romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-20 10:56:20 +03:00
Code Issues Projects Releases Packages Wiki Activity
curl/tests
History
Joshua Rogers 7541ae569d
tls: fix incomplete mTLS config in conn reuse and session cache 
cert_type, key, key_type, key_passwd and key_blob lived in
ssl_config_data but not in ssl_primary_config, so they were invisible to
match_ssl_primary_config() and to the TLS session cache peer key.

Two easy handles sharing a connection pool could reuse each other's
authenticated connections when they differed only on SSLKEY, SSLKEYTYPE,
KEYPASSWD, SSLCERTTYPE or SSLKEYBLOB. The second handle would silently
inherit the first handle's authenticated identity.

Promote all five fields into ssl_primary_config so the conn-reuse
predicate and session cache key cover the complete client credential
set. Also replace the fixed ":CCERT" session cache marker with the
actual clientcert path so sessions are not shared across different
client certificates.

Verified by test 3303 and 3304

Reported-By: Joshua Rogers (AISLE Research)
Closes #21667
2026-05-20 00:02:33 +02:00
..
certs genserv.pl: make external calls safe 2026-03-23 12:39:38 +01:00
cmake cmake: add CMake Config-based dependency detection 2026-03-21 18:52:31 +01:00
data tls: fix incomplete mTLS config in conn reuse and session cache 2026-05-20 00:02:33 +02:00
http unix-sockets: ignore proxy settings 2026-05-16 18:49:46 +02:00
libtest url: detect proxy changes read from environment 2026-05-19 17:14:16 +02:00
server GHA: enable -Wunused-macros in clang-tidy jobs 2026-05-16 01:17:41 +02:00
tunit tool1622: assert width and exact format boundaries 2026-05-07 08:00:03 +02:00
unit tls: fix incomplete mTLS config in conn reuse and session cache 2026-05-20 00:02:33 +02:00
.gitignore build: stop building and installing runtests.1 and testcurl.1 2026-04-28 09:07:27 +02:00
allversions.pm badwords: fix issues found in tests 2025-11-17 13:30:35 +01:00
appveyor.pm tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
azure.pm
CMakeLists.txt tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
config.in
configurehelp.pm.in
devtest.pl tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
dictserver.py tests: make whitespace between functions and classes consistent 2026-04-08 10:28:05 -07:00
directories.pm tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
ech_combos.py tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
ech_tests.sh tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
ftpserver.pl tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
getpart.pm tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
globalconfig.pm tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
http-server.pl tidy-up: miscellaneous 2025-11-17 13:32:43 +01:00
http2-server.pl tidy-up: miscellaneous 2025-11-17 13:32:43 +01:00
http3-server.pl tidy-up: miscellaneous 2025-11-17 13:32:43 +01:00
Makefile.am tidy-up: miscellaneous 2026-01-15 13:06:13 +01:00
memanalyze.pl runtests: make memanalyzer a Perl module (for 1.1-2x speed-up per test run) 2025-12-04 13:14:32 +01:00
memanalyzer.pm scripts: drop redundant double-quotes: "$var" -> $var (Perl) 2026-03-21 13:21:06 +01:00
negtelnetserver.py tests: make whitespace between functions and classes consistent 2026-04-08 10:28:05 -07:00
nghttpx.conf
pathhelp.pm tidy-up: miscellaneous 2026-04-14 01:08:32 +02:00
processhelp.pm scripts: drop redundant double-quotes: "$var" -> $var (Perl) 2026-03-21 13:21:06 +01:00
requirements.txt GHA: bump actions and pips 2026-05-01 21:19:22 +02:00
rtspserver.pl tidy-up: miscellaneous 2025-11-17 13:32:43 +01:00
runner.pm runner.pm: set CURL_TESTNUM for precheck commands 2026-05-16 11:55:59 +02:00
runtests.pl tidy-up: sort TLS backends, distros, alphabetically 2026-05-11 11:57:25 +02:00
secureserver.pl tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
serverhelp.pm scripts: drop redundant double-quotes: "$var" -> $var (Perl) 2026-03-21 13:21:06 +01:00
servers.pm tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
smbserver.py tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
sshhelp.pm runtests: allow configuring SSH host/client key algorithm 2026-04-05 11:19:42 +02:00
sshserver.pl tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
test745.pl tidy-up: Markdown, clang-format nits 2026-01-22 23:44:47 +01:00
test971.pl scripts: drop redundant double-quotes: "$var" -> $var (Perl) 2026-03-21 13:21:06 +01:00
test1119.pl tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
test1135.pl scripts: drop redundant double-quotes: "$var" -> $var (Perl) 2026-03-21 13:21:06 +01:00
test1139.pl scripts: drop redundant double-quotes: "$var" -> $var (Perl) 2026-03-21 13:21:06 +01:00
test1140.pl scripts: drop redundant double-quotes: "$var" -> $var (Perl) 2026-03-21 13:21:06 +01:00
test1165.pl build: disable typecheck via the command-line instead of curl_config.h 2026-02-20 16:32:37 +01:00
test1167.pl tidy-up: miscellaneous 2026-04-14 01:08:32 +02:00
test1173.pl scripts: drop redundant double-quotes: "$var" -> $var (Perl) 2026-03-21 13:21:06 +01:00
test1175.pl badwords: fix issues found in tests 2025-11-17 13:30:35 +01:00
test1177.pl scripts: drop redundant double-quotes: "$var" -> $var (Perl) 2026-03-21 13:21:06 +01:00
test1222.pl scripts: drop redundant double-quotes: "$var" -> $var (Perl) 2026-03-21 13:21:06 +01:00
test1275.pl test1275.pl: ignore indented sections in markdowns 2026-04-01 14:36:10 +02:00
test1276.pl optiontable: replace stdin with filename arg, harden open() call 2026-03-19 15:06:43 +01:00
test1477.pl tidy-up: miscellaneous 2025-12-12 04:18:48 +01:00
test1486.pl src: fix formatting nits 2025-12-03 20:50:18 +01:00
test1488.pl scripts: drop redundant double-quotes: "$var" -> $var (Perl) 2026-03-21 13:21:06 +01:00
test1544.pl scripts: drop redundant double-quotes: "$var" -> $var (Perl) 2026-03-21 13:21:06 +01:00
test1707.pl perl: harden external command invocations 2026-03-26 14:20:07 +01:00
testcurl.pl testcurl.pl: replace shell commands with Perl rmtree() 2026-03-21 22:42:38 +01:00
testutil.pm tidy-up: miscellaneous 2026-05-16 01:56:17 +02:00
tftpserver.pl tidy-up: miscellaneous 2025-11-17 13:32:43 +01:00
util.py tests: make whitespace between functions and classes consistent 2026-04-08 10:28:05 -07:00
valgrind.pm scripts: drop redundant double-quotes: "$var" -> $var (Perl) 2026-03-21 13:21:06 +01:00
valgrind.supp