aboutsummaryrefslogtreecommitdiff
path: root/lib/x509asn1.c
AgeCommit message (Collapse)Author
2015-12-15x509asn1: Fix host altname verificationJay Satiro
- In Curl_verifyhost check all altnames in the certificate. Prior to this change only the first altname was checked. Only the GSKit SSL backend was affected by this bug. Bug: http://curl.haxx.se/mail/lib-2015-12/0062.html Reported-by: John Kohl
2015-11-24Revert "cleanup: general removal of TODO (and similar) comments"Daniel Stenberg
This reverts commit 64e959ffe37c436503f9fed1ce2d6ee6ae50bd9a. Feedback-by: Dan Fandrich URL: http://curl.haxx.se/mail/lib-2015-11/0062.html
2015-11-13cleanup: general removal of TODO (and similar) commentsDaniel Stenberg
They tend to never get updated anyway so they're frequently inaccurate and we never go back to revisit them anyway. We document issues to work on properly in KNOWN_BUGS and TODO instead.
2015-04-22cyassl: Implement public key pinningJay Satiro
Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
2015-04-06x509asn1: Silence x64 loss-of-data warning on RSA key length assignmentJay Satiro
The key length in bits will always fit in an unsigned long so the loss-of-data warning assigning the result of x64 pointer arithmetic to an unsigned long is unnecessary.
2015-03-21x509asn1: add /* fallthrough */ in switch() caseDaniel Stenberg
2015-03-21x509asn1: minor edit to unconfuse CoverityDaniel Stenberg
CID 1202732 warns on the previous use, although I cannot fine any problems with it. I'm doing this change only to make the code use a more familiar approach to accomplish the same thing.
2015-03-20gtls: implement CURLOPT_CERTINFOAlessandro Ghedini
2015-03-16Bug #149: Deletion of unnecessary checks before calls of the function "free"Markus Elfring
The function "free" is documented in the way that no action shall occur for a passed null pointer. It is therefore not needed that a function caller repeats a corresponding check. http://stackoverflow.com/questions/18775608/free-a-null-pointer-anyway-or-check-first This issue was fixed by using the software Coccinelle 1.0.0-rc24. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
2015-03-03mprintf.h: remove #ifdef CURLDEBUGDaniel Stenberg
... and as a consequence, introduce curl_printf.h with that re-define magic instead and make all libcurl code use that instead.
2014-10-24code cleanup: we prefer 'CURLcode result'Daniel Stenberg
... for the local variable name in functions holding the return code. Using the same name universally makes code easier to read and follow. Also, unify code for checking for CURLcode errors with: if(result) or if(!result) instead of if(result == CURLE_OK), if(CURLE_OK == result) or if(result != CURLE_OK)
2014-10-14Implement pinned public key in GSKit backendPatrick Monnerat
2014-10-13vtls: remove QsoSSLPatrick Monnerat
2014-03-03x509asn: moved out Curl_verifyhost from NSS buildsDaniel Stenberg
... as it isn't used then!
2013-12-26vtls: Fixed up include of vtls.hSteve Holme
2013-11-03x509asn1.c: Fixed compilation warningsSteve Holme
warning: declaration of 'chsize' shadows a global declaration
2013-10-30NSS: support for CERTINFO featurePatrick Monnerat
2013-07-15OS400: new SSL backend GSKitPatrick Monnerat
2013-07-15x509asn1.c,x509asn1.h: new module to support ASN.1/X509 parsing & info extractPatrick Monnerat
Use from qssl backend