src/stransport_stream.c


Log

Author Commit Date CI Message
Carlos Martín Nieto 9884dd61 2016-08-05T18:40:37 SecureTransport: handle NULL trust on success The `SSLCopyPeerTrust` call can succeed but fail to return a trust object if it can't load the certificate chain and thus cannot check the validity of a certificate. This can lead to us calling `CFRelease` on a `NULL` trust object, causing a crash. Handle this by returning ECERTIFICATE.
Lucas Derraugh 2527db87 2016-05-05T23:34:23 Fix unused variable 'message' warning
Edward Thomson e0aed4bd 2016-04-21T11:01:09 stransport: pass proxy opts instead of char*
Edward Thomson 79698030 2015-06-29T22:51:18 git_cert: child types use proper base type
Pierre-Olivier Latour cae2a555 2015-06-26T08:17:56 Fixed build failure if GIT_CURL is not defined
Carlos Martín Nieto 58ca8c7e 2015-06-24T17:27:16 SecureTransport: use the curl stream if available If the libcurl stream is available, use that as the underlying stream instead of the socket stream. This allows us to set a proxy for HTTPS connections.
Logan Collins b224c388 2015-05-07T14:21:25 Fix in stransport_stream.c for usage of SecCopyErrorMessageString(), which is unavailable to iOS targets.
Pierre-Olivier Latour 6d0a0aca 2015-06-11T23:20:28 Fixed some Secure Transport issues on OS X The read and write callbacks passed to SSLSetIOFuncs() have been rewritten to match the implementation used on opensource.apple.com and other open source projects like VLC. This change also fixes a bug where the read callback could get into an infinite loop when 0 bytes were read.
Carlos Martín Nieto 44b769e4 2015-04-13T15:39:58 SecureTransport: handle graceful closes On close, we might get a return code which looks like an error but just means that the other side closed gracefully. Handle that.
Carlos Martín Nieto 65ac7ddc 2015-03-24T16:31:51 SecureTransport: require TLS v1.x Anything SSL is deprecated. Let's make sure we don't try to use SSL v3 when talking to the server.
Carlos Martín Nieto b7e1c81d 2015-03-19T10:51:48 SecureTransport: allow overriding a bad certificate Do not automatically fail on a bad certificate, but let the caller decide. This means we don't need our switch on errors anymore but can return a string representation from the security framework.
Carlos Martín Nieto 6bb54cbf 2014-11-02T13:23:32 Add a SecureTransport TLS channel As an alternative to OpenSSL when we're on OS X. This one can actually take advantage of stacking the streams.