|
Revision tags: release-2.2.1-alpha, release-2.1.12-stable |
|
| #
e35e02e6 |
| 08-Oct-2019 |
yuangongji <[email protected]> |
sample/https-client: link crypt32 explicitly when build with mingw-w64
(cherry picked from commit 78b5bca6d83a70a0b9dfc438898d5c1908cc3c2a)
|
|
Revision tags: release-2.1.11-stable, release-2.1.10-stable, release-2.1.9-beta, release-2.0.23-beta |
|
| #
c2495265 |
| 21-Aug-2017 |
Carlo Marcelo Arenas Belón <[email protected]> |
autotools: pass $(OPENSSL_INCS) for samples (FTBFS macOS)
if OpenSSL is in a non standard location, need to pass that information
to any sample that needs it
Closes: #550
(cherry picked from commit
autotools: pass $(OPENSSL_INCS) for samples (FTBFS macOS)
if OpenSSL is in a non standard location, need to pass that information
to any sample that needs it
Closes: #550
(cherry picked from commit 0ec5edde503096a81831f36441a4115574ac45f0)
show more ...
|
|
Revision tags: release-2.1.8-stable, release-2.1.7-rc, release-2.1.6-beta |
|
| #
1d34498e |
| 18-Aug-2015 |
Azat Khuzhin <[email protected]> |
sample: add HTTP CONNECT tunnelling example using libevent http layer
|
|
Revision tags: release-2.0.22-stable, release-1.4.15-stable, release-2.1.5-beta |
|
| #
0c492b33 |
| 13-Jun-2014 |
Mike Frysinger <[email protected]> |
add a --disable-samples configure flag
For people building & installing libevent in a distro, building all these
sample apps are not useful. Add a flag to turn them off.
|
|
Revision tags: release-2.1.4-alpha, release-2.1.3-alpha |
|
| #
4db9da6b |
| 28-Feb-2013 |
Patrick Pelletier <[email protected]> |
pull in wildcard matching code from cURL
Now, https-client accepts both:
https://ip.appspot.com/ (matching wildcard certificate)
https://github.com/ (matching non-wildcard certificate)
but sti
pull in wildcard matching code from cURL
Now, https-client accepts both:
https://ip.appspot.com/ (matching wildcard certificate)
https://github.com/ (matching non-wildcard certificate)
but still rejects
https://www.kegel.com/ (non-matching wildcard certificate)
which should match the behavior of these sites in a web browser.
show more ...
|
| #
64d9f161 |
| 28-Feb-2013 |
Patrick Pelletier <[email protected]> |
use iSECPartners code to validate hostname in certificate
The problem is that if you go to a website whose certificate does not
match its hostname, it should fail. Try this in a web browser for
htt
use iSECPartners code to validate hostname in certificate
The problem is that if you go to a website whose certificate does not
match its hostname, it should fail. Try this in a web browser for
https://www.kegel.com/ for example. Your web browser will say the
certificate is for *.pair.com, not for www.kegel.com, and won't let
you visit it without clicking through a bunch of scary warnings.
However, prior to this commit, https-client was happy to fetch
https://www.kegel.com/ without complaining. That is bad. Now, with
this commit, it will properly complain, which is good:
pelletier@chives:~/src/libevent/sample$ ./https-client https://www.kegel.com/
Got 'MatchNotFound' for hostname 'www.kegel.com' and certificate:
/C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Suite 210/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by pair Networks, Inc./OU=PairWildcardSSL $250,000/CN=*.pair.com
some request failed - no idea which one though!
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
ppelletier@chives:~/src/libevent/sample$
It will still succeed for sites with an exactly-matching certificate,
such as https://github.com/ and that is also good!
However, the problem is that the iSECPartners code doesn't handle
wildcards, which means we reject https://ip.appspot.com/ even though
it is perfectly legitimate, because we don't understand the wildcard:
ppelletier@chives:~/src/libevent/sample$ ./https-client https://ip.appspot.com/
Got 'MatchNotFound' for hostname 'ip.appspot.com' and certificate:
/C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.appspot.com
some request failed - no idea which one though!
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
ppelletier@chives:~/src/libevent/sample$
So, we need to fix this. In other words, "to be continued..."
show more ...
|
| #
bf31fa5d |
| 28-Feb-2013 |
Patrick Pelletier <[email protected]> |
use ${OPENSSL_LIBS} instead of -lssl -lcrypto
This made the difference between segfaulting and not segfaulting for
me when I run https-client, when I've built libevent using an OpenSSL
in a non-stan
use ${OPENSSL_LIBS} instead of -lssl -lcrypto
This made the difference between segfaulting and not segfaulting for
me when I run https-client, when I've built libevent using an OpenSSL
in a non-standard location.
In the same spirit as 1d9d5110a4aebf5833f6fd78bd0252affde0f4d0 and
d70af27d0152d0a87a25127faf215604beb8ffe0.
show more ...
|
| #
be46c99b |
| 19-Feb-2013 |
Catalin Patulea <[email protected]> |
Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl.
Signed-off-by: Catalin Patulea <[email protected]>
|
|
Revision tags: release-2.1.2-alpha, release-2.0.21-stable |
|
| #
9e8cdf3d |
| 21-Sep-2012 |
Sebastian Hahn <[email protected]> |
Fix comment to refer to sample/include.am correctly
|
| #
6cdfeebe |
| 28-Aug-2012 |
Nick Mathewson <[email protected]> |
Rename subordinate Makefile.ams to include.am
|