kmx git

Commit	Date	Message
d5b24cc0	2019-03-05T21:34:31	sample/becat: bufferevent cat, ncat/nc/telnet analog
0ec5edde	2017-08-21T01:08:15	autotools: pass $(OPENSSL_INCS) for samples (FTBFS macOS) if OpenSSL is in a non standard location, need to pass that information to any sample that needs it Closes: #550
1d34498e	2015-08-18T12:18:31	sample: add HTTP CONNECT tunnelling example using libevent http layer
0c492b33	2014-06-13T17:07:50	add a --disable-samples configure flag For people building & installing libevent in a distro, building all these sample apps are not useful. Add a flag to turn them off.
4db9da6b	2013-02-27T21:12:53	pull in wildcard matching code from cURL Now, https-client accepts both: https://ip.appspot.com/ (matching wildcard certificate) https://github.com/ (matching non-wildcard certificate) but still rejects https://www.kegel.com/ (non-matching wildcard certificate) which should match the behavior of these sites in a web browser.
64d9f161	2013-02-27T17:16:27	use iSECPartners code to validate hostname in certificate The problem is that if you go to a website whose certificate does not match its hostname, it should fail. Try this in a web browser for https://www.kegel.com/ for example. Your web browser will say the certificate is for .pair.com, not for www.kegel.com, and won't let you visit it without clicking through a bunch of scary warnings. However, prior to this commit, https-client was happy to fetch https://www.kegel.com/ without complaining. That is bad. Now, with this commit, it will properly complain, which is good: pelletier@chives:~/src/libevent/sample$ ./https-client https://www.kegel.com/ Got 'MatchNotFound' for hostname 'www.kegel.com' and certificate: /C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Suite 210/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by pair Networks, Inc./OU=PairWildcardSSL $250,000/CN=.pair.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ It will still succeed for sites with an exactly-matching certificate, such as https://github.com/ and that is also good! However, the problem is that the iSECPartners code doesn't handle wildcards, which means we reject https://ip.appspot.com/ even though it is perfectly legitimate, because we don't understand the wildcard: ppelletier@chives:~/src/libevent/sample$ ./https-client https://ip.appspot.com/ Got 'MatchNotFound' for hostname 'ip.appspot.com' and certificate: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.appspot.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ So, we need to fix this. In other words, "to be continued..."
bf31fa5d	2013-02-27T16:31:17	use ${OPENSSL_LIBS} instead of -lssl -lcrypto This made the difference between segfaulting and not segfaulting for me when I run https-client, when I've built libevent using an OpenSSL in a non-standard location. In the same spirit as 1d9d5110a4aebf5833f6fd78bd0252affde0f4d0 and d70af27d0152d0a87a25127faf215604beb8ffe0.
be46c99b	2013-02-19T12:22:31	Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl. Signed-off-by: Catalin Patulea <catalinp@google.com>
9e8cdf3d	2012-09-21T08:38:56	Fix comment to refer to sample/include.am correctly
6cdfeebe	2012-08-28T16:01:14	Rename subordinate Makefile.ams to include.am

d5b24cc0

2019-03-05T21:34:31

sample/becat: bufferevent cat, ncat/nc/telnet analog

0ec5edde

2017-08-21T01:08:15

autotools: pass $(OPENSSL_INCS) for samples (FTBFS macOS) if OpenSSL is in a non standard location, need to pass that information to any sample that needs it Closes: #550

1d34498e

2015-08-18T12:18:31

sample: add HTTP CONNECT tunnelling example using libevent http layer

0c492b33

2014-06-13T17:07:50

add a --disable-samples configure flag For people building & installing libevent in a distro, building all these sample apps are not useful. Add a flag to turn them off.

4db9da6b

2013-02-27T21:12:53

pull in wildcard matching code from cURL Now, https-client accepts both: https://ip.appspot.com/ (matching wildcard certificate) https://github.com/ (matching non-wildcard certificate) but still rejects https://www.kegel.com/ (non-matching wildcard certificate) which should match the behavior of these sites in a web browser.

64d9f161

2013-02-27T17:16:27

use iSECPartners code to validate hostname in certificate The problem is that if you go to a website whose certificate does not match its hostname, it should fail. Try this in a web browser for https://www.kegel.com/ for example. Your web browser will say the certificate is for *.pair.com, not for www.kegel.com, and won't let you visit it without clicking through a bunch of scary warnings. However, prior to this commit, https-client was happy to fetch https://www.kegel.com/ without complaining. That is bad. Now, with this commit, it will properly complain, which is good: pelletier@chives:~/src/libevent/sample$ ./https-client https://www.kegel.com/ Got 'MatchNotFound' for hostname 'www.kegel.com' and certificate: /C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Suite 210/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by pair Networks, Inc./OU=PairWildcardSSL $250,000/CN=*.pair.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ It will still succeed for sites with an exactly-matching certificate, such as https://github.com/ and that is also good! However, the problem is that the iSECPartners code doesn't handle wildcards, which means we reject https://ip.appspot.com/ even though it is perfectly legitimate, because we don't understand the wildcard: ppelletier@chives:~/src/libevent/sample$ ./https-client https://ip.appspot.com/ Got 'MatchNotFound' for hostname 'ip.appspot.com' and certificate: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.appspot.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ So, we need to fix this. In other words, "to be continued..."

bf31fa5d

2013-02-27T16:31:17

use ${OPENSSL_LIBS} instead of -lssl -lcrypto This made the difference between segfaulting and not segfaulting for me when I run https-client, when I've built libevent using an OpenSSL in a non-standard location. In the same spirit as 1d9d5110a4aebf5833f6fd78bd0252affde0f4d0 and d70af27d0152d0a87a25127faf215604beb8ffe0.

be46c99b

2013-02-19T12:22:31

Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl. Signed-off-by: Catalin Patulea <catalinp@google.com>

9e8cdf3d

2012-09-21T08:38:56

Fix comment to refer to sample/include.am correctly

6cdfeebe

2012-08-28T16:01:14

Rename subordinate Makefile.ams to include.am

kc3-lang/libevent/sample/include.am

sample/include.am

Log