delta/curl.git - github.com: bagder/curl.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	tests/certs: rebuild certificates with modified key usage bits	Dan Fandrich	2015-03-21	39	-655/+640
\| \| \| \| \| \| \| \|	The certificates were missing the digitalSignature and keyAgreement usage types, of which at least digitalSignature was checked by CyaSSL. This caused the test server in test 310 (among others) to fail the startup verification and therefore run (see http://curl.haxx.se/mail/lib-2014-07/0303.html).
*	tests/certs: added make target to rebuild certificates	Dan Fandrich	2015-03-21	3	-13/+34
\| \| \| \| \|	The certificate generation scripts were also updated to better match the format of the certificates currently checked in.
*	SSL: Add PEM format support for public key pinning	moparisthebest	2014-11-24	5	-1/+28
\|
*	SSL: implement public key pinning	moparisthebest	2014-10-07	4	-0/+3
\| \| \| \| \| \| \| \| \| \| \| \|	Option --pinnedpubkey takes a path to a public key in DER format and only connect if it matches (currently only implemented with OpenSSL). Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt(). Extract a public RSA key from a website like so: openssl s_client -connect google.com:443 2>&1 < /dev/null \| \ sed -n '/-----BEGIN/,/-----END/p' \| openssl x509 -noout -pubkey \ \| openssl rsa -pubin -outform DER > google.com.der
*	commit bc682cbd follow-up	Yang Tse	2013-01-15	2	-0/+2
\|
*	tests/Makefile.am: remove wildcard usage in EXTRA_DIST	Yang Tse	2013-01-15	2	-0/+93
\|
*	TLS-SRP: support added when using GnuTLS	Quinn Slack	2011-01-19	2	-0/+5
\|
*	tests/certs: re-generated because of lost pass-phrase	Kamil Dudka	2010-05-27	23	-499/+535
\|
*	tests/certs/scripts: generate also CRL	Kamil Dudka	2010-05-27	3	-7/+27
\| \| \| \|	... and make it possible to do so without any user interaction
*	removed trailing whitespace	Yang Tse	2010-02-14	2	-11/+11
\|
*	- Added Diffie-Hellman parameters to several test harness certificate files in	Yang Tse	2009-11-28	6	-0/+30
\| \| \| \|	PEM format. Required by several stunnel versions used by our test harness.
*	- Peter Sylvester made the HTTPS test server use specific certificates for	Daniel Stenberg	2009-08-11	31	-0/+1165
	each test, so that the test suite can now be used to actually test the verification of cert names etc. This made an error show up in the OpenSSL- specific code where it would attempt to match the CN field even if a subjectAltName exists that doesn't match. This is now fixed and verified in test 311.