Commit graph

4 commits

Author SHA1 Message Date
Viktor Szakats
4d2a05d3fe
tests: use crlf=yes attribute more
To make special newlines more explicit and visible.
Mostly in `<protocol>` sections, some in `<data*>` and `<upload>`.

Reducing the number of `tests/data/test*`:
- CRLF newlines from 21535 to 11337.
- files with mixed newlines from 1335 to 707.

Also delete empty `<protocol>` sections.

Closes #19284
2025-10-31 15:01:08 +01:00
Daniel Stenberg
08a3e8e19a
TLS: remove support for Secure Transport and BearSSL
These libraries do not support TLS 1.3 and have been marked for removal
for over a year. We want to help users select a TLS dependency that is
future-proof and reliable, and not supporting TLS 1.3 in 2025 does not
infer confidence. Users who build libcurl are likely to be served better
and get something more future-proof with a TLS library that supports
1.3.

Closes #16677
2025-06-11 07:54:19 +02:00
Yedaya Katsman
2cf19c245e
tests: test mtls also w/ clientAuth EKU only
The google chrome root program will stop allowing roots that have both
clientAuth and ServerAuth [1].

In one of the mtls tests, use a certificate with only the clientAuth
EKU.

[1] https://googlechrome.github.io/chromerootprogram/#322-pki-hierarchies-included-in-the-chrome-root-store

Closes #17493
2025-05-31 15:20:25 +02:00
Yedaya Katsman
8988f33f62
tests: Add https-mtls server to force client auth
- test2088 verifies that mutual tls works

This adds a new certificate to generate which has the clientAuth key
usage enabled, and uses it to connect to a https-mtls server.

Closes #16923
2025-04-07 08:46:56 +02:00