Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fetch/curl: expose socket open/close via fetch vtable | John-Mark Bell | 2024-03-13 | 1 | -0/+20 |
| | | | | | This allows frontends to customise the behaviour of sockets. The default implementation simply maps to socket(2)/close(2). | ||||
* | fetchers: drop support for ancient OpenSSL | John-Mark Bell | 2024-03-13 | 2 | -328/+31 |
| | | | | | | | | | We now require 1.1.1 or later (and, preferably, 3.x). Also take the opportunity to add support for LibreSSL 3.5.0 or later (we still support ancient versions of this because 3.5.0 is still relatively modern -- give it a few more years and support for old LibreSSL can go, too) | ||||
* | Revert "fetchers: drop support for ancient OpenSSL" | John-Mark Bell | 2024-02-11 | 2 | -31/+328 |
| | | | | | | | ciworker{8,12} (respectively: FreeBSD, aarch64 Linux) are running obsolete OS versions. Disappointment ensues. This reverts commit 6bb70e88108c904d67e9af7c8e5b273f6cd6854f. | ||||
* | fetchers: drop support for ancient OpenSSL | John-Mark Bell | 2024-02-08 | 2 | -328/+31 |
| | | | | | | | | | We now require 1.1.1 or later (and, preferably, 3.x). Also take the opportunity to add support for LibreSSL 3.5.0 or later (we still support ancient versions of this because 3.5.0 is still relatively modern -- give it a few more years and support for old LibreSSL can go, too) | ||||
* | fetchers/curl: modernise TLS 1.2 cipher suites | John-Mark Bell | 2024-02-04 | 1 | -8/+25 |
| | | | | | | | | | * Drop support for DHE completely (logjam plus compat woes caused other browsers to do this some time ago) * Minimise CBC-mode suites * Fall back to non-PFS RSA suites if really necessary (we treat this as a protocol downgrade as anything modern should either be using TLS 1.3 or have support for the ECDHE suites) | ||||
* | Fix use of uninitialised code variable in error reporting | Vincent Sanders | 2023-12-13 | 1 | -3/+4 |
| | |||||
* | Attempt to fix maybe uninitialised error | Vincent Sanders | 2023-12-13 | 1 | -1/+1 |
| | |||||
* | Resolve progress function deprication in curl later than 7.32.0 | Vincent Sanders | 2023-12-12 | 1 | -6/+16 |
| | |||||
* | Remove use of depricated API after libcurl 7.56 | Vincent Sanders | 2023-12-12 | 1 | -122/+401 |
| | |||||
* | Avoid integer types with platform dependent size | DeltaVonNeumann | 2023-06-17 | 1 | -1/+2 |
| | |||||
* | fetchers/curl: tolerate lack of TLS1.3 | John-Mark Bell | 2023-03-05 | 1 | -2/+6 |
| | | | | | | | | If we are building against a modern version of libcurl, but it was built against a version of OpenSSL that does not support TLS1.3, then attempting to configure TLS1.3 ciphersuites will fail with CURLE_NOT_BUILT_IN. Tolerate this scenario by treating such a return code as non-fatal in this case. | ||||
* | (curl): Add extra logging to fetcher initialisation | Daniel Silverstone | 2022-12-15 | 1 | -4/+8 |
| | | | | Signed-off-by: Daniel Silverstone <daniel.silverstone@codethink.co.uk> | ||||
* | fetchers/curl: drop non-PFS fallback ciphersuite | John-Mark Bell | 2022-11-05 | 1 | -2/+0 |
| | |||||
* | fetchers/curl: disable TLS1.0 and TLS1.1 support | John-Mark Bell | 2022-11-05 | 1 | -10/+6 |
| | |||||
* | fetchers/curl: explicitly configure TLS1.3 ciphersuites | John-Mark Bell | 2022-11-05 | 1 | -1/+13 |
| | | | | These currently match the defaults, so no functional change. | ||||
* | About/Cert: get EC key details using OpenSSL 3 APIs | John-Mark Bell | 2022-05-28 | 1 | -25/+321 |
| | | | | | | Replace the fetching and poking around inside the low-level EC object with appropriate calls to EVP_PKEY_get_(octet|utf8)_string_param() and add a compatibility layer for old versions of OpenSSL. | ||||
* | About/Cert: get RSA n/e using OpenSSL 3 APIs | John-Mark Bell | 2022-05-28 | 1 | -6/+119 |
| | | | | | | Replace the fetching and poking around inside the low-level RSA object with appropriate calls to EVP_PKEY_get_bn_param() and add a compatibility layer for old versions of OpenSSL. | ||||
* | About/Cert: use EVP_PKEY_bits to get key size | John-Mark Bell | 2022-05-28 | 1 | -43/+5 |
| | |||||
* | About/Cert: contain pkey inspection in type methods | John-Mark Bell | 2022-05-28 | 1 | -12/+18 |
| | | | | | Use of the low-level key types is deprecated in OpenSSL 3. Prepare to stop using them by removing them from function calls. | ||||
* | about(chart): include config.h to silence warning | John-Mark Bell | 2022-05-27 | 1 | -0/+1 |
| | | | | This file uses strndup, so needs config.h including to define it. | ||||
* | About: Chart: Squash implicit declaration of strndup. | Michael Drake | 2022-03-28 | 1 | -0/+1 |
| | |||||
* | hoist the Referer header generation logic up to the low level cache | Vincent Sanders | 2021-03-25 | 1 | -1/+0 |
| | | | | | | | This removes the need for the fetchers to have any interaction with the Referer header. It has not been completely removed from the fetch interface as fetch.c:fetch_set_cookie() still uses it for unverifiable cookie decision logic. (There is an anchient todo here) | ||||
* | add simple chart generator and use it from the imagecache | Vincent Sanders | 2020-10-05 | 5 | -2/+691 |
| | |||||
* | about: Check senddata return in blank handler | Daniel Silverstone | 2020-10-03 | 1 | -1/+2 |
| | | | | Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org> | ||||
* | split out about scheme handler for nscolours css | Vincent Sanders | 2020-09-29 | 4 | -55/+125 |
| | |||||
* | split out about scheme query fetcherror handler | Vincent Sanders | 2020-09-29 | 4 | -125/+195 |
| | |||||
* | split out about scheme query timeout page | Vincent Sanders | 2020-09-29 | 4 | -120/+195 |
| | |||||
* | split out about scheme query auth handler | Vincent Sanders | 2020-09-29 | 4 | -214/+284 |
| | |||||
* | split out about scheme query private handler | Vincent Sanders | 2020-09-27 | 7 | -179/+338 |
| | |||||
* | split out choices about scheme handler | Vincent Sanders | 2020-09-27 | 4 | -67/+130 |
| | |||||
* | split out about handler config handler | Vincent Sanders | 2020-09-27 | 4 | -101/+176 |
| | |||||
* | split out about scheme testament handler | Vincent Sanders | 2020-09-23 | 4 | -104/+168 |
| | |||||
* | split out about scheme certificate viewer generator | Vincent Sanders | 2020-09-21 | 5 | -1153/+1236 |
| | |||||
* | split out blank handler for about scheme | Vincent Sanders | 2020-09-21 | 4 | -35/+96 |
| | |||||
* | split out the about scheme imagecache page generator | Vincent Sanders | 2020-09-20 | 6 | -246/+396 |
| | |||||
* | move about fetcher into its own directory | Vincent Sanders | 2020-09-20 | 4 | -7/+14 |
| | |||||
* | move the file fetcher sources into a single directory | Vincent Sanders | 2020-07-03 | 6 | -4/+468 |
| | |||||
* | remove incorrect colour rule from unternal.css | Vincent Sanders | 2020-06-29 | 1 | -1/+1 |
| | |||||
* | fix: Make it OK if the chain isn't avilable during bad-ssl querying | Daniel Silverstone | 2020-05-23 | 1 | -8/+16 |
| | | | | Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org> | ||||
* | fetchers/curl: Move report_certs function outside WITH_OPENSSL | Daniel Silverstone | 2020-05-22 | 1 | -21/+22 |
| | | | | Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org> | ||||
* | query/ssl: Include link to view certificate details | Daniel Silverstone | 2020-05-22 | 1 | -1/+9 |
| | | | | Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org> | ||||
* | about: Rework freeing the san_names structure | Daniel Silverstone | 2020-05-19 | 1 | -1/+11 |
| | | | | | | | | | AmiSSL's approach to replacing 90% of OpenSSL calls with assembly means that the official way to pop_free a stack type won't work. As such, we open-code it here. Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org> | ||||
* | add subject alternative names to certificate viewer | Vincent Sanders | 2020-05-18 | 1 | -0/+103 |
| | |||||
* | Page info: Improve certificate fault display style. | Michael Drake | 2020-05-18 | 1 | -6/+9 |
| | |||||
* | Display errors properly in certificate window | Vincent Sanders | 2020-05-18 | 1 | -5/+19 |
| | |||||
* | Improve certificate page styling. | Michael Drake | 2020-05-17 | 1 | -7/+35 |
| | |||||
* | add fingerprints to the certificate viewer | Vincent Sanders | 2020-05-17 | 1 | -0/+115 |
| | |||||
* | split out public key table formatted output | Vincent Sanders | 2020-05-17 | 1 | -55/+68 |
| | |||||
* | use entity for colon in certificate hex values to allow netsurf to break ↵ | Vincent Sanders | 2020-05-17 | 1 | -2/+10 |
| | | | | properly | ||||
* | get the sign right on the certificate openssl compatability interface | Vincent Sanders | 2020-05-17 | 1 | -2/+2 |
| |