, CURLINFO_CONTENT_LENGTH_UPLOAD = CURLINFO_DOUBLE + 16, CURLINFO_STARTTRANSFER_TIME = CURLINFO_DOUBLE + 17, CURLINFO_CONTENT_TYPE = CURLINFO_STRING + 18, CURLINFO_REDIRECT_TIME = CURLINFO_DOUBLE + 19, CURLINFO_REDIRECT_COUNT = CURLINFO_LONG + 20, CURLINFO_PRIVATE = CURLINFO_STRING + 21, CURLINFO_HTTP_CONNECTCODE = CURLINFO_LONG + 22, CURLINFO_HTTPAUTH_AVAIL = CURLINFO_LONG + 23, CURLINFO_PROXYAUTH_AVAIL = CURLINFO_LONG + 24, CURLINFO_OS_ERRNO = CURLINFO_LONG + 25, CURLINFO_NUM_CONNECTS = CURLINFO_LONG + 26, CURLINFO_SSL_ENGINES = CURLINFO_SLIST + 27, CURLINFO_COOKIELIST = CURLINFO_SLIST + 28, CURLINFO_LASTSOCKET = CURLINFO_LONG + 29, CURLINFO_FTP_ENTRY_PATH = CURLINFO_STRING + 30, CURLINFO_REDIRECT_URL = CURLINFO_STRING + 31, CURLINFO_PRIMARY_IP = CURLINFO_STRING + 32, CURLINFO_APPCONNECT_TIME = CURLINFO_DOUBLE + 33, CURLINFO_CERTINFO = CURLINFO_SLIST + 34, CURLINFO_CONDITION_UNMET = CURLINFO_LONG + 35, CURLINFO_RTSP_SESSION_ID = CURLINFO_STRING + 36, CURLINFO_RTSP_CLIENT_CSEQ = CURLINFO_LONG + 37, CURLINFO_RTSP_SERVER_CSEQ = CURLINFO_LONG + 38, CURLINFO_RTSP_CSEQ_RECV = CURLINFO_LONG + 39, CURLINFO_PRIMARY_PORT = CURLINFO_LONG + 40, CURLINFO_LOCAL_IP = CURLINFO_STRING + 41, CURLINFO_LOCAL_PORT = CURLINFO_LONG + 42, CURLINFO_TLS_SESSION = CURLINFO_SLIST + 43, CURLINFO_ACTIVESOCKET = CURLINFO_SOCKET + 44, CURLINFO_TLS_SSL_PTR = CURLINFO_SLIST + 45, CURLINFO_HTTP_VERSION = CURLINFO_LONG + 46, CURLINFO_PROXY_SSL_VERIFYRESULT = CURLINFO_LONG + 47, CURLINFO_PROTOCOL = CURLINFO_LONG + 48, CURLINFO_SCHEME = CURLINFO_STRING + 49, /* Fill in new entries below here! */ CURLINFO_LASTONE = 49 } CURLINFO; /* CURLINFO_RESPONSE_CODE is the new name for the option previously known as CURLINFO_HTTP_CODE */ #define CURLINFO_HTTP_CODE CURLINFO_RESPONSE_CODE typedef enum { CURLCLOSEPOLICY_NONE, /* first, never use this */ CURLCLOSEPOLICY_OLDEST, CURLCLOSEPOLICY_LEAST_RECENTLY_USED, CURLCLOSEPOLICY_LEAST_TRAFFIC, CURLCLOSEPOLICY_SLOWEST, CURLCLOSEPOLICY_CALLBACK, CURLCLOSEPOLICY_LAST /* last, never use this */ } curl_closepolicy; #define CURL_GLOBAL_SSL (1<<0) #define CURL_GLOBAL_WIN32 (1<<1) #define CURL_GLOBAL_ALL (CURL_GLOBAL_SSL|CURL_GLOBAL_WIN32) #define CURL_GLOBAL_NOTHING 0 #define CURL_GLOBAL_DEFAULT CURL_GLOBAL_ALL #define CURL_GLOBAL_ACK_EINTR (1<<2) /***************************************************************************** * Setup defines, protos etc for the sharing stuff. */ /* Different data locks for a single share */ typedef enum { CURL_LOCK_DATA_NONE = 0, /* CURL_LOCK_DATA_SHARE is used internally to say that * the locking is just made to change the internal state of the share * itself. */ CURL_LOCK_DATA_SHARE, CURL_LOCK_DATA_COOKIE, CURL_LOCK_DATA_DNS, CURL_LOCK_DATA_SSL_SESSION, CURL_LOCK_DATA_CONNECT, CURL_LOCK_DATA_LAST } curl_lock_data; /* Different lock access types */ typedef enum { CURL_LOCK_ACCESS_NONE = 0, /* unspecified action */ CURL_LOCK_ACCESS_SHARED = 1, /* for read perhaps */ CURL_LOCK_ACCESS_SINGLE = 2, /* for write perhaps */ CURL_LOCK_ACCESS_LAST /* never use */ } curl_lock_access; typedef void (*curl_lock_function)(CURL *handle, curl_lock_data data, curl_lock_access locktype, void *userptr); typedef void (*curl_unlock_function)(CURL *handle, curl_lock_data data, void *userptr); typedef enum { CURLSHE_OK, /* all is fine */ CURLSHE_BAD_OPTION, /* 1 */ CURLSHE_IN_USE, /* 2 */ CURLSHE_INVALID, /* 3 */ CURLSHE_NOMEM, /* 4 out of memory */ CURLSHE_NOT_BUILT_IN, /* 5 feature not present in lib */ CURLSHE_LAST /* never use */ } CURLSHcode; typedef enum { CURLSHOPT_NONE, /* don't use */ CURLSHOPT_SHARE, /* specify a data type to share */ CURLSHOPT_UNSHARE, /* specify which data type to stop sharing */ CURLSHOPT_LOCKFUNC, /* pass in a 'curl_lock_function' pointer */ CURLSHOPT_UNLOCKFUNC, /* pass in a 'curl_unlock_function' pointer */ CURLSHOPT_USERDATA, /* pass in a user data pointer used in the lock/unlock callback functions */ CURLSHOPT_LAST /* never use */ } CURLSHoption; CURL_EXTERN CURLSH *curl_share_init(void); CURL_EXTERN CURLSHcode curl_share_setopt(CURLSH *, CURLSHoption option, ...); CURL_EXTERN CURLSHcode curl_share_cleanup(CURLSH *); /**************************************************************************** * Structures for querying information about the curl library at runtime. */ typedef enum { CURLVERSION_FIRST, CURLVERSION_SECOND, CURLVERSION_THIRD, CURLVERSION_FOURTH, CURLVERSION_LAST /* never actually use this */ } CURLversion; /* The 'CURLVERSION_NOW' is the symbolic name meant to be used by basically all programs ever that want to get version information. It is meant to be a built-in version number for what kind of struct the caller expects. If the struct ever changes, we redefine the NOW to another enum from above. */ #define CURLVERSION_NOW CURLVERSION_FOURTH typedef struct { CURLversion age; /* age of the returned struct */ const char *version; /* LIBCURL_VERSION */ unsigned int version_num; /* LIBCURL_VERSION_NUM */ const char *host; /* OS/host/cpu/machine when configured */ int features; /* bitmask, see defines below */ const char *ssl_version; /* human readable string */ long ssl_version_num; /* not used anymore, always 0 */ const char *libz_version; /* human readable string */ /* protocols is terminated by an entry with a NULL protoname */ const char * const *protocols; /* The fields below this were added in CURLVERSION_SECOND */ const char *ares; int ares_num; /* This field was added in CURLVERSION_THIRD */ const char *libidn; /* These field were added in CURLVERSION_FOURTH */ /* Same as '_libiconv_version' if built with HAVE_ICONV */ int iconv_ver_num; const char *libssh_version; /* human readable string */ } curl_version_info_data; #define CURL_VERSION_IPV6 (1<<0) /* IPv6-enabled */ #define CURL_VERSION_KERBEROS4 (1<<1) /* Kerberos V4 auth is supported (deprecated) */ #define CURL_VERSION_SSL (1<<2) /* SSL options are present */ #define CURL_VERSION_LIBZ (1<<3) /* libz features are present */ #define CURL_VERSION_NTLM (1<<4) /* NTLM auth is supported */ #define CURL_VERSION_GSSNEGOTIATE (1<<5) /* Negotiate auth is supported (deprecated) */ #define CURL_VERSION_DEBUG (1<<6) /* Built with debug capabilities */ #define CURL_VERSION_ASYNCHDNS (1<<7) /* Asynchronous DNS resolves */ #define CURL_VERSION_SPNEGO (1<<8) /* SPNEGO auth is supported */ #define CURL_VERSION_LARGEFILE (1<<9) /* Supports files larger than 2GB */ #define CURL_VERSION_IDN (1<<10) /* Internationized Domain Names are supported */ #define CURL_VERSION_SSPI (1<<11) /* Built against Windows SSPI */ #define CURL_VERSION_CONV (1<<12) /* Character conversions supported */ #define CURL_VERSION_CURLDEBUG (1<<13) /* Debug memory tracking supported */ #define CURL_VERSION_TLSAUTH_SRP (1<<14) /* TLS-SRP auth is supported */ #define CURL_VERSION_NTLM_WB (1<<15) /* NTLM delegation to winbind helper is suported */ #define CURL_VERSION_HTTP2 (1<<16) /* HTTP2 support built-in */ #define CURL_VERSION_GSSAPI (1<<17) /* Built against a GSS-API library */ #define CURL_VERSION_KERBEROS5 (1<<18) /* Kerberos V5 auth is supported */ #define CURL_VERSION_UNIX_SOCKETS (1<<19) /* Unix domain sockets support */ #define CURL_VERSION_PSL (1<<20) /* Mozilla's Public Suffix List, used for cookie domain verification */ #define CURL_VERSION_HTTPS_PROXY (1<<21) /* HTTPS-proxy support built-in */ /* * NAME curl_version_info() * * DESCRIPTION * * This function returns a pointer to a static copy of the version info * struct. See above. */ CURL_EXTERN curl_version_info_data *curl_version_info(CURLversion); /* * NAME curl_easy_strerror() * * DESCRIPTION * * The curl_easy_strerror function may be used to turn a CURLcode value * into the equivalent human readable error string. This is useful * for printing meaningful error messages. */ CURL_EXTERN const char *curl_easy_strerror(CURLcode); /* * NAME curl_share_strerror() * * DESCRIPTION * * The curl_share_strerror function may be used to turn a CURLSHcode value * into the equivalent human readable error string. This is useful * for printing meaningful error messages. */ CURL_EXTERN const char *curl_share_strerror(CURLSHcode); /* * NAME curl_easy_pause() * * DESCRIPTION * * The curl_easy_pause function pauses or unpauses transfers. Select the new * state by setting the bitmask, use the convenience defines below. * */ CURL_EXTERN CURLcode curl_easy_pause(CURL *handle, int bitmask); #define CURLPAUSE_RECV (1<<0) #define CURLPAUSE_RECV_CONT (0) #define CURLPAUSE_SEND (1<<2) #define CURLPAUSE_SEND_CONT (0) #define CURLPAUSE_ALL (CURLPAUSE_RECV|CURLPAUSE_SEND) #define CURLPAUSE_CONT (CURLPAUSE_RECV_CONT|CURLPAUSE_SEND_CONT) #ifdef __cplusplus } #endif /* unfortunately, the easy.h and multi.h include files need options and info stuff before they can be included! */ #include "easy.h" /* nothing in curl is fun without the easy stuff */ #include "multi.h" /* the typechecker doesn't work in C++ (yet) */ #if defined(__GNUC__) && defined(__GNUC_MINOR__) && \ ((__GNUC__ > 4) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 3)) && \ !defined(__cplusplus) && !defined(CURL_DISABLE_TYPECHECK) #include "typecheck-gcc.h" #else #if defined(__STDC__) && (__STDC__ >= 1) /* This preprocessor magic that replaces a call with the exact same call is only done to make sure application authors pass exactly three arguments to these functions. */ #define curl_easy_setopt(handle,opt,param) curl_easy_setopt(handle,opt,param) #define curl_easy_getinfo(handle,info,arg) curl_easy_getinfo(handle,info,arg) #define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param) #define curl_multi_setopt(handle,opt,param) curl_multi_setopt(handle,opt,param) #endif /* __STDC__ >= 1 */ #endif /* gcc >= 4.3 && !__cplusplus */ #endif /* __CURL_CURL_H */ |
Added scriptlibs/softwareupdate/curl/include/curl/curlbuild.h.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 | #ifndef __CURL_CURLBUILD_H #define __CURL_CURLBUILD_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at https://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * ***************************************************************************/ /* ================================================================ */ /* NOTES FOR CONFIGURE CAPABLE SYSTEMS */ /* ================================================================ */ /* * NOTE 1: * ------- * * See file include/curl/curlbuild.h.in, run configure, and forget * that this file exists it is only used for non-configure systems. * But you can keep reading if you want ;-) * */ /* ================================================================ */ /* NOTES FOR NON-CONFIGURE SYSTEMS */ /* ================================================================ */ /* * NOTE 1: * ------- * * Nothing in this file is intended to be modified or adjusted by the * curl library user nor by the curl library builder. * * If you think that something actually needs to be changed, adjusted * or fixed in this file, then, report it on the libcurl development * mailing list: https://cool.haxx.se/mailman/listinfo/curl-library/ * * Try to keep one section per platform, compiler and architecture, * otherwise, if an existing section is reused for a different one and * later on the original is adjusted, probably the piggybacking one can * be adversely changed. * * In order to differentiate between platforms/compilers/architectures * use only compiler built in predefined preprocessor symbols. * * This header file shall only export symbols which are 'curl' or 'CURL' * prefixed, otherwise public name space would be polluted. * * NOTE 2: * ------- * * For any given platform/compiler curl_off_t must be typedef'ed to a * 64-bit wide signed integral data type. The width of this data type * must remain constant and independent of any possible large file * support settings. * * As an exception to the above, curl_off_t shall be typedef'ed to a * 32-bit wide signed integral data type if there is no 64-bit type. * * As a general rule, curl_off_t shall not be mapped to off_t. This * rule shall only be violated if off_t is the only 64-bit data type * available and the size of off_t is independent of large file support * settings. Keep your build on the safe side avoiding an off_t gating. * If you have a 64-bit off_t then take for sure that another 64-bit * data type exists, dig deeper and you will find it. * * NOTE 3: * ------- * * Right now you might be staring at file include/curl/curlbuild.h.dist or * at file include/curl/curlbuild.h, this is due to the following reason: * file include/curl/curlbuild.h.dist is renamed to include/curl/curlbuild.h * when the libcurl source code distribution archive file is created. * * File include/curl/curlbuild.h.dist is not included in the distribution * archive. File include/curl/curlbuild.h is not present in the git tree. * * The distributed include/curl/curlbuild.h file is only intended to be used * on systems which can not run the also distributed configure script. * * On systems capable of running the configure script, the configure process * will overwrite the distributed include/curl/curlbuild.h file with one that * is suitable and specific to the library being configured and built, which * is generated from the include/curl/curlbuild.h.in template file. * * If you check out from git on a non-configure platform, you must run the * appropriate buildconf* script to set up curlbuild.h and other local files. * */ /* ================================================================ */ /* DEFINITION OF THESE SYMBOLS SHALL NOT TAKE PLACE ANYWHERE ELSE */ /* ================================================================ */ #ifdef CURL_SIZEOF_LONG # error "CURL_SIZEOF_LONG shall not be defined except in curlbuild.h" Error Compilation_aborted_CURL_SIZEOF_LONG_already_defined #endif #ifdef CURL_TYPEOF_CURL_SOCKLEN_T # error "CURL_TYPEOF_CURL_SOCKLEN_T shall not be defined except in curlbuild.h" Error Compilation_aborted_CURL_TYPEOF_CURL_SOCKLEN_T_already_defined #endif #ifdef CURL_SIZEOF_CURL_SOCKLEN_T # error "CURL_SIZEOF_CURL_SOCKLEN_T shall not be defined except in curlbuild.h" Error Compilation_aborted_CURL_SIZEOF_CURL_SOCKLEN_T_already_defined #endif #ifdef CURL_TYPEOF_CURL_OFF_T # error "CURL_TYPEOF_CURL_OFF_T shall not be defined except in curlbuild.h" Error Compilation_aborted_CURL_TYPEOF_CURL_OFF_T_already_defined #endif #ifdef CURL_FORMAT_CURL_OFF_T # error "CURL_FORMAT_CURL_OFF_T shall not be defined except in curlbuild.h" Error Compilation_aborted_CURL_FORMAT_CURL_OFF_T_already_defined #endif #ifdef CURL_FORMAT_CURL_OFF_TU # error "CURL_FORMAT_CURL_OFF_TU shall not be defined except in curlbuild.h" Error Compilation_aborted_CURL_FORMAT_CURL_OFF_TU_already_defined #endif #ifdef CURL_FORMAT_OFF_T # error "CURL_FORMAT_OFF_T shall not be defined except in curlbuild.h" Error Compilation_aborted_CURL_FORMAT_OFF_T_already_defined #endif #ifdef CURL_SIZEOF_CURL_OFF_T # error "CURL_SIZEOF_CURL_OFF_T shall not be defined except in curlbuild.h" Error Compilation_aborted_CURL_SIZEOF_CURL_OFF_T_already_defined #endif #ifdef CURL_SUFFIX_CURL_OFF_T # error "CURL_SUFFIX_CURL_OFF_T shall not be defined except in curlbuild.h" Error Compilation_aborted_CURL_SUFFIX_CURL_OFF_T_already_defined #endif #ifdef CURL_SUFFIX_CURL_OFF_TU # error "CURL_SUFFIX_CURL_OFF_TU shall not be defined except in curlbuild.h" Error Compilation_aborted_CURL_SUFFIX_CURL_OFF_TU_already_defined #endif /* ================================================================ */ /* EXTERNAL INTERFACE SETTINGS FOR NON-CONFIGURE SYSTEMS ONLY */ /* ================================================================ */ #if defined(__DJGPP__) || defined(__GO32__) # if defined(__DJGPP__) && (__DJGPP__ > 1) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long long # define CURL_FORMAT_CURL_OFF_T "lld" # define CURL_FORMAT_CURL_OFF_TU "llu" # define CURL_FORMAT_OFF_T "%lld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T LL # define CURL_SUFFIX_CURL_OFF_TU ULL # else # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 4 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # endif # define CURL_TYPEOF_CURL_SOCKLEN_T int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 #elif defined(__SALFORDC__) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 4 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # define CURL_TYPEOF_CURL_SOCKLEN_T int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 #elif defined(__BORLANDC__) # if (__BORLANDC__ < 0x520) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 4 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # else # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T __int64 # define CURL_FORMAT_CURL_OFF_T "I64d" # define CURL_FORMAT_CURL_OFF_TU "I64u" # define CURL_FORMAT_OFF_T "%I64d" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T i64 # define CURL_SUFFIX_CURL_OFF_TU ui64 # endif # define CURL_TYPEOF_CURL_SOCKLEN_T int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 #elif defined(__TURBOC__) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 4 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # define CURL_TYPEOF_CURL_SOCKLEN_T int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 #elif defined(__WATCOMC__) # if defined(__386__) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T __int64 # define CURL_FORMAT_CURL_OFF_T "I64d" # define CURL_FORMAT_CURL_OFF_TU "I64u" # define CURL_FORMAT_OFF_T "%I64d" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T i64 # define CURL_SUFFIX_CURL_OFF_TU ui64 # else # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 4 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # endif # define CURL_TYPEOF_CURL_SOCKLEN_T int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 #elif defined(__POCC__) # if (__POCC__ < 280) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 4 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # elif defined(_MSC_VER) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T __int64 # define CURL_FORMAT_CURL_OFF_T "I64d" # define CURL_FORMAT_CURL_OFF_TU "I64u" # define CURL_FORMAT_OFF_T "%I64d" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T i64 # define CURL_SUFFIX_CURL_OFF_TU ui64 # else # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long long # define CURL_FORMAT_CURL_OFF_T "lld" # define CURL_FORMAT_CURL_OFF_TU "llu" # define CURL_FORMAT_OFF_T "%lld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T LL # define CURL_SUFFIX_CURL_OFF_TU ULL # endif # define CURL_TYPEOF_CURL_SOCKLEN_T int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 #elif defined(__LCC__) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 4 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # define CURL_TYPEOF_CURL_SOCKLEN_T int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 #elif defined(__SYMBIAN32__) # if defined(__EABI__) /* Treat all ARM compilers equally */ # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long long # define CURL_FORMAT_CURL_OFF_T "lld" # define CURL_FORMAT_CURL_OFF_TU "llu" # define CURL_FORMAT_OFF_T "%lld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T LL # define CURL_SUFFIX_CURL_OFF_TU ULL # elif defined(__CW32__) # pragma longlong on # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long long # define CURL_FORMAT_CURL_OFF_T "lld" # define CURL_FORMAT_CURL_OFF_TU "llu" # define CURL_FORMAT_OFF_T "%lld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T LL # define CURL_SUFFIX_CURL_OFF_TU ULL # elif defined(__VC32__) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T __int64 # define CURL_FORMAT_CURL_OFF_T "lld" # define CURL_FORMAT_CURL_OFF_TU "llu" # define CURL_FORMAT_OFF_T "%lld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T LL # define CURL_SUFFIX_CURL_OFF_TU ULL # endif # define CURL_TYPEOF_CURL_SOCKLEN_T unsigned int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 #elif defined(__MWERKS__) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long long # define CURL_FORMAT_CURL_OFF_T "lld" # define CURL_FORMAT_CURL_OFF_TU "llu" # define CURL_FORMAT_OFF_T "%lld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T LL # define CURL_SUFFIX_CURL_OFF_TU ULL # define CURL_TYPEOF_CURL_SOCKLEN_T int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 #elif defined(_WIN32_WCE) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T __int64 # define CURL_FORMAT_CURL_OFF_T "I64d" # define CURL_FORMAT_CURL_OFF_TU "I64u" # define CURL_FORMAT_OFF_T "%I64d" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T i64 # define CURL_SUFFIX_CURL_OFF_TU ui64 # define CURL_TYPEOF_CURL_SOCKLEN_T int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 #elif defined(__MINGW32__) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long long # define CURL_FORMAT_CURL_OFF_T "I64d" # define CURL_FORMAT_CURL_OFF_TU "I64u" # define CURL_FORMAT_OFF_T "%I64d" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T LL # define CURL_SUFFIX_CURL_OFF_TU ULL # define CURL_TYPEOF_CURL_SOCKLEN_T int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 #elif defined(__VMS) # if defined(__VAX) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 4 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # else # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long long # define CURL_FORMAT_CURL_OFF_T "lld" # define CURL_FORMAT_CURL_OFF_TU "llu" # define CURL_FORMAT_OFF_T "%lld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T LL # define CURL_SUFFIX_CURL_OFF_TU ULL # endif # define CURL_TYPEOF_CURL_SOCKLEN_T unsigned int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 #elif defined(__OS400__) # if defined(__ILEC400__) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long long # define CURL_FORMAT_CURL_OFF_T "lld" # define CURL_FORMAT_CURL_OFF_TU "llu" # define CURL_FORMAT_OFF_T "%lld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T LL # define CURL_SUFFIX_CURL_OFF_TU ULL # define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t # define CURL_SIZEOF_CURL_SOCKLEN_T 4 # define CURL_PULL_SYS_TYPES_H 1 # define CURL_PULL_SYS_SOCKET_H 1 # endif #elif defined(__MVS__) # if defined(__IBMC__) || defined(__IBMCPP__) # if defined(_ILP32) # define CURL_SIZEOF_LONG 4 # elif defined(_LP64) # define CURL_SIZEOF_LONG 8 # endif # if defined(_LONG_LONG) # define CURL_TYPEOF_CURL_OFF_T long long # define CURL_FORMAT_CURL_OFF_T "lld" # define CURL_FORMAT_CURL_OFF_TU "llu" # define CURL_FORMAT_OFF_T "%lld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T LL # define CURL_SUFFIX_CURL_OFF_TU ULL # elif defined(_LP64) # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # else # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 4 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # endif # define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t # define CURL_SIZEOF_CURL_SOCKLEN_T 4 # define CURL_PULL_SYS_TYPES_H 1 # define CURL_PULL_SYS_SOCKET_H 1 # endif #elif defined(__370__) # if defined(__IBMC__) || defined(__IBMCPP__) # if defined(_ILP32) # define CURL_SIZEOF_LONG 4 # elif defined(_LP64) # define CURL_SIZEOF_LONG 8 # endif # if defined(_LONG_LONG) # define CURL_TYPEOF_CURL_OFF_T long long # define CURL_FORMAT_CURL_OFF_T "lld" # define CURL_FORMAT_CURL_OFF_TU "llu" # define CURL_FORMAT_OFF_T "%lld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T LL # define CURL_SUFFIX_CURL_OFF_TU ULL # elif defined(_LP64) # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # else # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 4 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # endif # define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t # define CURL_SIZEOF_CURL_SOCKLEN_T 4 # define CURL_PULL_SYS_TYPES_H 1 # define CURL_PULL_SYS_SOCKET_H 1 # endif #elif defined(TPF) # define CURL_SIZEOF_LONG 8 # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # define CURL_TYPEOF_CURL_SOCKLEN_T int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 /* ===================================== */ /* KEEP MSVC THE PENULTIMATE ENTRY */ /* ===================================== */ #elif defined(_MSC_VER) # if (_MSC_VER >= 900) && (_INTEGRAL_MAX_BITS >= 64) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T __int64 # define CURL_FORMAT_CURL_OFF_T "I64d" # define CURL_FORMAT_CURL_OFF_TU "I64u" # define CURL_FORMAT_OFF_T "%I64d" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T i64 # define CURL_SUFFIX_CURL_OFF_TU ui64 # else # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 4 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # endif # define CURL_TYPEOF_CURL_SOCKLEN_T int # define CURL_SIZEOF_CURL_SOCKLEN_T 4 /* ===================================== */ /* KEEP GENERIC GCC THE LAST ENTRY */ /* ===================================== */ #elif defined(__GNUC__) # if !defined(__LP64__) && (defined(__ILP32__) || \ defined(__i386__) || defined(__ppc__) || defined(__arm__) || \ defined(__sparc__) || defined(__mips__) || defined(__sh__)) # define CURL_SIZEOF_LONG 4 # define CURL_TYPEOF_CURL_OFF_T long long # define CURL_FORMAT_CURL_OFF_T "lld" # define CURL_FORMAT_CURL_OFF_TU "llu" # define CURL_FORMAT_OFF_T "%lld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T LL # define CURL_SUFFIX_CURL_OFF_TU ULL # elif defined(__LP64__) || \ defined(__x86_64__) || defined(__ppc64__) || defined(__sparc64__) # define CURL_SIZEOF_LONG 8 # define CURL_TYPEOF_CURL_OFF_T long # define CURL_FORMAT_CURL_OFF_T "ld" # define CURL_FORMAT_CURL_OFF_TU "lu" # define CURL_FORMAT_OFF_T "%ld" # define CURL_SIZEOF_CURL_OFF_T 8 # define CURL_SUFFIX_CURL_OFF_T L # define CURL_SUFFIX_CURL_OFF_TU UL # endif # define CURL_TYPEOF_CURL_SOCKLEN_T socklen_t # define CURL_SIZEOF_CURL_SOCKLEN_T 4 # define CURL_PULL_SYS_TYPES_H 1 # define CURL_PULL_SYS_SOCKET_H 1 #else # error "Unknown non-configure build target!" Error Compilation_aborted_Unknown_non_configure_build_target #endif /* CURL_PULL_SYS_TYPES_H is defined above when inclusion of header file */ /* sys/types.h is required here to properly make type definitions below. */ #ifdef CURL_PULL_SYS_TYPES_H # include <sys/types.h> #endif /* CURL_PULL_SYS_SOCKET_H is defined above when inclusion of header file */ /* sys/socket.h is required here to properly make type definitions below. */ #ifdef CURL_PULL_SYS_SOCKET_H # include <sys/socket.h> #endif /* Data type definition of curl_socklen_t. */ #ifdef CURL_TYPEOF_CURL_SOCKLEN_T typedef CURL_TYPEOF_CURL_SOCKLEN_T curl_socklen_t; #endif /* Data type definition of curl_off_t. */ #ifdef CURL_TYPEOF_CURL_OFF_T typedef CURL_TYPEOF_CURL_OFF_T curl_off_t; #endif #endif /* __CURL_CURLBUILD_H */ |
Added scriptlibs/softwareupdate/curl/include/curl/curlrules.h.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 | #ifndef __CURL_CURLRULES_H #define __CURL_CURLRULES_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at https://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * ***************************************************************************/ /* ================================================================ */ /* COMPILE TIME SANITY CHECKS */ /* ================================================================ */ /* * NOTE 1: * ------- * * All checks done in this file are intentionally placed in a public * header file which is pulled by curl/curl.h when an application is * being built using an already built libcurl library. Additionally * this file is also included and used when building the library. * * If compilation fails on this file it is certainly sure that the * problem is elsewhere. It could be a problem in the curlbuild.h * header file, or simply that you are using different compilation * settings than those used to build the library. * * Nothing in this file is intended to be modified or adjusted by the * curl library user nor by the curl library builder. * * Do not deactivate any check, these are done to make sure that the * library is properly built and used. * * You can find further help on the libcurl development mailing list: * https://cool.haxx.se/mailman/listinfo/curl-library/ * * NOTE 2 * ------ * * Some of the following compile time checks are based on the fact * that the dimension of a constant array can not be a negative one. * In this way if the compile time verification fails, the compilation * will fail issuing an error. The error description wording is compiler * dependent but it will be quite similar to one of the following: * * "negative subscript or subscript is too large" * "array must have at least one element" * "-1 is an illegal array size" * "size of array is negative" * * If you are building an application which tries to use an already * built libcurl library and you are getting this kind of errors on * this file, it is a clear indication that there is a mismatch between * how the library was built and how you are trying to use it for your * application. Your already compiled or binary library provider is the * only one who can give you the details you need to properly use it. */ /* * Verify that some macros are actually defined. */ #ifndef CURL_SIZEOF_LONG # error "CURL_SIZEOF_LONG definition is missing!" Error Compilation_aborted_CURL_SIZEOF_LONG_is_missing #endif #ifndef CURL_TYPEOF_CURL_SOCKLEN_T # error "CURL_TYPEOF_CURL_SOCKLEN_T definition is missing!" Error Compilation_aborted_CURL_TYPEOF_CURL_SOCKLEN_T_is_missing #endif #ifndef CURL_SIZEOF_CURL_SOCKLEN_T # error "CURL_SIZEOF_CURL_SOCKLEN_T definition is missing!" Error Compilation_aborted_CURL_SIZEOF_CURL_SOCKLEN_T_is_missing #endif #ifndef CURL_TYPEOF_CURL_OFF_T # error "CURL_TYPEOF_CURL_OFF_T definition is missing!" Error Compilation_aborted_CURL_TYPEOF_CURL_OFF_T_is_missing #endif #ifndef CURL_FORMAT_CURL_OFF_T # error "CURL_FORMAT_CURL_OFF_T definition is missing!" Error Compilation_aborted_CURL_FORMAT_CURL_OFF_T_is_missing #endif #ifndef CURL_FORMAT_CURL_OFF_TU # error "CURL_FORMAT_CURL_OFF_TU definition is missing!" Error Compilation_aborted_CURL_FORMAT_CURL_OFF_TU_is_missing #endif #ifndef CURL_FORMAT_OFF_T # error "CURL_FORMAT_OFF_T definition is missing!" Error Compilation_aborted_CURL_FORMAT_OFF_T_is_missing #endif #ifndef CURL_SIZEOF_CURL_OFF_T # error "CURL_SIZEOF_CURL_OFF_T definition is missing!" Error Compilation_aborted_CURL_SIZEOF_CURL_OFF_T_is_missing #endif #ifndef CURL_SUFFIX_CURL_OFF_T # error "CURL_SUFFIX_CURL_OFF_T definition is missing!" Error Compilation_aborted_CURL_SUFFIX_CURL_OFF_T_is_missing #endif #ifndef CURL_SUFFIX_CURL_OFF_TU # error "CURL_SUFFIX_CURL_OFF_TU definition is missing!" Error Compilation_aborted_CURL_SUFFIX_CURL_OFF_TU_is_missing #endif /* * Macros private to this header file. */ #define CurlchkszEQ(t, s) sizeof(t) == s ? 1 : -1 #define CurlchkszGE(t1, t2) sizeof(t1) >= sizeof(t2) ? 1 : -1 /* * Verify that the size previously defined and expected for long * is the same as the one reported by sizeof() at compile time. */ typedef char __curl_rule_01__ [CurlchkszEQ(long, CURL_SIZEOF_LONG)]; /* * Verify that the size previously defined and expected for * curl_off_t is actually the the same as the one reported * by sizeof() at compile time. */ typedef char __curl_rule_02__ [CurlchkszEQ(curl_off_t, CURL_SIZEOF_CURL_OFF_T)]; /* * Verify at compile time that the size of curl_off_t as reported * by sizeof() is greater or equal than the one reported for long * for the current compilation. */ typedef char __curl_rule_03__ [CurlchkszGE(curl_off_t, long)]; /* * Verify that the size previously defined and expected for * curl_socklen_t is actually the the same as the one reported * by sizeof() at compile time. */ typedef char __curl_rule_04__ [CurlchkszEQ(curl_socklen_t, CURL_SIZEOF_CURL_SOCKLEN_T)]; /* * Verify at compile time that the size of curl_socklen_t as reported * by sizeof() is greater or equal than the one reported for int for * the current compilation. */ typedef char __curl_rule_05__ [CurlchkszGE(curl_socklen_t, int)]; /* ================================================================ */ /* EXTERNALLY AND INTERNALLY VISIBLE DEFINITIONS */ /* ================================================================ */ /* * CURL_ISOCPP and CURL_OFF_T_C definitions are done here in order to allow * these to be visible and exported by the external libcurl interface API, * while also making them visible to the library internals, simply including * curl_setup.h, without actually needing to include curl.h internally. * If some day this section would grow big enough, all this should be moved * to its own header file. */ /* * Figure out if we can use the ## preprocessor operator, which is supported * by ISO/ANSI C and C++. Some compilers support it without setting __STDC__ * or __cplusplus so we need to carefully check for them too. */ #if defined(__STDC__) || defined(_MSC_VER) || defined(__cplusplus) || \ defined(__HP_aCC) || defined(__BORLANDC__) || defined(__LCC__) || \ defined(__POCC__) || defined(__SALFORDC__) || defined(__HIGHC__) || \ defined(__ILEC400__) /* This compiler is believed to have an ISO compatible preprocessor */ #define CURL_ISOCPP #else /* This compiler is believed NOT to have an ISO compatible preprocessor */ #undef CURL_ISOCPP #endif /* * Macros for minimum-width signed and unsigned curl_off_t integer constants. */ #if defined(__BORLANDC__) && (__BORLANDC__ == 0x0551) # define __CURL_OFF_T_C_HLPR2(x) x # define __CURL_OFF_T_C_HLPR1(x) __CURL_OFF_T_C_HLPR2(x) # define CURL_OFF_T_C(Val) __CURL_OFF_T_C_HLPR1(Val) ## \ __CURL_OFF_T_C_HLPR1(CURL_SUFFIX_CURL_OFF_T) # define CURL_OFF_TU_C(Val) __CURL_OFF_T_C_HLPR1(Val) ## \ __CURL_OFF_T_C_HLPR1(CURL_SUFFIX_CURL_OFF_TU) #else # ifdef CURL_ISOCPP # define __CURL_OFF_T_C_HLPR2(Val,Suffix) Val ## Suffix # else # define __CURL_OFF_T_C_HLPR2(Val,Suffix) Val/**/Suffix # endif # define __CURL_OFF_T_C_HLPR1(Val,Suffix) __CURL_OFF_T_C_HLPR2(Val,Suffix) # define CURL_OFF_T_C(Val) __CURL_OFF_T_C_HLPR1(Val,CURL_SUFFIX_CURL_OFF_T) # define CURL_OFF_TU_C(Val) __CURL_OFF_T_C_HLPR1(Val,CURL_SUFFIX_CURL_OFF_TU) #endif /* * Get rid of macros private to this header file. */ #undef CurlchkszEQ #undef CurlchkszGE /* * Get rid of macros not intended to exist beyond this point. */ #undef CURL_PULL_WS2TCPIP_H #undef CURL_PULL_SYS_TYPES_H #undef CURL_PULL_SYS_SOCKET_H #undef CURL_PULL_SYS_POLL_H #undef CURL_PULL_STDINT_H #undef CURL_PULL_INTTYPES_H #undef CURL_TYPEOF_CURL_SOCKLEN_T #undef CURL_TYPEOF_CURL_OFF_T #ifdef CURL_NO_OLDIES #undef CURL_FORMAT_OFF_T /* not required since 7.19.0 - obsoleted in 7.20.0 */ #endif #endif /* __CURL_CURLRULES_H */ |
Added scriptlibs/softwareupdate/curl/include/curl/curlver.h.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 | #ifndef __CURL_CURLVER_H #define __CURL_CURLVER_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at https://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * ***************************************************************************/ /* This header file contains nothing but libcurl version info, generated by a script at release-time. This was made its own header file in 7.11.2 */ /* This is the global package copyright */ #define LIBCURL_COPYRIGHT "1996 - 2017 Daniel Stenberg, <daniel@haxx.se>." /* This is the version number of the libcurl package from which this header file origins: */ #define LIBCURL_VERSION "7.53.1" /* The numeric version number is also available "in parts" by using these defines: */ #define LIBCURL_VERSION_MAJOR 7 #define LIBCURL_VERSION_MINOR 53 #define LIBCURL_VERSION_PATCH 1 /* This is the numeric version of the libcurl version number, meant for easier parsing and comparions by programs. The LIBCURL_VERSION_NUM define will always follow this syntax: 0xXXYYZZ Where XX, YY and ZZ are the main version, release and patch numbers in hexadecimal (using 8 bits each). All three numbers are always represented using two digits. 1.2 would appear as "0x010200" while version 9.11.7 appears as "0x090b07". This 6-digit (24 bits) hexadecimal number does not show pre-release number, and it is always a greater number in a more recent release. It makes comparisons with greater than and less than work. Note: This define is the full hex number and _does not_ use the CURL_VERSION_BITS() macro since curl's own configure script greps for it and needs it to contain the full number. */ #define LIBCURL_VERSION_NUM 0x073501 /* * This is the date and time when the full source package was created. The * timestamp is not stored in git, as the timestamp is properly set in the * tarballs by the maketgz script. * * The format of the date should follow this template: * * "Mon Feb 12 11:35:33 UTC 2007" */ #define LIBCURL_TIMESTAMP "Fri Feb 24 07:49:42 UTC 2017" #define CURL_VERSION_BITS(x,y,z) ((x)<<16|(y)<<8|z) #define CURL_AT_LEAST_VERSION(x,y,z) \ (LIBCURL_VERSION_NUM >= CURL_VERSION_BITS(x, y, z)) #endif /* __CURL_CURLVER_H */ |
Added scriptlibs/softwareupdate/curl/include/curl/easy.h.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 | #ifndef __CURL_EASY_H #define __CURL_EASY_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at https://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * ***************************************************************************/ #ifdef __cplusplus extern "C" { #endif CURL_EXTERN CURL *curl_easy_init(void); CURL_EXTERN CURLcode curl_easy_setopt(CURL *curl, CURLoption option, ...); CURL_EXTERN CURLcode curl_easy_perform(CURL *curl); CURL_EXTERN void curl_easy_cleanup(CURL *curl); /* * NAME curl_easy_getinfo() * * DESCRIPTION * * Request internal information from the curl session with this function. The * third argument MUST be a pointer to a long, a pointer to a char * or a * pointer to a double (as the documentation describes elsewhere). The data * pointed to will be filled in accordingly and can be relied upon only if the * function returns CURLE_OK. This function is intended to get used *AFTER* a * performed transfer, all results from this function are undefined until the * transfer is completed. */ CURL_EXTERN CURLcode curl_easy_getinfo(CURL *curl, CURLINFO info, ...); /* * NAME curl_easy_duphandle() * * DESCRIPTION * * Creates a new curl session handle with the same options set for the handle * passed in. Duplicating a handle could only be a matter of cloning data and * options, internal state info and things like persistent connections cannot * be transferred. It is useful in multithreaded applications when you can run * curl_easy_duphandle() for each new thread to avoid a series of identical * curl_easy_setopt() invokes in every thread. */ CURL_EXTERN CURL *curl_easy_duphandle(CURL *curl); /* * NAME curl_easy_reset() * * DESCRIPTION * * Re-initializes a CURL handle to the default values. This puts back the * handle to the same state as it was in when it was just created. * * It does keep: live connections, the Session ID cache, the DNS cache and the * cookies. */ CURL_EXTERN void curl_easy_reset(CURL *curl); /* * NAME curl_easy_recv() * * DESCRIPTION * * Receives data from the connected socket. Use after successful * curl_easy_perform() with CURLOPT_CONNECT_ONLY option. */ CURL_EXTERN CURLcode curl_easy_recv(CURL *curl, void *buffer, size_t buflen, size_t *n); /* * NAME curl_easy_send() * * DESCRIPTION * * Sends data over the connected socket. Use after successful * curl_easy_perform() with CURLOPT_CONNECT_ONLY option. */ CURL_EXTERN CURLcode curl_easy_send(CURL *curl, const void *buffer, size_t buflen, size_t *n); #ifdef __cplusplus } #endif #endif |
Added scriptlibs/softwareupdate/curl/include/curl/mprintf.h.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 | #ifndef __CURL_MPRINTF_H #define __CURL_MPRINTF_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at https://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * ***************************************************************************/ #include <stdarg.h> #include <stdio.h> /* needed for FILE */ #include "curl.h" /* for CURL_EXTERN */ #ifdef __cplusplus extern "C" { #endif CURL_EXTERN int curl_mprintf(const char *format, ...); CURL_EXTERN int curl_mfprintf(FILE *fd, const char *format, ...); CURL_EXTERN int curl_msprintf(char *buffer, const char *format, ...); CURL_EXTERN int curl_msnprintf(char *buffer, size_t maxlength, const char *format, ...); CURL_EXTERN int curl_mvprintf(const char *format, va_list args); CURL_EXTERN int curl_mvfprintf(FILE *fd, const char *format, va_list args); CURL_EXTERN int curl_mvsprintf(char *buffer, const char *format, va_list args); CURL_EXTERN int curl_mvsnprintf(char *buffer, size_t maxlength, const char *format, va_list args); CURL_EXTERN char *curl_maprintf(const char *format, ...); CURL_EXTERN char *curl_mvaprintf(const char *format, va_list args); #ifdef __cplusplus } #endif #endif /* __CURL_MPRINTF_H */ |
Added scriptlibs/softwareupdate/curl/include/curl/multi.h.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 | #ifndef __CURL_MULTI_H #define __CURL_MULTI_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at https://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * ***************************************************************************/ /* This is an "external" header file. Don't give away any internals here! GOALS o Enable a "pull" interface. The application that uses libcurl decides where and when to ask libcurl to get/send data. o Enable multiple simultaneous transfers in the same thread without making it complicated for the application. o Enable the application to select() on its own file descriptors and curl's file descriptors simultaneous easily. */ /* * This header file should not really need to include "curl.h" since curl.h * itself includes this file and we expect user applications to do #include * <curl/curl.h> without the need for especially including multi.h. * * For some reason we added this include here at one point, and rather than to * break existing (wrongly written) libcurl applications, we leave it as-is * but with this warning attached. */ #include "curl.h" #ifdef __cplusplus extern "C" { #endif #if defined(BUILDING_LIBCURL) || defined(CURL_STRICTER) typedef struct Curl_multi CURLM; #else typedef void CURLM; #endif typedef enum { CURLM_CALL_MULTI_PERFORM = -1, /* please call curl_multi_perform() or curl_multi_socket*() soon */ CURLM_OK, CURLM_BAD_HANDLE, /* the passed-in handle is not a valid CURLM handle */ CURLM_BAD_EASY_HANDLE, /* an easy handle was not good/valid */ CURLM_OUT_OF_MEMORY, /* if you ever get this, you're in deep sh*t */ CURLM_INTERNAL_ERROR, /* this is a libcurl bug */ CURLM_BAD_SOCKET, /* the passed in socket argument did not match */ CURLM_UNKNOWN_OPTION, /* curl_multi_setopt() with unsupported option */ CURLM_ADDED_ALREADY, /* an easy handle already added to a multi handle was attempted to get added - again */ CURLM_LAST } CURLMcode; /* just to make code nicer when using curl_multi_socket() you can now check for CURLM_CALL_MULTI_SOCKET too in the same style it works for curl_multi_perform() and CURLM_CALL_MULTI_PERFORM */ #define CURLM_CALL_MULTI_SOCKET CURLM_CALL_MULTI_PERFORM /* bitmask bits for CURLMOPT_PIPELINING */ #define CURLPIPE_NOTHING 0L #define CURLPIPE_HTTP1 1L #define CURLPIPE_MULTIPLEX 2L typedef enum { CURLMSG_NONE, /* first, not used */ CURLMSG_DONE, /* This easy handle has completed. 'result' contains the CURLcode of the transfer */ CURLMSG_LAST /* last, not used */ } CURLMSG; struct CURLMsg { CURLMSG msg; /* what this message means */ CURL *easy_handle; /* the handle it concerns */ union { void *whatever; /* message-specific data */ CURLcode result; /* return code for transfer */ } data; }; typedef struct CURLMsg CURLMsg; /* Based on poll(2) structure and values. * We don't use pollfd and POLL* constants explicitly * to cover platforms without poll(). */ #define CURL_WAIT_POLLIN 0x0001 #define CURL_WAIT_POLLPRI 0x0002 #define CURL_WAIT_POLLOUT 0x0004 struct curl_waitfd { curl_socket_t fd; short events; short revents; /* not supported yet */ }; /* * Name: curl_multi_init() * * Desc: inititalize multi-style curl usage * * Returns: a new CURLM handle to use in all 'curl_multi' functions. */ CURL_EXTERN CURLM *curl_multi_init(void); /* * Name: curl_multi_add_handle() * * Desc: add a standard curl handle to the multi stack * * Returns: CURLMcode type, general multi error code. */ CURL_EXTERN CURLMcode curl_multi_add_handle(CURLM *multi_handle, CURL *curl_handle); /* * Name: curl_multi_remove_handle() * * Desc: removes a curl handle from the multi stack again * * Returns: CURLMcode type, general multi error code. */ CURL_EXTERN CURLMcode curl_multi_remove_handle(CURLM *multi_handle, CURL *curl_handle); /* * Name: curl_multi_fdset() * * Desc: Ask curl for its fd_set sets. The app can use these to select() or * poll() on. We want curl_multi_perform() called as soon as one of * them are ready. * * Returns: CURLMcode type, general multi error code. */ CURL_EXTERN CURLMcode curl_multi_fdset(CURLM *multi_handle, fd_set *read_fd_set, fd_set *write_fd_set, fd_set *exc_fd_set, int *max_fd); /* * Name: curl_multi_wait() * * Desc: Poll on all fds within a CURLM set as well as any * additional fds passed to the function. * * Returns: CURLMcode type, general multi error code. */ CURL_EXTERN CURLMcode curl_multi_wait(CURLM *multi_handle, struct curl_waitfd extra_fds[], unsigned int extra_nfds, int timeout_ms, int *ret); /* * Name: curl_multi_perform() * * Desc: When the app thinks there's data available for curl it calls this * function to read/write whatever there is right now. This returns * as soon as the reads and writes are done. This function does not * require that there actually is data available for reading or that * data can be written, it can be called just in case. It returns * the number of handles that still transfer data in the second * argument's integer-pointer. * * Returns: CURLMcode type, general multi error code. *NOTE* that this only * returns errors etc regarding the whole multi stack. There might * still have occurred problems on invidual transfers even when this * returns OK. */ CURL_EXTERN CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles); /* * Name: curl_multi_cleanup() * * Desc: Cleans up and removes a whole multi stack. It does not free or * touch any individual easy handles in any way. We need to define * in what state those handles will be if this function is called * in the middle of a transfer. * * Returns: CURLMcode type, general multi error code. */ CURL_EXTERN CURLMcode curl_multi_cleanup(CURLM *multi_handle); /* * Name: curl_multi_info_read() * * Desc: Ask the multi handle if there's any messages/informationals from * the individual transfers. Messages include informationals such as * error code from the transfer or just the fact that a transfer is * completed. More details on these should be written down as well. * * Repeated calls to this function will return a new struct each * time, until a special "end of msgs" struct is returned as a signal * that there is no more to get at this point. * * The data the returned pointer points to will not survive calling * curl_multi_cleanup(). * * The 'CURLMsg' struct is meant to be very simple and only contain * very basic informations. If more involved information is wanted, * we will provide the particular "transfer handle" in that struct * and that should/could/would be used in subsequent * curl_easy_getinfo() calls (or similar). The point being that we * must never expose complex structs to applications, as then we'll * undoubtably get backwards compatibility problems in the future. * * Returns: A pointer to a filled-in struct, or NULL if it failed or ran out * of structs. It also writes the number of messages left in the * queue (after this read) in the integer the second argument points * to. */ CURL_EXTERN CURLMsg *curl_multi_info_read(CURLM *multi_handle, int *msgs_in_queue); /* * Name: curl_multi_strerror() * * Desc: The curl_multi_strerror function may be used to turn a CURLMcode * value into the equivalent human readable error string. This is * useful for printing meaningful error messages. * * Returns: A pointer to a zero-terminated error message. */ CURL_EXTERN const char *curl_multi_strerror(CURLMcode); /* * Name: curl_multi_socket() and * curl_multi_socket_all() * * Desc: An alternative version of curl_multi_perform() that allows the * application to pass in one of the file descriptors that have been * detected to have "action" on them and let libcurl perform. * See man page for details. */ #define CURL_POLL_NONE 0 #define CURL_POLL_IN 1 #define CURL_POLL_OUT 2 #define CURL_POLL_INOUT 3 #define CURL_POLL_REMOVE 4 #define CURL_SOCKET_TIMEOUT CURL_SOCKET_BAD #define CURL_CSELECT_IN 0x01 #define CURL_CSELECT_OUT 0x02 #define CURL_CSELECT_ERR 0x04 typedef int (*curl_socket_callback)(CURL *easy, /* easy handle */ curl_socket_t s, /* socket */ int what, /* see above */ void *userp, /* private callback pointer */ void *socketp); /* private socket pointer */ /* * Name: curl_multi_timer_callback * * Desc: Called by libcurl whenever the library detects a change in the * maximum number of milliseconds the app is allowed to wait before * curl_multi_socket() or curl_multi_perform() must be called * (to allow libcurl's timed events to take place). * * Returns: The callback should return zero. */ typedef int (*curl_multi_timer_callback)(CURLM *multi, /* multi handle */ long timeout_ms, /* see above */ void *userp); /* private callback pointer */ CURL_EXTERN CURLMcode curl_multi_socket(CURLM *multi_handle, curl_socket_t s, int *running_handles); CURL_EXTERN CURLMcode curl_multi_socket_action(CURLM *multi_handle, curl_socket_t s, int ev_bitmask, int *running_handles); CURL_EXTERN CURLMcode curl_multi_socket_all(CURLM *multi_handle, int *running_handles); #ifndef CURL_ALLOW_OLD_MULTI_SOCKET /* This macro below was added in 7.16.3 to push users who recompile to use the new curl_multi_socket_action() instead of the old curl_multi_socket() */ #define curl_multi_socket(x,y,z) curl_multi_socket_action(x,y,0,z) #endif /* * Name: curl_multi_timeout() * * Desc: Returns the maximum number of milliseconds the app is allowed to * wait before curl_multi_socket() or curl_multi_perform() must be * called (to allow libcurl's timed events to take place). * * Returns: CURLM error code. */ CURL_EXTERN CURLMcode curl_multi_timeout(CURLM *multi_handle, long *milliseconds); #undef CINIT /* re-using the same name as in curl.h */ #ifdef CURL_ISOCPP #define CINIT(name,type,num) CURLMOPT_ ## name = CURLOPTTYPE_ ## type + num #else /* The macro "##" is ISO C, we assume pre-ISO C doesn't support it. */ #define LONG CURLOPTTYPE_LONG #define OBJECTPOINT CURLOPTTYPE_OBJECTPOINT #define FUNCTIONPOINT CURLOPTTYPE_FUNCTIONPOINT #define OFF_T CURLOPTTYPE_OFF_T #define CINIT(name,type,number) CURLMOPT_/**/name = type + number #endif typedef enum { /* This is the socket callback function pointer */ CINIT(SOCKETFUNCTION, FUNCTIONPOINT, 1), /* This is the argument passed to the socket callback */ CINIT(SOCKETDATA, OBJECTPOINT, 2), /* set to 1 to enable pipelining for this multi handle */ CINIT(PIPELINING, LONG, 3), /* This is the timer callback function pointer */ CINIT(TIMERFUNCTION, FUNCTIONPOINT, 4), /* This is the argument passed to the timer callback */ CINIT(TIMERDATA, OBJECTPOINT, 5), /* maximum number of entries in the connection cache */ CINIT(MAXCONNECTS, LONG, 6), /* maximum number of (pipelining) connections to one host */ CINIT(MAX_HOST_CONNECTIONS, LONG, 7), /* maximum number of requests in a pipeline */ CINIT(MAX_PIPELINE_LENGTH, LONG, 8), /* a connection with a content-length longer than this will not be considered for pipelining */ CINIT(CONTENT_LENGTH_PENALTY_SIZE, OFF_T, 9), /* a connection with a chunk length longer than this will not be considered for pipelining */ CINIT(CHUNK_LENGTH_PENALTY_SIZE, OFF_T, 10), /* a list of site names(+port) that are blacklisted from pipelining */ CINIT(PIPELINING_SITE_BL, OBJECTPOINT, 11), /* a list of server types that are blacklisted from pipelining */ CINIT(PIPELINING_SERVER_BL, OBJECTPOINT, 12), /* maximum number of open connections in total */ CINIT(MAX_TOTAL_CONNECTIONS, LONG, 13), /* This is the server push callback function pointer */ CINIT(PUSHFUNCTION, FUNCTIONPOINT, 14), /* This is the argument passed to the server push callback */ CINIT(PUSHDATA, OBJECTPOINT, 15), CURLMOPT_LASTENTRY /* the last unused */ } CURLMoption; /* * Name: curl_multi_setopt() * * Desc: Sets options for the multi handle. * * Returns: CURLM error code. */ CURL_EXTERN CURLMcode curl_multi_setopt(CURLM *multi_handle, CURLMoption option, ...); /* * Name: curl_multi_assign() * * Desc: This function sets an association in the multi handle between the * given socket and a private pointer of the application. This is * (only) useful for curl_multi_socket uses. * * Returns: CURLM error code. */ CURL_EXTERN CURLMcode curl_multi_assign(CURLM *multi_handle, curl_socket_t sockfd, void *sockp); /* * Name: curl_push_callback * * Desc: This callback gets called when a new stream is being pushed by the * server. It approves or denies the new stream. * * Returns: CURL_PUSH_OK or CURL_PUSH_DENY. */ #define CURL_PUSH_OK 0 #define CURL_PUSH_DENY 1 struct curl_pushheaders; /* forward declaration only */ CURL_EXTERN char *curl_pushheader_bynum(struct curl_pushheaders *h, size_t num); CURL_EXTERN char *curl_pushheader_byname(struct curl_pushheaders *h, const char *name); typedef int (*curl_push_callback)(CURL *parent, CURL *easy, size_t num_headers, struct curl_pushheaders *headers, void *userp); #ifdef __cplusplus } /* end of extern "C" */ #endif #endif |
Added scriptlibs/softwareupdate/curl/include/curl/stdcheaders.h.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 | #ifndef __STDC_HEADERS_H #define __STDC_HEADERS_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at https://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * ***************************************************************************/ #include <sys/types.h> size_t fread(void *, size_t, size_t, FILE *); size_t fwrite(const void *, size_t, size_t, FILE *); int strcasecmp(const char *, const char *); int strncasecmp(const char *, const char *, size_t); #endif /* __STDC_HEADERS_H */ |
Added scriptlibs/softwareupdate/curl/include/curl/typecheck-gcc.h.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 | #ifndef __CURL_TYPECHECK_GCC_H #define __CURL_TYPECHECK_GCC_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | * / __| | | | |_) | | * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at https://curl.haxx.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. * * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY * KIND, either express or implied. * ***************************************************************************/ /* wraps curl_easy_setopt() with typechecking */ /* To add a new kind of warning, add an * if(_curl_is_sometype_option(_curl_opt)) * if(!_curl_is_sometype(value)) * _curl_easy_setopt_err_sometype(); * block and define _curl_is_sometype_option, _curl_is_sometype and * _curl_easy_setopt_err_sometype below * * NOTE: We use two nested 'if' statements here instead of the && operator, in * order to work around gcc bug #32061. It affects only gcc 4.3.x/4.4.x * when compiling with -Wlogical-op. * * To add an option that uses the same type as an existing option, you'll just * need to extend the appropriate _curl_*_option macro */ #define curl_easy_setopt(handle, option, value) \ __extension__ ({ \ __typeof__(option) _curl_opt = option; \ if(__builtin_constant_p(_curl_opt)) { \ if(_curl_is_long_option(_curl_opt)) \ if(!_curl_is_long(value)) \ _curl_easy_setopt_err_long(); \ if(_curl_is_off_t_option(_curl_opt)) \ if(!_curl_is_off_t(value)) \ _curl_easy_setopt_err_curl_off_t(); \ if(_curl_is_string_option(_curl_opt)) \ if(!_curl_is_string(value)) \ _curl_easy_setopt_err_string(); \ if(_curl_is_write_cb_option(_curl_opt)) \ if(!_curl_is_write_cb(value)) \ _curl_easy_setopt_err_write_callback(); \ if((_curl_opt) == CURLOPT_READFUNCTION) \ if(!_curl_is_read_cb(value)) \ _curl_easy_setopt_err_read_cb(); \ if((_curl_opt) == CURLOPT_IOCTLFUNCTION) \ if(!_curl_is_ioctl_cb(value)) \ _curl_easy_setopt_err_ioctl_cb(); \ if((_curl_opt) == CURLOPT_SOCKOPTFUNCTION) \ if(!_curl_is_sockopt_cb(value)) \ _curl_easy_setopt_err_sockopt_cb(); \ if((_curl_opt) == CURLOPT_OPENSOCKETFUNCTION) \ if(!_curl_is_opensocket_cb(value)) \ _curl_easy_setopt_err_opensocket_cb(); \ if((_curl_opt) == CURLOPT_PROGRESSFUNCTION) \ if(!_curl_is_progress_cb(value)) \ _curl_easy_setopt_err_progress_cb(); \ if((_curl_opt) == CURLOPT_DEBUGFUNCTION) \ if(!_curl_is_debug_cb(value)) \ _curl_easy_setopt_err_debug_cb(); \ if((_curl_opt) == CURLOPT_SSL_CTX_FUNCTION) \ if(!_curl_is_ssl_ctx_cb(value)) \ _curl_easy_setopt_err_ssl_ctx_cb(); \ if(_curl_is_conv_cb_option(_curl_opt)) \ if(!_curl_is_conv_cb(value)) \ _curl_easy_setopt_err_conv_cb(); \ if((_curl_opt) == CURLOPT_SEEKFUNCTION) \ if(!_curl_is_seek_cb(value)) \ _curl_easy_setopt_err_seek_cb(); \ if(_curl_is_cb_data_option(_curl_opt)) \ if(!_curl_is_cb_data(value)) \ _curl_easy_setopt_err_cb_data(); \ if((_curl_opt) == CURLOPT_ERRORBUFFER) \ if(!_curl_is_error_buffer(value)) \ _curl_easy_setopt_err_error_buffer(); \ if((_curl_opt) == CURLOPT_STDERR) \ if(!_curl_is_FILE(value)) \ _curl_easy_setopt_err_FILE(); \ if(_curl_is_postfields_option(_curl_opt)) \ if(!_curl_is_postfields(value)) \ _curl_easy_setopt_err_postfields(); \ if((_curl_opt) == CURLOPT_HTTPPOST) \ if(!_curl_is_arr((value), struct curl_httppost)) \ _curl_easy_setopt_err_curl_httpost(); \ if(_curl_is_slist_option(_curl_opt)) \ if(!_curl_is_arr((value), struct curl_slist)) \ _curl_easy_setopt_err_curl_slist(); \ if((_curl_opt) == CURLOPT_SHARE) \ if(!_curl_is_ptr((value), CURLSH)) \ _curl_easy_setopt_err_CURLSH(); \ } \ curl_easy_setopt(handle, _curl_opt, value); \ }) /* wraps curl_easy_getinfo() with typechecking */ /* FIXME: don't allow const pointers */ #define curl_easy_getinfo(handle, info, arg) \ __extension__ ({ \ __typeof__(info) _curl_info = info; \ if(__builtin_constant_p(_curl_info)) { \ if(_curl_is_string_info(_curl_info)) \ if(!_curl_is_arr((arg), char *)) \ _curl_easy_getinfo_err_string(); \ if(_curl_is_long_info(_curl_info)) \ if(!_curl_is_arr((arg), long)) \ _curl_easy_getinfo_err_long(); \ if(_curl_is_double_info(_curl_info)) \ if(!_curl_is_arr((arg), double)) \ _curl_easy_getinfo_err_double(); \ if(_curl_is_slist_info(_curl_info)) \ if(!_curl_is_arr((arg), struct curl_slist *)) \ _curl_easy_getinfo_err_curl_slist(); \ } \ curl_easy_getinfo(handle, _curl_info, arg); \ }) /* TODO: typechecking for curl_share_setopt() and curl_multi_setopt(), * for now just make sure that the functions are called with three * arguments */ #define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param) #define curl_multi_setopt(handle,opt,param) curl_multi_setopt(handle,opt,param) /* the actual warnings, triggered by calling the _curl_easy_setopt_err* * functions */ /* To define a new warning, use _CURL_WARNING(identifier, "message") */ #define _CURL_WARNING(id, message) \ static void __attribute__((__warning__(message))) \ __attribute__((__unused__)) __attribute__((__noinline__)) \ id(void) { __asm__(""); } _CURL_WARNING(_curl_easy_setopt_err_long, "curl_easy_setopt expects a long argument for this option") _CURL_WARNING(_curl_easy_setopt_err_curl_off_t, "curl_easy_setopt expects a curl_off_t argument for this option") _CURL_WARNING(_curl_easy_setopt_err_string, "curl_easy_setopt expects a " "string ('char *' or char[]) argument for this option" ) _CURL_WARNING(_curl_easy_setopt_err_write_callback, "curl_easy_setopt expects a curl_write_callback argument for this option") _CURL_WARNING(_curl_easy_setopt_err_read_cb, "curl_easy_setopt expects a curl_read_callback argument for this option") _CURL_WARNING(_curl_easy_setopt_err_ioctl_cb, "curl_easy_setopt expects a curl_ioctl_callback argument for this option") _CURL_WARNING(_curl_easy_setopt_err_sockopt_cb, "curl_easy_setopt expects a curl_sockopt_callback argument for this option") _CURL_WARNING(_curl_easy_setopt_err_opensocket_cb, "curl_easy_setopt expects a " "curl_opensocket_callback argument for this option" ) _CURL_WARNING(_curl_easy_setopt_err_progress_cb, "curl_easy_setopt expects a curl_progress_callback argument for this option") _CURL_WARNING(_curl_easy_setopt_err_debug_cb, "curl_easy_setopt expects a curl_debug_callback argument for this option") _CURL_WARNING(_curl_easy_setopt_err_ssl_ctx_cb, "curl_easy_setopt expects a curl_ssl_ctx_callback argument for this option") _CURL_WARNING(_curl_easy_setopt_err_conv_cb, "curl_easy_setopt expects a curl_conv_callback argument for this option") _CURL_WARNING(_curl_easy_setopt_err_seek_cb, "curl_easy_setopt expects a curl_seek_callback argument for this option") _CURL_WARNING(_curl_easy_setopt_err_cb_data, "curl_easy_setopt expects a " "private data pointer as argument for this option") _CURL_WARNING(_curl_easy_setopt_err_error_buffer, "curl_easy_setopt expects a " "char buffer of CURL_ERROR_SIZE as argument for this option") _CURL_WARNING(_curl_easy_setopt_err_FILE, "curl_easy_setopt expects a 'FILE *' argument for this option") _CURL_WARNING(_curl_easy_setopt_err_postfields, "curl_easy_setopt expects a 'void *' or 'char *' argument for this option") _CURL_WARNING(_curl_easy_setopt_err_curl_httpost, "curl_easy_setopt expects a 'struct curl_httppost *' " "argument for this option") _CURL_WARNING(_curl_easy_setopt_err_curl_slist, "curl_easy_setopt expects a 'struct curl_slist *' argument for this option") _CURL_WARNING(_curl_easy_setopt_err_CURLSH, "curl_easy_setopt expects a CURLSH* argument for this option") _CURL_WARNING(_curl_easy_getinfo_err_string, "curl_easy_getinfo expects a pointer to 'char *' for this info") _CURL_WARNING(_curl_easy_getinfo_err_long, "curl_easy_getinfo expects a pointer to long for this info") _CURL_WARNING(_curl_easy_getinfo_err_double, "curl_easy_getinfo expects a pointer to double for this info") _CURL_WARNING(_curl_easy_getinfo_err_curl_slist, "curl_easy_getinfo expects a pointer to 'struct curl_slist *' for this info") /* groups of curl_easy_setops options that take the same type of argument */ /* To add a new option to one of the groups, just add * (option) == CURLOPT_SOMETHING * to the or-expression. If the option takes a long or curl_off_t, you don't * have to do anything */ /* evaluates to true if option takes a long argument */ #define _curl_is_long_option(option) \ (0 < (option) && (option) < CURLOPTTYPE_OBJECTPOINT) #define _curl_is_off_t_option(option) \ ((option) > CURLOPTTYPE_OFF_T) /* evaluates to true if option takes a char* argument */ #define _curl_is_string_option(option) \ ((option) == CURLOPT_ABSTRACT_UNIX_SOCKET || \ (option) == CURLOPT_ACCEPT_ENCODING || \ (option) == CURLOPT_CAINFO || \ (option) == CURLOPT_CAPATH || \ (option) == CURLOPT_COOKIE || \ (option) == CURLOPT_COOKIEFILE || \ (option) == CURLOPT_COOKIEJAR || \ (option) == CURLOPT_COOKIELIST || \ (option) == CURLOPT_CRLFILE || \ (option) == CURLOPT_CUSTOMREQUEST || \ (option) == CURLOPT_DEFAULT_PROTOCOL || \ (option) == CURLOPT_DNS_INTERFACE || \ (option) == CURLOPT_DNS_LOCAL_IP4 || \ (option) == CURLOPT_DNS_LOCAL_IP6 || \ (option) == CURLOPT_DNS_SERVERS || \ (option) == CURLOPT_EGDSOCKET || \ (option) == CURLOPT_FTPPORT || \ (option) == CURLOPT_FTP_ACCOUNT || \ (option) == CURLOPT_FTP_ALTERNATIVE_TO_USER || \ (option) == CURLOPT_INTERFACE || \ (option) == CURLOPT_ISSUERCERT || \ (option) == CURLOPT_KEYPASSWD || \ (option) == CURLOPT_KRBLEVEL || \ (option) == CURLOPT_LOGIN_OPTIONS || \ (option) == CURLOPT_MAIL_AUTH || \ (option) == CURLOPT_MAIL_FROM || \ (option) == CURLOPT_NETRC_FILE || \ (option) == CURLOPT_NOPROXY || \ (option) == CURLOPT_PASSWORD || \ (option) == CURLOPT_PINNEDPUBLICKEY || \ (option) == CURLOPT_PROXY || \ (option) == CURLOPT_PROXYPASSWORD || \ (option) == CURLOPT_PROXYUSERNAME || \ (option) == CURLOPT_PROXYUSERPWD || \ (option) == CURLOPT_PROXY_SERVICE_NAME || \ (option) == CURLOPT_RANDOM_FILE || \ (option) == CURLOPT_RANGE || \ (option) == CURLOPT_REFERER || \ (option) == CURLOPT_RTSP_SESSION_ID || \ (option) == CURLOPT_RTSP_STREAM_URI || \ (option) == CURLOPT_RTSP_TRANSPORT || \ (option) == CURLOPT_SERVICE_NAME || \ (option) == CURLOPT_SOCKS5_GSSAPI_SERVICE || \ (option) == CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 || \ (option) == CURLOPT_SSH_KNOWNHOSTS || \ (option) == CURLOPT_SSH_PRIVATE_KEYFILE || \ (option) == CURLOPT_SSH_PUBLIC_KEYFILE || \ (option) == CURLOPT_SSLCERT || \ (option) == CURLOPT_SSLCERTTYPE || \ (option) == CURLOPT_SSLENGINE || \ (option) == CURLOPT_SSLKEY || \ (option) == CURLOPT_SSLKEYTYPE || \ (option) == CURLOPT_SSL_CIPHER_LIST || \ (option) == CURLOPT_TLSAUTH_PASSWORD || \ (option) == CURLOPT_TLSAUTH_TYPE || \ (option) == CURLOPT_TLSAUTH_USERNAME || \ (option) == CURLOPT_UNIX_SOCKET_PATH || \ (option) == CURLOPT_URL || \ (option) == CURLOPT_USERAGENT || \ (option) == CURLOPT_USERNAME || \ (option) == CURLOPT_USERPWD || \ (option) == CURLOPT_XOAUTH2_BEARER || \ 0) /* evaluates to true if option takes a curl_write_callback argument */ #define _curl_is_write_cb_option(option) \ ((option) == CURLOPT_HEADERFUNCTION || \ (option) == CURLOPT_WRITEFUNCTION) /* evaluates to true if option takes a curl_conv_callback argument */ #define _curl_is_conv_cb_option(option) \ ((option) == CURLOPT_CONV_TO_NETWORK_FUNCTION || \ (option) == CURLOPT_CONV_FROM_NETWORK_FUNCTION || \ (option) == CURLOPT_CONV_FROM_UTF8_FUNCTION) /* evaluates to true if option takes a data argument to pass to a callback */ #define _curl_is_cb_data_option(option) \ ((option) == CURLOPT_CHUNK_DATA || \ (option) == CURLOPT_CLOSESOCKETDATA || \ (option) == CURLOPT_DEBUGDATA || \ (option) == CURLOPT_FNMATCH_DATA || \ (option) == CURLOPT_HEADERDATA || \ (option) == CURLOPT_INTERLEAVEDATA || \ (option) == CURLOPT_IOCTLDATA || \ (option) == CURLOPT_OPENSOCKETDATA || \ (option) == CURLOPT_PRIVATE || \ (option) == CURLOPT_PROGRESSDATA || \ (option) == CURLOPT_READDATA || \ (option) == CURLOPT_SEEKDATA || \ (option) == CURLOPT_SOCKOPTDATA || \ (option) == CURLOPT_SSH_KEYDATA || \ (option) == CURLOPT_SSL_CTX_DATA || \ (option) == CURLOPT_WRITEDATA || \ 0) /* evaluates to true if option takes a POST data argument (void* or char*) */ #define _curl_is_postfields_option(option) \ ((option) == CURLOPT_POSTFIELDS || \ (option) == CURLOPT_COPYPOSTFIELDS || \ 0) /* evaluates to true if option takes a struct curl_slist * argument */ #define _curl_is_slist_option(option) \ ((option) == CURLOPT_HTTP200ALIASES || \ (option) == CURLOPT_HTTPHEADER || \ (option) == CURLOPT_MAIL_RCPT || \ (option) == CURLOPT_POSTQUOTE || \ (option) == CURLOPT_PREQUOTE || \ (option) == CURLOPT_PROXYHEADER || \ (option) == CURLOPT_QUOTE || \ (option) == CURLOPT_RESOLVE || \ (option) == CURLOPT_TELNETOPTIONS || \ 0) /* groups of curl_easy_getinfo infos that take the same type of argument */ /* evaluates to true if info expects a pointer to char * argument */ #define _curl_is_string_info(info) \ (CURLINFO_STRING < (info) && (info) < CURLINFO_LONG) /* evaluates to true if info expects a pointer to long argument */ #define _curl_is_long_info(info) \ (CURLINFO_LONG < (info) && (info) < CURLINFO_DOUBLE) /* evaluates to true if info expects a pointer to double argument */ #define _curl_is_double_info(info) \ (CURLINFO_DOUBLE < (info) && (info) < CURLINFO_SLIST) /* true if info expects a pointer to struct curl_slist * argument */ #define _curl_is_slist_info(info) \ (CURLINFO_SLIST < (info)) /* typecheck helpers -- check whether given expression has requested type*/ /* For pointers, you can use the _curl_is_ptr/_curl_is_arr macros, * otherwise define a new macro. Search for __builtin_types_compatible_p * in the GCC manual. * NOTE: these macros MUST NOT EVALUATE their arguments! The argument is * the actual expression passed to the curl_easy_setopt macro. This * means that you can only apply the sizeof and __typeof__ operators, no * == or whatsoever. */ /* XXX: should evaluate to true iff expr is a pointer */ #define _curl_is_any_ptr(expr) \ (sizeof(expr) == sizeof(void *)) /* evaluates to true if expr is NULL */ /* XXX: must not evaluate expr, so this check is not accurate */ #define _curl_is_NULL(expr) \ (__builtin_types_compatible_p(__typeof__(expr), __typeof__(NULL))) /* evaluates to true if expr is type*, const type* or NULL */ #define _curl_is_ptr(expr, type) \ (_curl_is_NULL(expr) || \ __builtin_types_compatible_p(__typeof__(expr), type *) || \ __builtin_types_compatible_p(__typeof__(expr), const type *)) /* evaluates to true if expr is one of type[], type*, NULL or const type* */ #define _curl_is_arr(expr, type) \ (_curl_is_ptr((expr), type) || \ __builtin_types_compatible_p(__typeof__(expr), type [])) /* evaluates to true if expr is a string */ #define _curl_is_string(expr) \ (_curl_is_arr((expr), char) || \ _curl_is_arr((expr), signed char) || \ _curl_is_arr((expr), unsigned char)) /* evaluates to true if expr is a long (no matter the signedness) * XXX: for now, int is also accepted (and therefore short and char, which * are promoted to int when passed to a variadic function) */ #define _curl_is_long(expr) \ (__builtin_types_compatible_p(__typeof__(expr), long) || \ __builtin_types_compatible_p(__typeof__(expr), signed long) || \ __builtin_types_compatible_p(__typeof__(expr), unsigned long) || \ __builtin_types_compatible_p(__typeof__(expr), int) || \ __builtin_types_compatible_p(__typeof__(expr), signed int) || \ __builtin_types_compatible_p(__typeof__(expr), unsigned int) || \ __builtin_types_compatible_p(__typeof__(expr), short) || \ __builtin_types_compatible_p(__typeof__(expr), signed short) || \ __builtin_types_compatible_p(__typeof__(expr), unsigned short) || \ __builtin_types_compatible_p(__typeof__(expr), char) || \ __builtin_types_compatible_p(__typeof__(expr), signed char) || \ __builtin_types_compatible_p(__typeof__(expr), unsigned char)) /* evaluates to true if expr is of type curl_off_t */ #define _curl_is_off_t(expr) \ (__builtin_types_compatible_p(__typeof__(expr), curl_off_t)) /* evaluates to true if expr is abuffer suitable for CURLOPT_ERRORBUFFER */ /* XXX: also check size of an char[] array? */ #define _curl_is_error_buffer(expr) \ (_curl_is_NULL(expr) || \ __builtin_types_compatible_p(__typeof__(expr), char *) || \ __builtin_types_compatible_p(__typeof__(expr), char[])) /* evaluates to true if expr is of type (const) void* or (const) FILE* */ #if 0 #define _curl_is_cb_data(expr) \ (_curl_is_ptr((expr), void) || \ _curl_is_ptr((expr), FILE)) #else /* be less strict */ #define _curl_is_cb_data(expr) \ _curl_is_any_ptr(expr) #endif /* evaluates to true if expr is of type FILE* */ #define _curl_is_FILE(expr) \ (__builtin_types_compatible_p(__typeof__(expr), FILE *)) /* evaluates to true if expr can be passed as POST data (void* or char*) */ #define _curl_is_postfields(expr) \ (_curl_is_ptr((expr), void) || \ _curl_is_arr((expr), char)) /* FIXME: the whole callback checking is messy... * The idea is to tolerate char vs. void and const vs. not const * pointers in arguments at least */ /* helper: __builtin_types_compatible_p distinguishes between functions and * function pointers, hide it */ #define _curl_callback_compatible(func, type) \ (__builtin_types_compatible_p(__typeof__(func), type) || \ __builtin_types_compatible_p(__typeof__(func), type*)) /* evaluates to true if expr is of type curl_read_callback or "similar" */ #define _curl_is_read_cb(expr) \ (_curl_is_NULL(expr) || \ __builtin_types_compatible_p(__typeof__(expr), __typeof__(fread)) || \ __builtin_types_compatible_p(__typeof__(expr), curl_read_callback) || \ _curl_callback_compatible((expr), _curl_read_callback1) || \ _curl_callback_compatible((expr), _curl_read_callback2) || \ _curl_callback_compatible((expr), _curl_read_callback3) || \ _curl_callback_compatible((expr), _curl_read_callback4) || \ _curl_callback_compatible((expr), _curl_read_callback5) || \ _curl_callback_compatible((expr), _curl_read_callback6)) typedef size_t (_curl_read_callback1)(char *, size_t, size_t, void *); typedef size_t (_curl_read_callback2)(char *, size_t, size_t, const void *); typedef size_t (_curl_read_callback3)(char *, size_t, size_t, FILE *); typedef size_t (_curl_read_callback4)(void *, size_t, size_t, void *); typedef size_t (_curl_read_callback5)(void *, size_t, size_t, const void *); typedef size_t (_curl_read_callback6)(void *, size_t, size_t, FILE *); /* evaluates to true if expr is of type curl_write_callback or "similar" */ #define _curl_is_write_cb(expr) \ (_curl_is_read_cb(expr) || \ __builtin_types_compatible_p(__typeof__(expr), __typeof__(fwrite)) || \ __builtin_types_compatible_p(__typeof__(expr), curl_write_callback) || \ _curl_callback_compatible((expr), _curl_write_callback1) || \ _curl_callback_compatible((expr), _curl_write_callback2) || \ _curl_callback_compatible((expr), _curl_write_callback3) || \ _curl_callback_compatible((expr), _curl_write_callback4) || \ _curl_callback_compatible((expr), _curl_write_callback5) || \ _curl_callback_compatible((expr), _curl_write_callback6)) typedef size_t (_curl_write_callback1)(const char *, size_t, size_t, void *); typedef size_t (_curl_write_callback2)(const char *, size_t, size_t, const void *); typedef size_t (_curl_write_callback3)(const char *, size_t, size_t, FILE *); typedef size_t (_curl_write_callback4)(const void *, size_t, size_t, void *); typedef size_t (_curl_write_callback5)(const void *, size_t, size_t, const void *); typedef size_t (_curl_write_callback6)(const void *, size_t, size_t, FILE *); /* evaluates to true if expr is of type curl_ioctl_callback or "similar" */ #define _curl_is_ioctl_cb(expr) \ (_curl_is_NULL(expr) || \ __builtin_types_compatible_p(__typeof__(expr), curl_ioctl_callback) || \ _curl_callback_compatible((expr), _curl_ioctl_callback1) || \ _curl_callback_compatible((expr), _curl_ioctl_callback2) || \ _curl_callback_compatible((expr), _curl_ioctl_callback3) || \ _curl_callback_compatible((expr), _curl_ioctl_callback4)) typedef curlioerr (_curl_ioctl_callback1)(CURL *, int, void *); typedef curlioerr (_curl_ioctl_callback2)(CURL *, int, const void *); typedef curlioerr (_curl_ioctl_callback3)(CURL *, curliocmd, void *); typedef curlioerr (_curl_ioctl_callback4)(CURL *, curliocmd, const void *); /* evaluates to true if expr is of type curl_sockopt_callback or "similar" */ #define _curl_is_sockopt_cb(expr) \ (_curl_is_NULL(expr) || \ __builtin_types_compatible_p(__typeof__(expr), curl_sockopt_callback) || \ _curl_callback_compatible((expr), _curl_sockopt_callback1) || \ _curl_callback_compatible((expr), _curl_sockopt_callback2)) typedef int (_curl_sockopt_callback1)(void *, curl_socket_t, curlsocktype); typedef int (_curl_sockopt_callback2)(const void *, curl_socket_t, curlsocktype); /* evaluates to true if expr is of type curl_opensocket_callback or "similar" */ #define _curl_is_opensocket_cb(expr) \ (_curl_is_NULL(expr) || \ __builtin_types_compatible_p(__typeof__(expr), curl_opensocket_callback) ||\ _curl_callback_compatible((expr), _curl_opensocket_callback1) || \ _curl_callback_compatible((expr), _curl_opensocket_callback2) || \ _curl_callback_compatible((expr), _curl_opensocket_callback3) || \ _curl_callback_compatible((expr), _curl_opensocket_callback4)) typedef curl_socket_t (_curl_opensocket_callback1) (void *, curlsocktype, struct curl_sockaddr *); typedef curl_socket_t (_curl_opensocket_callback2) (void *, curlsocktype, const struct curl_sockaddr *); typedef curl_socket_t (_curl_opensocket_callback3) (const void *, curlsocktype, struct curl_sockaddr *); typedef curl_socket_t (_curl_opensocket_callback4) (const void *, curlsocktype, const struct curl_sockaddr *); /* evaluates to true if expr is of type curl_progress_callback or "similar" */ #define _curl_is_progress_cb(expr) \ (_curl_is_NULL(expr) || \ __builtin_types_compatible_p(__typeof__(expr), curl_progress_callback) || \ _curl_callback_compatible((expr), _curl_progress_callback1) || \ _curl_callback_compatible((expr), _curl_progress_callback2)) typedef int (_curl_progress_callback1)(void *, double, double, double, double); typedef int (_curl_progress_callback2)(const void *, double, double, double, double); /* evaluates to true if expr is of type curl_debug_callback or "similar" */ #define _curl_is_debug_cb(expr) \ (_curl_is_NULL(expr) || \ __builtin_types_compatible_p(__typeof__(expr), curl_debug_callback) || \ _curl_callback_compatible((expr), _curl_debug_callback1) || \ _curl_callback_compatible((expr), _curl_debug_callback2) || \ _curl_callback_compatible((expr), _curl_debug_callback3) || \ _curl_callback_compatible((expr), _curl_debug_callback4) || \ _curl_callback_compatible((expr), _curl_debug_callback5) || \ _curl_callback_compatible((expr), _curl_debug_callback6) || \ _curl_callback_compatible((expr), _curl_debug_callback7) || \ _curl_callback_compatible((expr), _curl_debug_callback8)) typedef int (_curl_debug_callback1) (CURL *, curl_infotype, char *, size_t, void *); typedef int (_curl_debug_callback2) (CURL *, curl_infotype, char *, size_t, const void *); typedef int (_curl_debug_callback3) (CURL *, curl_infotype, const char *, size_t, void *); typedef int (_curl_debug_callback4) (CURL *, curl_infotype, const char *, size_t, const void *); typedef int (_curl_debug_callback5) (CURL *, curl_infotype, unsigned char *, size_t, void *); typedef int (_curl_debug_callback6) (CURL *, curl_infotype, unsigned char *, size_t, const void *); typedef int (_curl_debug_callback7) (CURL *, curl_infotype, const unsigned char *, size_t, void *); typedef int (_curl_debug_callback8) (CURL *, curl_infotype, const unsigned char *, size_t, const void *); /* evaluates to true if expr is of type curl_ssl_ctx_callback or "similar" */ /* this is getting even messier... */ #define _curl_is_ssl_ctx_cb(expr) \ (_curl_is_NULL(expr) || \ __builtin_types_compatible_p(__typeof__(expr), curl_ssl_ctx_callback) || \ _curl_callback_compatible((expr), _curl_ssl_ctx_callback1) || \ _curl_callback_compatible((expr), _curl_ssl_ctx_callback2) || \ _curl_callback_compatible((expr), _curl_ssl_ctx_callback3) || \ _curl_callback_compatible((expr), _curl_ssl_ctx_callback4) || \ _curl_callback_compatible((expr), _curl_ssl_ctx_callback5) || \ _curl_callback_compatible((expr), _curl_ssl_ctx_callback6) || \ _curl_callback_compatible((expr), _curl_ssl_ctx_callback7) || \ _curl_callback_compatible((expr), _curl_ssl_ctx_callback8)) typedef CURLcode (_curl_ssl_ctx_callback1)(CURL *, void *, void *); typedef CURLcode (_curl_ssl_ctx_callback2)(CURL *, void *, const void *); typedef CURLcode (_curl_ssl_ctx_callback3)(CURL *, const void *, void *); typedef CURLcode (_curl_ssl_ctx_callback4)(CURL *, const void *, const void *); #ifdef HEADER_SSL_H /* hack: if we included OpenSSL's ssl.h, we know about SSL_CTX * this will of course break if we're included before OpenSSL headers... */ typedef CURLcode (_curl_ssl_ctx_callback5)(CURL *, SSL_CTX, void *); typedef CURLcode (_curl_ssl_ctx_callback6)(CURL *, SSL_CTX, const void *); typedef CURLcode (_curl_ssl_ctx_callback7)(CURL *, const SSL_CTX, void *); typedef CURLcode (_curl_ssl_ctx_callback8)(CURL *, const SSL_CTX, const void *); #else typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback5; typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback6; typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback7; typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback8; #endif /* evaluates to true if expr is of type curl_conv_callback or "similar" */ #define _curl_is_conv_cb(expr) \ (_curl_is_NULL(expr) || \ __builtin_types_compatible_p(__typeof__(expr), curl_conv_callback) || \ _curl_callback_compatible((expr), _curl_conv_callback1) || \ _curl_callback_compatible((expr), _curl_conv_callback2) || \ _curl_callback_compatible((expr), _curl_conv_callback3) || \ _curl_callback_compatible((expr), _curl_conv_callback4)) typedef CURLcode (*_curl_conv_callback1)(char *, size_t length); typedef CURLcode (*_curl_conv_callback2)(const char *, size_t length); typedef CURLcode (*_curl_conv_callback3)(void *, size_t length); typedef CURLcode (*_curl_conv_callback4)(const void *, size_t length); /* evaluates to true if expr is of type curl_seek_callback or "similar" */ #define _curl_is_seek_cb(expr) \ (_curl_is_NULL(expr) || \ __builtin_types_compatible_p(__typeof__(expr), curl_seek_callback) || \ _curl_callback_compatible((expr), _curl_seek_callback1) || \ _curl_callback_compatible((expr), _curl_seek_callback2)) typedef CURLcode (*_curl_seek_callback1)(void *, curl_off_t, int); typedef CURLcode (*_curl_seek_callback2)(const void *, curl_off_t, int); #endif /* __CURL_TYPECHECK_GCC_H */ |
Added scriptlibs/softwareupdate/curl/lib/libcurl.a.
cannot compute difference between binary files
Added scriptlibs/softwareupdate/curl/lib/libcurldll.a.
cannot compute difference between binary files
Added scriptlibs/softwareupdate/curl/mk-ca-bundle.pl.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 | #!/usr/bin/perl -w # *************************************************************************** # * _ _ ____ _ # * Project ___| | | | _ \| | # * / __| | | | |_) | | # * | (__| |_| | _ <| |___ # * \___|\___/|_| \_\_____| # * # * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. # * # * This software is licensed as described in the file COPYING, which # * you should have received as part of this distribution. The terms # * are also available at https://curl.haxx.se/docs/copyright.html. # * # * You may opt to use, copy, modify, merge, publish, distribute and/or sell # * copies of the Software, and permit persons to whom the Software is # * furnished to do so, under the terms of the COPYING file. # * # * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY # * KIND, either express or implied. # * # *************************************************************************** # This Perl script creates a fresh ca-bundle.crt file for use with libcurl. # It downloads certdata.txt from Mozilla's source tree (see URL below), # then parses certdata.txt and extracts CA Root Certificates into PEM format. # These are then processed with the OpenSSL commandline tool to produce the # final ca-bundle.crt file. # The script is based on the parse-certs script written by Roland Krikava. # This Perl script works on almost any platform since its only external # dependency is the OpenSSL commandline tool for optional text listing. # Hacked by Guenter Knauf. # use Encode; use Getopt::Std; use MIME::Base64; use strict; use vars qw($opt_b $opt_d $opt_f $opt_h $opt_i $opt_k $opt_l $opt_m $opt_n $opt_p $opt_q $opt_s $opt_t $opt_u $opt_v $opt_w); use List::Util; use Text::Wrap; my $MOD_SHA = "Digest::SHA"; eval "require $MOD_SHA"; if ($@) { $MOD_SHA = "Digest::SHA::PurePerl"; eval "require $MOD_SHA"; } eval "require LWP::UserAgent"; my %urls = ( 'nss' => 'https://hg.mozilla.org/projects/nss/raw-file/tip/lib/ckfw/builtins/certdata.txt', 'central' => 'https://hg.mozilla.org/mozilla-central/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt', 'aurora' => 'https://hg.mozilla.org/releases/mozilla-aurora/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt', 'beta' => 'https://hg.mozilla.org/releases/mozilla-beta/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt', 'release' => 'https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt', ); $opt_d = 'release'; # If the OpenSSL commandline is not in search path you can configure it here! my $openssl = 'openssl'; my $version = '1.27'; $opt_w = 76; # default base64 encoded lines length # default cert types to include in the output (default is to include CAs which may issue SSL server certs) my $default_mozilla_trust_purposes = "SERVER_AUTH"; my $default_mozilla_trust_levels = "TRUSTED_DELEGATOR"; $opt_p = $default_mozilla_trust_purposes . ":" . $default_mozilla_trust_levels; my @valid_mozilla_trust_purposes = ( "DIGITAL_SIGNATURE", "NON_REPUDIATION", "KEY_ENCIPHERMENT", "DATA_ENCIPHERMENT", "KEY_AGREEMENT", "KEY_CERT_SIGN", "CRL_SIGN", "SERVER_AUTH", "CLIENT_AUTH", "CODE_SIGNING", "EMAIL_PROTECTION", "IPSEC_END_SYSTEM", "IPSEC_TUNNEL", "IPSEC_USER", "TIME_STAMPING", "STEP_UP_APPROVED" ); my @valid_mozilla_trust_levels = ( "TRUSTED_DELEGATOR", # CAs "NOT_TRUSTED", # Don't trust these certs. "MUST_VERIFY_TRUST", # This explicitly tells us that it ISN'T a CA but is otherwise ok. In other words, this should tell the app to ignore any other sources that claim this is a CA. "TRUSTED" # This cert is trusted, but only for itself and not for delegates (i.e. it is not a CA). ); my $default_signature_algorithms = $opt_s = "MD5"; my @valid_signature_algorithms = ( "MD5", "SHA1", "SHA256", "SHA384", "SHA512" ); $0 =~ s@.*(/|\\)@@; $Getopt::Std::STANDARD_HELP_VERSION = 1; getopts('bd:fhiklmnp:qs:tuvw:'); if(!defined($opt_d)) { # to make plain "-d" use not cause warnings, and actually still work $opt_d = 'release'; } # Use predefined URL or else custom URL specified on command line. my $url; if(defined($urls{$opt_d})) { $url = $urls{$opt_d}; if(!$opt_k && $url !~ /^https:\/\//i) { die "The URL for '$opt_d' is not HTTPS. Use -k to override (insecure).\n"; } } else { $url = $opt_d; } my $curl = `curl -V`; if ($opt_i) { print ("=" x 78 . "\n"); print "Script Version : $version\n"; print "Perl Version : $]\n"; print "Operating System Name : $^O\n"; print "Getopt::Std.pm Version : ${Getopt::Std::VERSION}\n"; print "MIME::Base64.pm Version : ${MIME::Base64::VERSION}\n"; print "LWP::UserAgent.pm Version : ${LWP::UserAgent::VERSION}\n" if($LWP::UserAgent::VERSION); print "LWP.pm Version : ${LWP::VERSION}\n" if($LWP::VERSION); print "Digest::SHA.pm Version : ${Digest::SHA::VERSION}\n" if ($Digest::SHA::VERSION); print "Digest::SHA::PurePerl.pm Version : ${Digest::SHA::PurePerl::VERSION}\n" if ($Digest::SHA::PurePerl::VERSION); print ("=" x 78 . "\n"); } sub warning_message() { if ( $opt_d =~ m/^risk$/i ) { # Long Form Warning and Exit print "Warning: Use of this script may pose some risk:\n"; print "\n"; print " 1) If you use HTTP URLs they are subject to a man in the middle attack\n"; print " 2) Default to 'release', but more recent updates may be found in other trees\n"; print " 3) certdata.txt file format may change, lag time to update this script\n"; print " 4) Generally unwise to blindly trust CAs without manual review & verification\n"; print " 5) Mozilla apps use additional security checks aren't represented in certdata\n"; print " 6) Use of this script will make a security engineer grind his teeth and\n"; print " swear at you. ;)\n"; exit; } else { # Short Form Warning print "Warning: Use of this script may pose some risk, -d risk for more details.\n"; } } sub HELP_MESSAGE() { print "Usage:\t${0} [-b] [-d<certdata>] [-f] [-i] [-k] [-l] [-n] [-p<purposes:levels>] [-q] [-s<algorithms>] [-t] [-u] [-v] [-w<l>] [<outputfile>]\n"; print "\t-b\tbackup an existing version of ca-bundle.crt\n"; print "\t-d\tspecify Mozilla tree to pull certdata.txt or custom URL\n"; print "\t\t Valid names are:\n"; print "\t\t ", join( ", ", map { ( $_ =~ m/$opt_d/ ) ? "$_ (default)" : "$_" } sort keys %urls ), "\n"; print "\t-f\tforce rebuild even if certdata.txt is current\n"; print "\t-i\tprint version info about used modules\n"; print "\t-k\tallow URLs other than HTTPS, enable HTTP fallback (insecure)\n"; print "\t-l\tprint license info about certdata.txt\n"; print "\t-m\tinclude meta data in output\n"; print "\t-n\tno download of certdata.txt (to use existing)\n"; print wrap("\t","\t\t", "-p\tlist of Mozilla trust purposes and levels for certificates to include in output. Takes the form of a comma separated list of purposes, a colon, and a comma separated list of levels. (default: $default_mozilla_trust_purposes:$default_mozilla_trust_levels)"), "\n"; print "\t\t Valid purposes are:\n"; print wrap("\t\t ","\t\t ", join( ", ", "ALL", @valid_mozilla_trust_purposes ) ), "\n"; print "\t\t Valid levels are:\n"; print wrap("\t\t ","\t\t ", join( ", ", "ALL", @valid_mozilla_trust_levels ) ), "\n"; print "\t-q\tbe really quiet (no progress output at all)\n"; print wrap("\t","\t\t", "-s\tcomma separated list of certificate signatures/hashes to output in plain text mode. (default: $default_signature_algorithms)\n"); print "\t\t Valid signature algorithms are:\n"; print wrap("\t\t ","\t\t ", join( ", ", "ALL", @valid_signature_algorithms ) ), "\n"; print "\t-t\tinclude plain text listing of certificates\n"; print "\t-u\tunlink (remove) certdata.txt after processing\n"; print "\t-v\tbe verbose and print out processed CAs\n"; print "\t-w <l>\twrap base64 output lines after <l> chars (default: ${opt_w})\n"; exit; } sub VERSION_MESSAGE() { print "${0} version ${version} running Perl ${]} on ${^O}\n"; } warning_message() unless ($opt_q || $url =~ m/^(ht|f)tps:/i ); HELP_MESSAGE() if ($opt_h); sub report($@) { my $output = shift; print STDERR $output . "\n" unless $opt_q; } sub is_in_list($@) { my $target = shift; return defined(List::Util::first { $target eq $_ } @_); } # Parses $param_string as a case insensitive comma separated list with optional whitespace # validates that only allowed parameters are supplied sub parse_csv_param($$@) { my $description = shift; my $param_string = shift; my @valid_values = @_; my @values = map { s/^\s+//; # strip leading spaces s/\s+$//; # strip trailing spaces uc $_ # return the modified string as upper case } split( ',', $param_string ); # Find all values which are not in the list of valid values or "ALL" my @invalid = grep { !is_in_list($_,"ALL",@valid_values) } @values; if ( scalar(@invalid) > 0 ) { # Tell the user which parameters were invalid and print the standard help message which will exit print "Error: Invalid ", $description, scalar(@invalid) == 1 ? ": " : "s: ", join( ", ", map { "\"$_\"" } @invalid ), "\n"; HELP_MESSAGE(); } @values = @valid_values if ( is_in_list("ALL",@values) ); return @values; } sub sha256 { my $result; if ($Digest::SHA::VERSION || $Digest::SHA::PurePerl::VERSION) { open(FILE, $_[0]) or die "Can't open '$_[0]': $!"; binmode(FILE); $result = $MOD_SHA->new(256)->addfile(*FILE)->hexdigest; close(FILE); } else { # Use OpenSSL command if Perl Digest::SHA modules not available $result = `"$openssl" dgst -r -sha256 "$_[0]"`; $result =~ s/^([0-9a-f]{64}) .+/$1/is; } return $result; } sub oldhash { my $hash = ""; open(C, "<$_[0]") || return 0; while(<C>) { chomp; if($_ =~ /^\#\# SHA256: (.*)/) { $hash = $1; last; } } close(C); return $hash; } if ( $opt_p !~ m/:/ ) { print "Error: Mozilla trust identifier list must include both purposes and levels\n"; HELP_MESSAGE(); } (my $included_mozilla_trust_purposes_string, my $included_mozilla_trust_levels_string) = split( ':', $opt_p ); my @included_mozilla_trust_purposes = parse_csv_param( "trust purpose", $included_mozilla_trust_purposes_string, @valid_mozilla_trust_purposes ); my @included_mozilla_trust_levels = parse_csv_param( "trust level", $included_mozilla_trust_levels_string, @valid_mozilla_trust_levels ); my @included_signature_algorithms = parse_csv_param( "signature algorithm", $opt_s, @valid_signature_algorithms ); sub should_output_cert(%) { my %trust_purposes_by_level = @_; foreach my $level (@included_mozilla_trust_levels) { # for each level we want to output, see if any of our desired purposes are included return 1 if ( defined( List::Util::first { is_in_list( $_, @included_mozilla_trust_purposes ) } @{$trust_purposes_by_level{$level}} ) ); } return 0; } my $crt = $ARGV[0] || 'ca-bundle.crt'; (my $txt = $url) =~ s@(.*/|\?.*)@@g; my $stdout = $crt eq '-'; my $resp; my $fetched; my $oldhash = oldhash($crt); report "SHA256 of old file: $oldhash"; if(!$opt_n) { report "Downloading $txt ..."; # If we have an HTTPS URL then use curl if($url =~ /^https:\/\//i) { if($curl) { if($curl =~ /^Protocols:.* https( |$)/m) { report "Get certdata with curl!"; my $proto = !$opt_k ? "--proto =https" : ""; my $quiet = $opt_q ? "-s" : ""; my @out = `curl -w %{response_code} $proto $quiet -o "$txt" "$url"`; if(@out && $out[0] == 200) { $fetched = 1; report "Downloaded $txt"; } else { report "Failed downloading via HTTPS with curl"; if(-e $txt && !unlink($txt)) { report "Failed to remove '$txt': $!"; } } } else { report "curl lacks https support"; } } else { report "curl not found"; } } # If nothing was fetched then use LWP if(!$fetched) { if($url =~ /^https:\/\//i) { report "Falling back to HTTP"; $url =~ s/^https:\/\//http:\/\//i; } if(!$opt_k) { report "URLs other than HTTPS are disabled by default, to enable use -k"; exit 1; } report "Get certdata with LWP!"; if(!defined(${LWP::UserAgent::VERSION})) { report "LWP is not available (LWP::UserAgent not found)"; exit 1; } my $ua = new LWP::UserAgent(agent => "$0/$version"); $ua->env_proxy(); $resp = $ua->mirror($url, $txt); if($resp && $resp->code eq '304') { report "Not modified"; exit 0 if -e $crt && !$opt_f; } else { $fetched = 1; report "Downloaded $txt"; } if(!$resp || $resp->code !~ /^(?:200|304)$/) { report "Unable to download latest data: " . ($resp? $resp->code . ' - ' . $resp->message : "LWP failed"); exit 1 if -e $crt || ! -r $txt; } } } my $filedate = $resp ? $resp->last_modified : (stat($txt))[9]; my $datesrc = "as of"; if(!$filedate) { # mxr.mozilla.org gave us a time, hg.mozilla.org does not! $filedate = time(); $datesrc="downloaded on"; } # get the hash from the download file my $newhash= sha256($txt); if(!$opt_f && $oldhash eq $newhash) { report "Downloaded file identical to previous run\'s source file. Exiting"; exit; } report "SHA256 of new file: $newhash"; my $currentdate = scalar gmtime($filedate); my $format = $opt_t ? "plain text and " : ""; if( $stdout ) { open(CRT, '> -') or die "Couldn't open STDOUT: $!\n"; } else { open(CRT,">$crt.~") or die "Couldn't open $crt.~: $!\n"; } print CRT <<EOT; ## ## Bundle of CA Root Certificates ## ## Certificate data from Mozilla ${datesrc}: ${currentdate} GMT ## ## This is a bundle of X.509 certificates of public Certificate Authorities ## (CA). These were automatically extracted from Mozilla's root certificates ## file (certdata.txt). This file can be found in the mozilla source tree: ## ${url} ## ## It contains the certificates in ${format}PEM format and therefore ## can be directly used with curl / libcurl / php_curl, or with ## an Apache+mod_ssl webserver for SSL client authentication. ## Just configure this file as the SSLCACertificateFile. ## ## Conversion done with mk-ca-bundle.pl version $version. ## SHA256: $newhash ## EOT report "Processing '$txt' ..."; my $caname; my $certnum = 0; my $skipnum = 0; my $start_of_cert = 0; my @precert; open(TXT,"$txt") or die "Couldn't open $txt: $!\n"; while (<TXT>) { if (/\*\*\*\*\* BEGIN LICENSE BLOCK \*\*\*\*\*/) { print CRT; print if ($opt_l); while (<TXT>) { print CRT; print if ($opt_l); last if (/\*\*\*\*\* END LICENSE BLOCK \*\*\*\*\*/); } } elsif(/^# (Issuer|Serial Number|Subject|Not Valid Before|Not Valid After |Fingerprint \(MD5\)|Fingerprint \(SHA1\)):/) { push @precert, $_; next; } elsif(/^#|^\s*$/) { undef @precert; next; } chomp; # this is a match for the start of a certificate if (/^CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE/) { $start_of_cert = 1 } if ($start_of_cert && /^CKA_LABEL UTF8 \"(.*)\"/) { $caname = $1; } my %trust_purposes_by_level; if ($start_of_cert && /^CKA_VALUE MULTILINE_OCTAL/) { my $data; while (<TXT>) { last if (/^END/); chomp; my @octets = split(/\\/); shift @octets; for (@octets) { $data .= chr(oct); } } # scan forwards until the trust part while (<TXT>) { last if (/^CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST/); chomp; } # now scan the trust part to determine how we should trust this cert while (<TXT>) { last if (/^#/); if (/^CKA_TRUST_([A-Z_]+)\s+CK_TRUST\s+CKT_NSS_([A-Z_]+)\s*$/) { if ( !is_in_list($1,@valid_mozilla_trust_purposes) ) { report "Warning: Unrecognized trust purpose for cert: $caname. Trust purpose: $1. Trust Level: $2"; } elsif ( !is_in_list($2,@valid_mozilla_trust_levels) ) { report "Warning: Unrecognized trust level for cert: $caname. Trust purpose: $1. Trust Level: $2"; } else { push @{$trust_purposes_by_level{$2}}, $1; } } } if ( !should_output_cert(%trust_purposes_by_level) ) { $skipnum ++; } else { my $encoded = MIME::Base64::encode_base64($data, ''); $encoded =~ s/(.{1,${opt_w}})/$1\n/g; my $pem = "-----BEGIN CERTIFICATE-----\n" . $encoded . "-----END CERTIFICATE-----\n"; print CRT "\n$caname\n"; print CRT @precert if($opt_m); my $maxStringLength = length(decode('UTF-8', $caname, Encode::FB_CROAK)); if ($opt_t) { foreach my $key (keys %trust_purposes_by_level) { my $string = $key . ": " . join(", ", @{$trust_purposes_by_level{$key}}); $maxStringLength = List::Util::max( length($string), $maxStringLength ); print CRT $string . "\n"; } } print CRT ("=" x $maxStringLength . "\n"); if (!$opt_t) { print CRT $pem; } else { my $pipe = ""; foreach my $hash (@included_signature_algorithms) { $pipe = "|$openssl x509 -" . $hash . " -fingerprint -noout -inform PEM"; if (!$stdout) { $pipe .= " >> $crt.~"; close(CRT) or die "Couldn't close $crt.~: $!"; } open(TMP, $pipe) or die "Couldn't open openssl pipe: $!"; print TMP $pem; close(TMP) or die "Couldn't close openssl pipe: $!"; if (!$stdout) { open(CRT, ">>$crt.~") or die "Couldn't open $crt.~: $!"; } } $pipe = "|$openssl x509 -text -inform PEM"; if (!$stdout) { $pipe .= " >> $crt.~"; close(CRT) or die "Couldn't close $crt.~: $!"; } open(TMP, $pipe) or die "Couldn't open openssl pipe: $!"; print TMP $pem; close(TMP) or die "Couldn't close openssl pipe: $!"; if (!$stdout) { open(CRT, ">>$crt.~") or die "Couldn't open $crt.~: $!"; } } report "Parsing: $caname" if ($opt_v); $certnum ++; $start_of_cert = 0; } undef @precert; } } close(TXT) or die "Couldn't close $txt: $!\n"; close(CRT) or die "Couldn't close $crt.~: $!\n"; unless( $stdout ) { if ($opt_b && -e $crt) { my $bk = 1; while (-e "$crt.~${bk}~") { $bk++; } rename $crt, "$crt.~${bk}~" or die "Failed to create backup $crt.~$bk}~: $!\n"; } elsif( -e $crt ) { unlink( $crt ) or die "Failed to remove $crt: $!\n"; } rename "$crt.~", $crt or die "Failed to rename $crt.~ to $crt: $!\n"; } if($opt_u && -e $txt && !unlink($txt)) { report "Failed to remove $txt: $!\n"; } report "Done ($certnum CA certs processed, $skipnum skipped)."; |
Changes to scriptlibs/softwareupdate/pkgIndex.tcl.
1 2 3 4 5 6 7 8 9 10 | # Tcl package index file, version 1.1 # This file is generated by the "pkg_mkIndex" command # and sourced either when an application starts up or # by a "package unknown" script. It invokes the # "package ifneeded" command to set up package-related # information so that packages will be loaded automatically # in response to "package require" commands. When this # script is sourced, the variable $dir must contain the # full path name of this file's directory. | | | 1 2 3 4 5 6 7 8 9 10 11 | # Tcl package index file, version 1.1 # This file is generated by the "pkg_mkIndex" command # and sourced either when an application starts up or # by a "package unknown" script. It invokes the # "package ifneeded" command to set up package-related # information so that packages will be loaded automatically # in response to "package require" commands. When this # script is sourced, the variable $dir must contain the # full path name of this file's directory. package ifneeded softwareupdate 1.6 [list source [file join $dir softwareupdate.tcl]] |
Changes to scriptlibs/softwareupdate/softwareupdate.tcl.
1 2 3 4 5 6 | #softwareupdate.tcl routines to manage spoftware updates # Copyright (C) 2014 WordTech Communications LLC #MIT license | < < < < | > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 | #softwareupdate.tcl routines to manage spoftware updates # Copyright (C) 2014 WordTech Communications LLC #MIT license package provide softwareupdate 1.6 namespace eval softwareupdate { if {![info exists library]} { variable library [file dirname [info script]] } variable icon variable appname variable tmpdir variable currentinstall variable versionnumber variable getupdate switch [tk windowingsystem] { "aqua" { set tmpdir $::env(TMPDIR) set getupdate /usr/bin/curl } "win32" { set tmpdir $::env(TMP) set getupdate [file join [file dirname [info script]] curl bin curl.exe] } "x11" { set tmpdir $::env(TMP) } } |
︙ | ︙ | |||
56 57 58 59 60 61 62 63 64 65 66 67 68 | #check version of installed software proc checkVersion {app version} { variable appversion variable appname variable currentversion variable versionnumber set appname $app softwareupdate::checkingForUpdates set versionurl https://www.codebykevin.com/$appname-version.tcl | > | | | | 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 | #check version of installed software proc checkVersion {app version} { variable appversion variable appname variable currentversion variable versionnumber variable getupdate set appname $app softwareupdate::checkingForUpdates set versionurl https://www.codebykevin.com/$appname-version.tcl if [catch {exec $getupdate $versionurl} msg] { puts "error: $msg" tk_messageBox -icon warning -title "Unable to Connect to Server" -message "Unable to Connect to Server" -detail "Unable to connect to www.codebykevin.com to check for updates. Please make sure you are connected to the Internet." -parent . catch {destroy .updateprogress} return } set versionnumber [string trim exec $getupdate $versionurl] if [expr $currentversion < $versionnumber] { softwareupdate::updatePitch } else { softwareupdate::upToDate } } |
︙ | ︙ | |||
123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 | #prompt user to update proc updatePitch {} { variable appname variable icon variable changedata variable currentversion variable versionnumber catch {destroy .updateprogress} catch {destroy .update} variable appname set changeurl https://www.codebykevin.com/$appname-changes.tcl | > | | | 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 | #prompt user to update proc updatePitch {} { variable appname variable icon variable changedata variable currentversion variable versionnumber variable getupdate catch {destroy .updateprogress} catch {destroy .update} variable appname set changeurl https://www.codebykevin.com/$appname-changes.tcl if [catch {exec $getupdate $changeurl} msg] { puts "error: $msg" tk_messageBox -icon warning -title "Unable to Connect to Server" -message "Unable to Connect to Server" -detail "Unable to connect to www.codebykevin.com to check for updates. Please make sure you are connected to the Internet." -parent . catch {destroy .updateprogress} return } set changelist [exec $getupdate $changeurl] set updateanswer [tk_messageBox -title "Update" -icon info -message "Update Available" -detail "A new version ($softwareupdate::versionnumber) of $appname is available.\n\nThis new version features the following updates and changes:\n\n$changelist\n\nWould you like to install it? " -type yesno -parent .] switch -- $updateanswer { yes { softwareupdate::installUpdate } no { |
︙ | ︙ | |||
261 262 263 264 265 266 267 | #download and install the update proc installUpdate {} { variable currentinstall variable status variable appname variable tmpdir | > | | | | 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 | #download and install the update proc installUpdate {} { variable currentinstall variable status variable appname variable tmpdir variable getupdate catch {destroy .update} softwareupdate::findCurrentInstallation softwareupdate::progressDialog set status "Downloading update for $appname" switch [tk windowingsystem] { "aqua" { exec $getupdate https://www.codebykevin.com/updates/[list $appname].dmg > $tmpdir/[list $appname].dmg update after 1000 cd $tmpdir set status "Attaching [list $appname].dmg" update exec hdiutil attach [list $appname].dmg } "win32" { exec $getupdate https://www.codebykevin.com/updates/[list $appname]_Setup.exe > $tmpdir/[list $appname]_Setup.exe } "x11" { tk_messageBox -icon info -parent . -message "Please ask the maintainer of $appname on your platform to prepare a release of the latest version." return } |
︙ | ︙ |
Deleted winlibs/tls/pkgIndex.tcl.
|
| < < < < < < < |
Deleted winlibs/tls/tls.tcl.
|
| < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < |
Deleted winlibs/tls/tls163_32bit.dll.
cannot compute difference between binary files
Deleted winlibs/tls/tls163_64bit.dll.
cannot compute difference between binary files