romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-15 00:41:41 +03:00
Code Issues Projects Releases Packages Wiki Activity
curl/lib/vtls
History
Viktor Szakats 3a305831d1
mbedtls: add support for 4.0.0 
After this patch libcurl requires (as already documented)
the `curl_global_init()` call when using the `curl_formadd()` API with
mbedTLS.

Note: NTLM is not supported with mbedTLS 4+, because it lacks
the necessary crypto primitive: DES.

Also:
- lib: de-dupe mbedTLS minimum version checks into `curl_setup.h`.
- lib: initialize PSA Crypto as part of `curl_global_init()`.
  For MD5, SHA-256, `curl_formadd()`, and MultiSSL builds with mbedTLS
  but where mbedTLS isn't the default backend.
- lib1308: fix to call `curl_global_init()` (for the Form API).
- curl_ntlm_core: disable with mbedTLS 4+.
- md4: disable mbedTLS implementation when building against 4.x.
- md5: use mbedTLS PSA Crypto API when available, otherwise use
  the default local implementation.
- sha256: use mbedTLS PSA Crypto API when available, otherwise use
  the default local implementation.
- vtls/mbedtls: drop PSA Crypto initialization in favor of
  `curl_global_init()`.
- vtls/mbedtls: use PSA Crypto random API with all mbedTLS versions.
- vtls/mbedtls: do the same for the SHA-256 callback.
- autotools: detect mbedTLS 4+, and disable NTLM for 3.x.
- cmake: disable NTLM for mbedTLS 3.x.
- GHA/linux: keep building mbedTLS 3.x manually and use it in
  an existing job, while also enabling pytest in it.
- GHA/linux: bump to mbedTLS 4.0.0.
  Closes #19075
  Closes #19074

Refs:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-4.0.0
https://github.com/Mbed-TLS/mbedtls/blob/mbedtls-4.0.0/docs/4.0-migration-guide.md
https://github.com/Mbed-TLS/mbedtls/blob/mbedtls-4.0.0/tf-psa-crypto/docs/1.0-migration-guide.md [404]
https://github.com/Mbed-TLS/TF-PSA-Crypto/blob/tf-psa-crypto-1.0.0/docs/1.0-migration-guide.md
https://github.com/Mbed-TLS/TF-PSA-Crypto/blob/tf-psa-crypto-1.0.0/docs/psa-transition.md
627f727bbe/docs/4.0-migration-guide

Closes #19077
2025-10-17 11:50:48 +02:00
..
apple.c apple sectrust: add to features 2025-10-16 10:58:45 +02:00
apple.h apple sectrust: add to features 2025-10-16 10:58:45 +02:00
cipher_suite.c lib: stop overriding system printf symbols 2025-10-06 20:57:59 +02:00
cipher_suite.h TLS: remove support for Secure Transport and BearSSL 2025-06-11 07:54:19 +02:00
gtls.c gnutls: check conversion of peer cert chain 2025-10-10 23:41:31 +02:00
gtls.h ssl: support Apple SecTrust configurations 2025-10-03 12:02:23 +02:00
hostcheck.c tidy-up: more whitespace/indent, comments 2025-07-25 11:47:51 +02:00
hostcheck.h openssl: some small cleanups 2025-07-18 00:40:26 +02:00
keylog.c build: avoid overriding system symbols for fopen functions 2025-09-30 01:10:36 +02:00
keylog.h spelling: 'a' vs 'an' 2025-05-30 11:38:35 +02:00
mbedtls.c mbedtls: add support for 4.0.0 2025-10-17 11:50:48 +02:00
mbedtls.h lib: include files using known path 2025-04-08 17:00:00 +02:00
mbedtls_threadlock.c lib: stop overriding system printf symbols 2025-10-06 20:57:59 +02:00
mbedtls_threadlock.h lib: include files using known path 2025-04-08 17:00:00 +02:00
openssl.c openssl: add comments regarding OCSP verification 2025-10-09 14:44:28 +02:00
openssl.h ssl: support Apple SecTrust configurations 2025-10-03 12:02:23 +02:00
rustls.c rustls: pass the correct result to rustls_failf 2025-10-09 14:43:14 +02:00
rustls.h lib: include files using known path 2025-04-08 17:00:00 +02:00
schannel.c lib: stop overriding system printf symbols 2025-10-06 20:57:59 +02:00
schannel.h openssl: BoringSSL / AWS-LC tidy-ups 2025-08-24 00:30:06 +02:00
schannel_int.h windows: stop passing unused, optional argument for Win9x compatibility 2025-09-20 02:27:07 +02:00
schannel_verify.c schannel_verify: fix mem-leak in Curl_verify_host 2025-10-09 21:55:28 +02:00
vtls.c apple sectrust: add to features 2025-10-16 10:58:45 +02:00
vtls.h tidy-up: whitespace 2025-07-11 13:32:54 +02:00
vtls_int.h vtls_int.h: clarify data_pending 2025-09-21 09:43:28 +02:00
vtls_scache.c lib: stop overriding system printf symbols 2025-10-06 20:57:59 +02:00
vtls_scache.h lib: replace scache no-op macros with #ifdef 2025-06-27 17:33:34 +02:00
vtls_spack.c build: fix build errors/warnings in rare configurations 2025-07-23 22:17:03 +02:00
vtls_spack.h build: fix build errors/warnings in rare configurations 2025-07-23 22:17:03 +02:00
wolfssl.c wolfssl: no double get_error() detail 2025-10-08 23:15:07 +02:00
wolfssl.h GHA/checksrc: expand spellcheck, fix issues found 2025-07-21 16:09:01 +02:00
x509asn1.c lib: stop overriding system printf symbols 2025-10-06 20:57:59 +02:00
x509asn1.h build: address some -Weverything warnings, update picky warnings 2025-09-20 10:16:15 +02:00