delta/curl.git/lib/mk-ca-bundle.pl, branch bagder/https-proxyu-req-http github.com: bagder/curl.git lib/mk-ca-bundle: skip empty certs 2020-04-22T20:55:08+00:00 Daniel Stenberg daniel@haxx.se 2020-04-22T06:13:23+00:00 bffa1165357a5964c44794c253019375c2a80250 Reviewed-by: Emil Engler Reported-by: Ashwin Metpalli Fixes #5278 Closes #5280 
Reviewed-by: Emil Engler
Reported-by: Ashwin Metpalli
Fixes #5278
Closes #5280
mk-ca-bundle: add support for CKA_NSS_SERVER_DISTRUST_AFTER 2020-01-22T09:41:31+00:00 Daniel Stenberg daniel@haxx.se 2020-01-20T21:23:44+00:00 1ebc53df251819086859f27f22ccfb66ddd58364 For now, no cert in the bundle actually sets a date there... Co-Authored-by: Jay Satiro Reported-by: Christian Heimes Fixes #4834 Closes #4836 
For now, no cert in the bundle actually sets a date there...

Co-Authored-by: Jay Satiro
Reported-by: Christian Heimes
Fixes #4834
Closes #4836
mk-ca-bundle.pl: make -u delete certdata.txt if found not changed 2018-06-13T22:02:20+00:00 Matteo Bignotti gugoll@gmail.com 2018-06-13T20:45:23+00:00 47762f55839268213cc79708b51edd7cbef2893a certdata.txt should be deleted also when the process is interrupted by "same certificate downloaded, exiting" The certdata.txt is currently kept on disk even if you give the -u option Closes #2655 
certdata.txt should be deleted also when the process is interrupted by
"same certificate downloaded, exiting"

The certdata.txt is currently kept on disk even if you give the -u
option

Closes #2655
mk-ca-bundle.pl: leave certificate name untouched in decode() 2018-06-08T07:37:56+00:00 Vladimir Kotal vlada@devnull.cz 2018-06-07T08:44:30+00:00 9ff67f7b00f16da9f9f3377b6b8f5859dd9cd2cb Closes #2640 
Closes #2640
scripts: allow all perl scripts to be run directly 2018-01-07T20:42:11+00:00 Jay Satiro raysatiro@yahoo.com 2018-01-07T06:34:46+00:00 d4e40f0690befff7e4668f69850674f29a0c453b - Enable execute permission (chmod +x) - Change interpreter to /usr/bin/env perl Closes https://github.com/curl/curl/pull/2222 
- Enable execute permission (chmod +x)

- Change interpreter to /usr/bin/env perl

Closes https://github.com/curl/curl/pull/2222
mk-ca-bundle: Remove URL for aurora 2017-10-22T21:38:31+00:00 Jon DeVree nuxi@vault24.org 2017-10-19T15:54:04+00:00 fdd879d549e77fdcf913e5d4a5c5823e70759807 Aurora is no longer used by Mozilla https://hacks.mozilla.org/2017/04/simplifying-firefox-release-channels/ 
Aurora is no longer used by Mozilla
https://hacks.mozilla.org/2017/04/simplifying-firefox-release-channels/
mk-ca-bundle: Fix URL for NSS 2017-10-22T21:38:23+00:00 Jon DeVree nuxi@vault24.org 2017-10-19T12:40:54+00:00 f571651a0dff54863cc08758513726156f9a26e2 The 'tip' is the most recent branch committed to, this should be 'default' like the URLs for the browser are. Closes #1998 
The 'tip' is the most recent branch committed to, this should be
'default' like the URLs for the browser are.

Closes #1998
mk-ca-bundle.pl: Check curl's exit code after certdata download 2017-06-16T05:58:23+00:00 Jay Satiro raysatiro@yahoo.com 2017-06-16T05:58:23+00:00 ec92afc3f4b2ecdd26b01b6a59e8fbddd5783e67 - No longer allow partial downloads of certdata. Prior to this change partial downloads were (erroneously?) allowed since only the server code was checked to be 200. Bug: https://github.com/curl/curl/pull/1577 Reported-by: Matteo B. 
- No longer allow partial downloads of certdata.

Prior to this change partial downloads were (erroneously?) allowed since
only the server code was checked to be 200.

Bug: https://github.com/curl/curl/pull/1577
Reported-by: Matteo B.
mk-ca-bundle.vbs: Fix UTF-8 output 2016-10-30T05:01:29+00:00 Jay Satiro raysatiro@yahoo.com 2016-10-30T05:01:29+00:00 2e750ce452c37ec4cd494538d2f3c94acde3e718 - Change initial message box to mention delay when downloading/parsing. Since there is no progress meter it was somewhat unexpected that after choosing a filename nothing appears to happen, when actually the cert data is in the process of being downloaded and parsed. - Warn if OpenSSL is not present. - Use a UTF-8 stream to make the ca-bundle data. - Save the UTF-8 ca-bundle stream as binary so that no BOM is added. --- This is a follow-up to d2c6d15 which switched mk-ca-bundle.vbs output to ANSI due to corrupt UTF-8 output, now fixed. This change completes making the default certificate bundle output of mk-ca-bundle.vbs as close as possible to that of mk-ca-bundle.pl, which should make it easier to review any difference between their output. Ref: https://github.com/curl/curl/pull/1012 
- Change initial message box to mention delay when downloading/parsing.

Since there is no progress meter it was somewhat unexpected that after
choosing a filename nothing appears to happen, when actually the cert
data is in the process of being downloaded and parsed.

- Warn if OpenSSL is not present.

- Use a UTF-8 stream to make the ca-bundle data.

- Save the UTF-8 ca-bundle stream as binary so that no BOM is added.

---

This is a follow-up to d2c6d15 which switched mk-ca-bundle.vbs output to
ANSI due to corrupt UTF-8 output, now fixed.

This change completes making the default certificate bundle output of
mk-ca-bundle.vbs as close as possible to that of mk-ca-bundle.pl, which
should make it easier to review any difference between their output.

Ref: https://github.com/curl/curl/pull/1012
mk-ca-bundle: Update the vbscript version 2016-10-25T07:17:26+00:00 Jay Satiro raysatiro@yahoo.com 2016-10-25T07:17:26+00:00 d2c6d1568e85b97cf3a74437709c52885da6aab8 Bring the VBScript version more in line with the perl version: - Change timestamp to UTC. - Change URL retrieval to HTTPS-only by default. - Comment out the options that disabled SSL cert checking by default. - Assume OpenSSL is present, get SHA256. And add a flag to toggle it. - Fix cert issuer name output. The cert issuer output is now ansi, converted from UTF-8. Prior to this it was corrupt UTF-8. It turns out though we can work with UTF-8 the FSO object that writes ca-bundle can't write UTF-8, so there will have to be some alternative if UTF-8 is needed (like an ADODB.Stream). - Disable the certificate text info feature. The certificate text info doesn't work properly with any recent OpenSSL. 
Bring the VBScript version more in line with the perl version:

- Change timestamp to UTC.

- Change URL retrieval to HTTPS-only by default.

- Comment out the options that disabled SSL cert checking by default.

- Assume OpenSSL is present, get SHA256. And add a flag to toggle it.

- Fix cert issuer name output.

The cert issuer output is now ansi, converted from UTF-8. Prior to this
it was corrupt UTF-8. It turns out though we can work with UTF-8 the
FSO object that writes ca-bundle can't write UTF-8, so there will have
to be some alternative if UTF-8 is needed (like an ADODB.Stream).

- Disable the certificate text info feature.

The certificate text info doesn't work properly with any recent OpenSSL.