kc3-lang/libevent/sample/include.am
Branch :
Log
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
 |
0c492b33 | 2014-06-13 17:07:50 | add a --disable-samples configure flag For people building & installing libevent in a distro, building all these sample apps are not useful. Add a flag to turn them off. | |
 |
4db9da6b | 2013-02-27 21:12:53 | pull in wildcard matching code from cURL Now, https-client accepts both: https://ip.appspot.com/ (matching wildcard certificate) https://github.com/ (matching non-wildcard certificate) but still rejects https://www.kegel.com/ (non-matching wildcard certificate) which should match the behavior of these sites in a web browser. | |
|
64d9f161 | 2013-02-27 17:16:27 | use iSECPartners code to validate hostname in certificate The problem is that if you go to a website whose certificate does not match its hostname, it should fail. Try this in a web browser for https://www.kegel.com/ for example. Your web browser will say the certificate is for *.pair.com, not for www.kegel.com, and won't let you visit it without clicking through a bunch of scary warnings. However, prior to this commit, https-client was happy to fetch https://www.kegel.com/ without complaining. That is bad. Now, with this commit, it will properly complain, which is good: pelletier@chives:~/src/libevent/sample$ ./https-client https://www.kegel.com/ Got 'MatchNotFound' for hostname 'www.kegel.com' and certificate: /C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Suite 210/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by pair Networks, Inc./OU=PairWildcardSSL $250,000/CN=*.pair.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ It will still succeed for sites with an exactly-matching certificate, such as https://github.com/ and that is also good! However, the problem is that the iSECPartners code doesn't handle wildcards, which means we reject https://ip.appspot.com/ even though it is perfectly legitimate, because we don't understand the wildcard: ppelletier@chives:~/src/libevent/sample$ ./https-client https://ip.appspot.com/ Got 'MatchNotFound' for hostname 'ip.appspot.com' and certificate: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.appspot.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ So, we need to fix this. In other words, "to be continued..." | |
|
bf31fa5d | 2013-02-27 16:31:17 | use ${OPENSSL_LIBS} instead of -lssl -lcrypto This made the difference between segfaulting and not segfaulting for me when I run https-client, when I've built libevent using an OpenSSL in a non-standard location. In the same spirit as 1d9d5110a4aebf5833f6fd78bd0252affde0f4d0 and d70af27d0152d0a87a25127faf215604beb8ffe0. | |
 |
be46c99b | 2013-02-19 12:22:31 | Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl. Signed-off-by: Catalin Patulea <catalinp@google.com> | |
 |
9e8cdf3d | 2012-09-21 08:38:56 | Fix comment to refer to sample/include.am correctly | |
 |
6cdfeebe | 2012-08-28 16:01:14 | Rename subordinate Makefile.ams to include.am |