#
b8aadcd2 |
|
19-Apr-2020 |
Augustin Cavalier <waddlesplash@gmail.com> |
libnetapi: Adapt to OpenSSL 1.1 API changes. Surprisingly easy: X509 was made opaque, and SSL_CTX_set_ecdh_auto was removed (it is now the default internally.)
|
#
4849ab6c |
|
09-Nov-2015 |
Adrien Destugues <pulkomandy@pulkomandy.tk> |
BHttpRequest: add SSL certificate exception management. When an HTTPS request uses an SSL certificate that OpenSSL considers untrusted, and the user decides to continue anyway, add the certificate to an exception list. Match certificates against this list and don't ask the user again if they are already there. Fixes #12004. Thanks to markh for the initial patch and peeking into the WebKit code!
|
#
f26dbfe7 |
|
08-Nov-2015 |
Adrien Destugues <pulkomandy@pulkomandy.tk> |
BCertificate: build fix.
|
#
6c32f50a |
|
08-Nov-2015 |
Adrien Destugues <pulkomandy@pulkomandy.tk> |
BCertificate: fixup the API * Add an operator== and a copy constructor * Make the getters const so they are easier to use
|
#
c86ad7f9 |
|
04-Nov-2014 |
Adrien Destugues <pulkomandy@gmail.com> |
Add more features in BCertificate class * Make it possible to extract more useful data from the certificate * Also get the OpenSSL error message when a certificate can't be validated. Send it to the verification failure callback so it can be shown to the user.
|
#
3b657701 |
|
04-Nov-2014 |
Adrien Destugues <pulkomandy@gmail.com> |
BCertificate: fix parsing of date and name.
|
#
76b3c7f4 |
|
17-Jan-2014 |
Adrien Destugues <pulkomandy@pulkomandy.tk> |
More noSSL build fixes.
|
#
67af469e |
|
16-Jan-2014 |
Adrien Destugues <pulkomandy@pulkomandy.tk> |
Fix time_t/bigtime_t mixup. Thanks stippi for noticing!
|
#
385a7d89 |
|
16-Jan-2014 |
Adrien Destugues <pulkomandy@pulkomandy.tk> |
More style fixes.
|
#
159d1fb6 |
|
15-Jan-2014 |
Adrien Destugues <pulkomandy@pulkomandy.tk> |
Style fixes, build fix with OpenSSL disabled.
|
#
5ebdc799 |
|
15-Jan-2014 |
Adrien Destugues <pulkomandy@pulkomandy.tk> |
SecureSocket: add some certificate support * Instead of creating an OpenSSL context ofor each socket, use a global one and initialize it lazily when the first SecureSocket is created * Load the certificates from our certificate list so SSL certificates sent by servers can be validated. * Add a callback for signalling that certificate validation failed, the default implementation proceeds with the connection anyway (to keep the old behavior). * Introduce BCertificate class, that provides some information about a certificate. Currently it's only used by the callback mentionned above, but it will be possible to get the leaf certificate for the connection after it's established. Review of the API and implementation is welcome, before I start making use of this in HttpRequest and WebKit to allow the user to accept new certificates.
|
#
c86ad7f93b8836113d6e40aa7972614ddbaf7e16 |
|
04-Nov-2014 |
Adrien Destugues <pulkomandy@gmail.com> |
Add more features in BCertificate class * Make it possible to extract more useful data from the certificate * Also get the OpenSSL error message when a certificate can't be validated. Send it to the verification failure callback so it can be shown to the user.
|
#
3b657701dbc14f1adda779fd688675ad321e8ff1 |
|
04-Nov-2014 |
Adrien Destugues <pulkomandy@gmail.com> |
BCertificate: fix parsing of date and name.
|
#
76b3c7f4205dc12e144bc30fd643d9fad9e1bd31 |
|
17-Jan-2014 |
Adrien Destugues <pulkomandy@pulkomandy.tk> |
More noSSL build fixes.
|
#
67af469ef049e6a66a9a8512c8a7479f6b66712a |
|
16-Jan-2014 |
Adrien Destugues <pulkomandy@pulkomandy.tk> |
Fix time_t/bigtime_t mixup. Thanks stippi for noticing!
|
#
385a7d89b7be5f3a5fed82084e70e4f06e25b8cb |
|
16-Jan-2014 |
Adrien Destugues <pulkomandy@pulkomandy.tk> |
More style fixes.
|
#
159d1fb69a57dfe50cafdbc9af1b9e99548e24f7 |
|
15-Jan-2014 |
Adrien Destugues <pulkomandy@pulkomandy.tk> |
Style fixes, build fix with OpenSSL disabled.
|
#
5ebdc79955caf4781dfffd14b57849ce40df2117 |
|
15-Jan-2014 |
Adrien Destugues <pulkomandy@pulkomandy.tk> |
SecureSocket: add some certificate support * Instead of creating an OpenSSL context ofor each socket, use a global one and initialize it lazily when the first SecureSocket is created * Load the certificates from our certificate list so SSL certificates sent by servers can be validated. * Add a callback for signalling that certificate validation failed, the default implementation proceeds with the connection anyway (to keep the old behavior). * Introduce BCertificate class, that provides some information about a certificate. Currently it's only used by the callback mentionned above, but it will be possible to get the leaf certificate for the connection after it's established. Review of the API and implementation is welcome, before I start making use of this in HttpRequest and WebKit to allow the user to accept new certificates.
|