| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Using RC4 is not a _certificate_ problem, it's a cipher problem. The
SSL implementation should and will fail with an unrecoverable error
(-1). There's no opportunity to accept/continue.
|
| |
|
|
|
|
| |
This used to fail with an error indicating a mis-use of OpenSSL on platforms
using it due to poor error handling. Re-enable it even if this isn't the right
error code to use for now.
|
| | |
|
| |
|
|
|
| |
None of our crypto backends actually reject RC4 as a cipher so don't
test for it and instead keep it as something we'd like to do.
|
| |
|
|
|
| |
We must make sure that we're getting a certificate error from the
library so we know that we're testing the right thing.
|
| |
|
|
|
|
| |
Make sure that the callbacks do also get a 'valid' value of zero when
the certificate we're looking at is in valid and assert that within the
test.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This ensures that when using OpenSSL a safe default set of ciphers
is selected. This is done so that the client communicates securely
and we don't accidentally enable unsafe ciphers like RC4, or even
worse some old export ciphers.
Implements the first part of https://github.com/libgit2/libgit2/issues/3682
|
| |
|
|
|
| |
If none of GIT_OPENSSL, GIT_WINHTTP or GIT_SECURE_TRANSPORT
is defined we should also be able to build the unit test.
|
|
|
These provide bad X.509 certificates, which we should refuse to connect
to by default.
|
