summaryrefslogtreecommitdiff
path: root/content/fetchers
Commit message (Collapse)AuthorAgeFilesLines
* Fetch/curl: expose socket open/close via fetch vtableJohn-Mark Bell2024-03-131-0/+20
| | | | | This allows frontends to customise the behaviour of sockets. The default implementation simply maps to socket(2)/close(2).
* fetchers: drop support for ancient OpenSSLJohn-Mark Bell2024-03-132-328/+31
| | | | | | | | | We now require 1.1.1 or later (and, preferably, 3.x). Also take the opportunity to add support for LibreSSL 3.5.0 or later (we still support ancient versions of this because 3.5.0 is still relatively modern -- give it a few more years and support for old LibreSSL can go, too)
* Revert "fetchers: drop support for ancient OpenSSL"John-Mark Bell2024-02-112-31/+328
| | | | | | | ciworker{8,12} (respectively: FreeBSD, aarch64 Linux) are running obsolete OS versions. Disappointment ensues. This reverts commit 6bb70e88108c904d67e9af7c8e5b273f6cd6854f.
* fetchers: drop support for ancient OpenSSLJohn-Mark Bell2024-02-082-328/+31
| | | | | | | | | We now require 1.1.1 or later (and, preferably, 3.x). Also take the opportunity to add support for LibreSSL 3.5.0 or later (we still support ancient versions of this because 3.5.0 is still relatively modern -- give it a few more years and support for old LibreSSL can go, too)
* fetchers/curl: modernise TLS 1.2 cipher suitesJohn-Mark Bell2024-02-041-8/+25
| | | | | | | | | * Drop support for DHE completely (logjam plus compat woes caused other browsers to do this some time ago) * Minimise CBC-mode suites * Fall back to non-PFS RSA suites if really necessary (we treat this as a protocol downgrade as anything modern should either be using TLS 1.3 or have support for the ECDHE suites)
* Fix use of uninitialised code variable in error reportingVincent Sanders2023-12-131-3/+4
|
* Attempt to fix maybe uninitialised errorVincent Sanders2023-12-131-1/+1
|
* Resolve progress function deprication in curl later than 7.32.0Vincent Sanders2023-12-121-6/+16
|
* Remove use of depricated API after libcurl 7.56Vincent Sanders2023-12-121-122/+401
|
* Avoid integer types with platform dependent sizeDeltaVonNeumann2023-06-171-1/+2
|
* fetchers/curl: tolerate lack of TLS1.3John-Mark Bell2023-03-051-2/+6
| | | | | | | | If we are building against a modern version of libcurl, but it was built against a version of OpenSSL that does not support TLS1.3, then attempting to configure TLS1.3 ciphersuites will fail with CURLE_NOT_BUILT_IN. Tolerate this scenario by treating such a return code as non-fatal in this case.
* (curl): Add extra logging to fetcher initialisationDaniel Silverstone2022-12-151-4/+8
| | | | Signed-off-by: Daniel Silverstone <daniel.silverstone@codethink.co.uk>
* fetchers/curl: drop non-PFS fallback ciphersuiteJohn-Mark Bell2022-11-051-2/+0
|
* fetchers/curl: disable TLS1.0 and TLS1.1 supportJohn-Mark Bell2022-11-051-10/+6
|
* fetchers/curl: explicitly configure TLS1.3 ciphersuitesJohn-Mark Bell2022-11-051-1/+13
| | | | These currently match the defaults, so no functional change.
* About/Cert: get EC key details using OpenSSL 3 APIsJohn-Mark Bell2022-05-281-25/+321
| | | | | | Replace the fetching and poking around inside the low-level EC object with appropriate calls to EVP_PKEY_get_(octet|utf8)_string_param() and add a compatibility layer for old versions of OpenSSL.
* About/Cert: get RSA n/e using OpenSSL 3 APIsJohn-Mark Bell2022-05-281-6/+119
| | | | | | Replace the fetching and poking around inside the low-level RSA object with appropriate calls to EVP_PKEY_get_bn_param() and add a compatibility layer for old versions of OpenSSL.
* About/Cert: use EVP_PKEY_bits to get key sizeJohn-Mark Bell2022-05-281-43/+5
|
* About/Cert: contain pkey inspection in type methodsJohn-Mark Bell2022-05-281-12/+18
| | | | | Use of the low-level key types is deprecated in OpenSSL 3. Prepare to stop using them by removing them from function calls.
* about(chart): include config.h to silence warningJohn-Mark Bell2022-05-271-0/+1
| | | | This file uses strndup, so needs config.h including to define it.
* About: Chart: Squash implicit declaration of strndup.Michael Drake2022-03-281-0/+1
|
* hoist the Referer header generation logic up to the low level cacheVincent Sanders2021-03-251-1/+0
| | | | | | | This removes the need for the fetchers to have any interaction with the Referer header. It has not been completely removed from the fetch interface as fetch.c:fetch_set_cookie() still uses it for unverifiable cookie decision logic. (There is an anchient todo here)
* add simple chart generator and use it from the imagecacheVincent Sanders2020-10-055-2/+691
|
* about: Check senddata return in blank handlerDaniel Silverstone2020-10-031-1/+2
| | | | Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
* split out about scheme handler for nscolours cssVincent Sanders2020-09-294-55/+125
|
* split out about scheme query fetcherror handlerVincent Sanders2020-09-294-125/+195
|
* split out about scheme query timeout pageVincent Sanders2020-09-294-120/+195
|
* split out about scheme query auth handlerVincent Sanders2020-09-294-214/+284
|
* split out about scheme query private handlerVincent Sanders2020-09-277-179/+338
|
* split out choices about scheme handlerVincent Sanders2020-09-274-67/+130
|
* split out about handler config handlerVincent Sanders2020-09-274-101/+176
|
* split out about scheme testament handlerVincent Sanders2020-09-234-104/+168
|
* split out about scheme certificate viewer generatorVincent Sanders2020-09-215-1153/+1236
|
* split out blank handler for about schemeVincent Sanders2020-09-214-35/+96
|
* split out the about scheme imagecache page generatorVincent Sanders2020-09-206-246/+396
|
* move about fetcher into its own directoryVincent Sanders2020-09-204-7/+14
|
* move the file fetcher sources into a single directoryVincent Sanders2020-07-036-4/+468
|
* remove incorrect colour rule from unternal.cssVincent Sanders2020-06-291-1/+1
|
* fix: Make it OK if the chain isn't avilable during bad-ssl queryingDaniel Silverstone2020-05-231-8/+16
| | | | Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
* fetchers/curl: Move report_certs function outside WITH_OPENSSLDaniel Silverstone2020-05-221-21/+22
| | | | Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
* query/ssl: Include link to view certificate detailsDaniel Silverstone2020-05-221-1/+9
| | | | Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
* about: Rework freeing the san_names structureDaniel Silverstone2020-05-191-1/+11
| | | | | | | | | AmiSSL's approach to replacing 90% of OpenSSL calls with assembly means that the official way to pop_free a stack type won't work. As such, we open-code it here. Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
* add subject alternative names to certificate viewerVincent Sanders2020-05-181-0/+103
|
* Page info: Improve certificate fault display style.Michael Drake2020-05-181-6/+9
|
* Display errors properly in certificate windowVincent Sanders2020-05-181-5/+19
|
* Improve certificate page styling.Michael Drake2020-05-171-7/+35
|
* add fingerprints to the certificate viewerVincent Sanders2020-05-171-0/+115
|
* split out public key table formatted outputVincent Sanders2020-05-171-55/+68
|
* use entity for colon in certificate hex values to allow netsurf to break ↵Vincent Sanders2020-05-171-2/+10
| | | | properly
* get the sign right on the certificate openssl compatability interfaceVincent Sanders2020-05-171-2/+2
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-18 03:20:50 +0000