romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-06-04 09:24:20 +03:00
Code Issues Projects Releases Packages Wiki Activity
curl/lib/vtls
History
Nico Rieck 2d6333101a openssl: make CURLSSLOPT_NATIVE_CA import Windows intermediate CAs 
- If CURLSSLOPT_NATIVE_CA on Windows then import from intermediate CA
  "CA" store after importing from root CA "ROOT" store.

This change allows curl to work in situations where a server does not
send all intermediate certs and they are present in the "CA" store (the
store with intermediate CAs). This is already allowed by the Schannel
backend.

Also this change makes partial chain verification possible for those
certs since we allow partial chain verification by default for OpenSSL
(unless CURLSSLOPT_NO_PARTIALCHAIN). This is not allowed by the Schannel
backend.

Prior to this change CURLSSLOPT_NATIVE_CA only imported "ROOT" certs.

Fixes https://github.com/curl/curl/issues/12155
Closes https://github.com/curl/curl/pull/12185
2023-10-29 03:39:43 -04:00
..
bearssl.c lib: introduce struct easy_poll_set for poll information 2023-10-25 09:34:32 +02:00
bearssl.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
gtls.c lib: introduce struct easy_poll_set for poll information 2023-10-25 09:34:32 +02:00
gtls.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
hostcheck.c gskit: remove 2023-08-07 20:57:48 +02:00
hostcheck.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
keylog.c copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
keylog.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
mbedtls.c lib: introduce struct easy_poll_set for poll information 2023-10-25 09:34:32 +02:00
mbedtls.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
mbedtls_threadlock.c copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
mbedtls_threadlock.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
openssl.c openssl: make CURLSSLOPT_NATIVE_CA import Windows intermediate CAs 2023-10-29 03:39:43 -04:00
openssl.h ngtcp2: add CURLOPT_SSL_CTX_FUNCTION support for openssl+wolfssl 2023-01-10 13:41:21 +01:00
rustls.c lib: introduce struct easy_poll_set for poll information 2023-10-25 09:34:32 +02:00
rustls.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
schannel.c lib: introduce struct easy_poll_set for poll information 2023-10-25 09:34:32 +02:00
schannel.h build: do not publish HAVE_BORINGSSL, HAVE_AWSLC macros 2023-10-08 22:29:45 +00:00
schannel_int.h mingw: delete support for legacy mingw.org toolchain 2023-09-23 09:12:57 +00:00
schannel_verify.c schannel: verify hostname independent of verify cert 2023-08-11 12:27:18 -04:00
sectransp.c lib: introduce struct easy_poll_set for poll information 2023-10-25 09:34:32 +02:00
sectransp.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
vtls.c lib: introduce struct easy_poll_set for poll information 2023-10-25 09:34:32 +02:00
vtls.h vtls: clarify "ALPN: offers" message 2023-08-01 08:16:14 +02:00
vtls_int.h lib: introduce struct easy_poll_set for poll information 2023-10-25 09:34:32 +02:00
wolfssl.c lib: introduce struct easy_poll_set for poll information 2023-10-25 09:34:32 +02:00
wolfssl.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
x509asn1.c gskit: remove 2023-08-07 20:57:48 +02:00
x509asn1.h gskit: remove 2023-08-07 20:57:48 +02:00