Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Use curl API (versions after 7.56.0) to determine if openssl is in use | Vincent Sanders | 2019-10-01 | 1 | -4/+23 |
| | |||||
* | Allow the curl fetcher to be built without openssl. | Vincent Sanders | 2019-09-30 | 1 | -30/+61 |
| | | | | | | | | | | The curl fetcher can operate without openssl library being available, additionaly curl itself may be compiled with a different TLS library. In either case this will simply cause the "unknown" error to be reported for all TLS failiures and page information to lack any certificate information. | ||||
* | SSL Error: Enable OpenSSL hostname verification | Daniel Silverstone | 2019-08-14 | 1 | -16/+19 |
| | | | | | | | | Since OpenSSL 1.0.2 there has been hostname verification support which cURL doesn't turn on for some reason. Turn it on so that we get better hostname verification handling. Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org> | ||||
* | add English message text for ssl errors | Vincent Sanders | 2019-08-10 | 1 | -1/+1 |
| | |||||
* | add common name ssl certificate error | Vincent Sanders | 2019-08-10 | 1 | -3/+16 |
| | | | | | This adds an ssl faliure code and explanation why curl fetcher does not currently set it. | ||||
* | About: Tweak the new about query page renderng. | Michael Drake | 2019-08-09 | 1 | -5/+5 |
| | |||||
* | rework about scheme handlers to be consistant with output buffer handling | Vincent Sanders | 2019-08-08 | 1 | -176/+234 |
| | |||||
* | apply tlsa styling improvements to about scheme query pages | Vincent Sanders | 2019-08-07 | 1 | -10/+20 |
| | |||||
* | add basic styling to about scheme privacy query page | Vincent Sanders | 2019-08-07 | 1 | -53/+86 |
| | |||||
* | Improve the about scheme query page generation be be bounds safe | Vincent Sanders | 2019-08-06 | 1 | -53/+143 |
| | |||||
* | Support SSL verification through new about: handler | Daniel Silverstone | 2019-08-06 | 1 | -0/+43 |
| | | | | | | | | In doing this, also propagate why the certificates were bad so that the page can display a reason. We will need FatMessages for all these. Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org> | ||||
* | futher refinement on about scheme query styling | Vincent Sanders | 2019-08-06 | 1 | -1/+1 |
| | |||||
* | improve css formatting in about scheme query handlers | Vincent Sanders | 2019-08-06 | 1 | -3/+4 |
| | |||||
* | fix url reference counting in about scheme query handlers | Vincent Sanders | 2019-08-06 | 1 | -0/+9 |
| | |||||
* | add about scheme query handlers | Vincent Sanders | 2019-08-06 | 1 | -1/+334 |
| | |||||
* | Improve about scheme doc comments and formatting | Vincent Sanders | 2019-08-05 | 1 | -45/+122 |
| | |||||
* | curl.c: Don't use OpenSSL 1.1 only serialNumber fetcher | Daniel Silverstone | 2019-08-05 | 1 | -1/+1 |
| | | | | Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org> | ||||
* | Migrate SSL certificate storage to the browser window | Daniel Silverstone | 2019-08-05 | 1 | -119/+132 |
| | | | | | | | | | | * Fetchers now provide the certificates before headers * This is propagated all the way to the browser window * When a query occurs, we retrieve it from there and fire the query with those stored certificates. * The serial number is a bignum, store it as hex. Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org> | ||||
* | curl: Change where we lodge `inside_curl` | Daniel Silverstone | 2019-08-02 | 1 | -6/+2 |
| | | | | | | | | Because we need to be slightly more careful now, lodge ourselves `inside_curl` whenever we might be processing via the cURL messages or similar. Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org> | ||||
* | curl: Immediately abort fetchers when we can | Daniel Silverstone | 2019-08-02 | 1 | -17/+24 |
| | | | | Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org> | ||||
* | content/fetchers/curl.c: Defer fetch start if inside cURL | Daniel Silverstone | 2019-06-05 | 1 | -0/+16 |
| | | | | | | | | In order to cope better with modern cURL which prevents making cURL calls when inside a callback from within cURL, defer fetch start when we are processing in `fetch_curl_data()`. Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org> | ||||
* | make curl fetcher log debug using NSLOG | Vincent Sanders | 2019-05-28 | 1 | -16/+26 |
| | | | | | | | stop curl fetcher logging being special case to standard error and use the fetch catagory at DEBUG level instead. The special suppress_curl_debug option is currently still obeyed | ||||
* | Curl fetcher: Force HTTP1.1 to fix HTTP2 crash. | Michael Drake | 2019-05-06 | 1 | -0/+4 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On ubuntu 19.4, curl is built with HTTP2 support, and we segfault. ==18174== Invalid read of size 1 ==18174== at 0x4ACCE7D: ??? (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.5.0) ==18174== by 0x4B054B1: ??? (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.5.0) ==18174== by 0x4AD398A: ??? (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.5.0) ==18174== by 0x4AD7A0B: ??? (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.5.0) ==18174== by 0x4AE93EE: ??? (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.5.0) ==18174== by 0x4AEA8A8: curl_multi_perform (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.5.0) ==18174== by 0x1F2EF7: fetch_curl_poll (curl.c:1209) ==18174== by 0x1EEC5C: fetcher_poll (fetch.c:271) ==18174== by 0x2A1ED4: schedule_run (schedule.c:160) ==18174== by 0x15F941: framebuffer_run (gui.c:596) ==18174== by 0x15F941: main (gui.c:2206) ==18174== Address 0x9de95a8 is 3,224 bytes inside a block of size 6,304 free'd ==18174== at 0x483997B: free (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) ==18174== by 0x4AD497B: ??? (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.5.0) ==18174== by 0x4AE158C: curl_easy_cleanup (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.5.0) ==18174== by 0x1F30DE: fetch_curl_cache_handle (curl.c:761) ==18174== by 0x1F30DE: fetch_curl_stop (curl.c:840) ==18174== by 0x1F30DE: fetch_curl_done (curl.c:1122) ==18174== by 0x1F30DE: fetch_curl_poll (curl.c:1223) ==18174== by 0x1EEC5C: fetcher_poll (fetch.c:271) ==18174== by 0x2A1ED4: schedule_run (schedule.c:160) ==18174== by 0x15F941: framebuffer_run (gui.c:596) ==18174== by 0x15F941: main (gui.c:2206) ==18174== Block was alloc'd at ==18174== at 0x483AB35: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) ==18174== by 0x4AE165F: curl_easy_duphandle (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.5.0) ==18174== by 0x1F15EB: fetch_curl_get_handle (curl.c:738) ==18174== by 0x1F15EB: fetch_curl_start (curl.c:750) ==18174== by 0x1EEB22: fetch_dispatch_job (fetch.c:156) ==18174== by 0x1EEB22: fetch_choose_and_dispatch (fetch.c:187) ==18174== by 0x1EEB22: fetch_dispatch_jobs (fetch.c:247) ==18174== by 0x1EF1BB: fetch_start (fetch.c:573) ==18174== by 0x26C779: llcache_object_refetch (llcache.c:916) ==18174== by 0x26D5E4: llcache_object_fetch (llcache.c:979) ==18174== by 0x26D5E4: llcache_object_retrieve_from_cache (llcache.c:1767) ==18174== by 0x26D5E4: llcache_object_retrieve (llcache.c:1865) ==18174== by 0x26E42C: llcache_fetch_redirect (llcache.c:2110) ==18174== by 0x26E42C: llcache_fetch_callback (llcache.c:2810) ==18174== by 0x1F1295: fetch_curl_process_headers (curl.c:922) ==18174== by 0x1F13A0: fetch_curl_data (curl.c:1324) ==18174== by 0x4ACD4C3: ??? (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.5.0) ==18174== by 0x4AE00DA: ??? (in /usr/lib/x86_64-linux-gnu/libcurl.so.4.5.0) | ||||
* | data url handler: drop logging to DEEPDEBUG. | Michael Drake | 2019-05-05 | 1 | -1/+1 |
| | |||||
* | data url handler: Keep nsurl to avoid copy. | Michael Drake | 2019-05-05 | 1 | -15/+8 |
| | |||||
* | data url handling: avoid needless allocation / copy. | Michael Drake | 2019-05-05 | 1 | -11/+2 |
| | |||||
* | data URL handler: constify some string pointers. | Michael Drake | 2019-05-05 | 1 | -2/+2 |
| | |||||
* | Curl fetcher: Jiggle logging levels. | Michael Drake | 2018-08-09 | 1 | -2/+2 |
| | |||||
* | Curl fetcher: Move poll logging from INFO to DEEPDEBUG. | Michael Drake | 2018-08-09 | 1 | -2/+2 |
| | |||||
* | HTTPS: restrict ciphersuites | John-Mark Bell | 2018-04-22 | 1 | -0/+18 |
| | |||||
* | Explicitly re-enable TLS session tickets. | John-Mark Bell | 2018-04-22 | 1 | -0/+4 |
| | | | | Libcurl disables this by default. | ||||
* | Force SSL session caching on, Ubuntu seems to have it off by default | Daniel Silverstone | 2018-04-22 | 1 | -0/+3 |
| | |||||
* | Revert "Disable SSL session ID caching." | Daniel Silverstone | 2018-04-22 | 1 | -3/+0 |
| | | | | This reverts commit debe0e345bf453a58bf319a84d5845cce6b38d8e. | ||||
* | Use coccinelle to change logging macro calls in c files | Vincent Sanders | 2017-09-06 | 3 | -39/+64 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | for F in $(git ls-files '*.c');do spatch --sp-file foo.cocci --in-place ${F};done @@ expression E; @@ -LOG(E); +NSLOG(netsurf, INFO, E); @@ expression E, E1; @@ -LOG(E, E1); +NSLOG(netsurf, INFO, E, E1); @@ expression E, E1, E2; @@ -LOG(E, E1, E2); +NSLOG(netsurf, INFO, E, E1, E2); @@ expression E, E1, E2, E3; @@ -LOG(E, E1, E2, E3); +NSLOG(netsurf, INFO, E, E1, E2, E3); @@ expression E, E1, E2, E3, E4; @@ -LOG(E, E1, E2, E3, E4); +NSLOG(netsurf, INFO, E, E1, E2, E3, E4); @@ expression E, E1, E2, E3, E4, E5; @@ -LOG(E, E1, E2, E3, E4, E5); +NSLOG(netsurf, INFO, E, E1, E2, E3, E4, E5); @@ expression E, E1, E2, E3, E4, E5, E6; @@ -LOG(E, E1, E2, E3, E4, E5, E6); +NSLOG(netsurf, INFO, E, E1, E2, E3, E4, E5, E6); @@ expression E, E1, E2, E3, E4, E5, E6, E7; @@ -LOG(E, E1, E2, E3, E4, E5, E6, E7); +NSLOG(netsurf, INFO, E, E1, E2, E3, E4, E5, E6, E7); | ||||
* | create netsurf inttypes header to have portable integer formatting macros | Vincent Sanders | 2017-01-21 | 3 | -0/+3 |
| | |||||
* | Fix OpenSSL X509 cert API detection | Vincent Sanders | 2016-11-21 | 1 | -2/+4 |
| | | | | | LibreSSL defines a OPENSSL_VERSION_NUMBER of 2.1 but only provides the old OpenSSL 1.0.x API. | ||||
* | fix openSSL 1.1.0 X509 certificate handling | Vincent Sanders | 2016-11-20 | 1 | -9/+23 |
| | |||||
* | fix unecessary base64 header include | Vincent Sanders | 2016-11-19 | 1 | -1/+1 |
| | |||||
* | Remove internal BASE64 in favour of nsutils' one | Daniel Silverstone | 2016-11-19 | 1 | -3/+6 |
| | |||||
* | document file fetcher being locale dependant | Vincent Sanders | 2016-09-10 | 1 | -1/+5 |
| | |||||
* | Buildsystem: Make curl/openssl usage build-time options. | Michael Drake | 2016-08-13 | 1 | -2/+4 |
| | |||||
* | URL unescape: return the new length to the caller. | Michael Drake | 2016-07-24 | 1 | -3/+2 |
| | | | | | | | | The avoids situations were we threw away the length, only for the caller to have to strlen the returned string. Note, there seems to be a case of the amiga front end writing beyond end of allocation. Added a TODO for now. | ||||
* | Data URL handling: Use url_unescape rather than curl. | Michael Drake | 2016-07-24 | 1 | -13/+10 |
| | |||||
* | Whitespace: Convert spaces to tab for indent. | Michael Drake | 2016-07-24 | 1 | -3/+3 |
| | |||||
* | Refactor the fdset acquisition into the fetchers to stop fetch.c including ↵ | Daniel Silverstone | 2016-06-27 | 1 | -0/+18 |
| | | | | curl.h | ||||
* | Fix handling of certificate chains | Vincent Sanders | 2016-06-27 | 1 | -145/+251 |
| | | | | | | | When processing a x509 certificate chain from openssl it is necessary to allow teh entire chain to be processed rather than halting processing at the first certificate with an error. This allows errors with a certificate authority to be examined. | ||||
* | Allow include directories to be added by sub makefiles | Vincent Sanders | 2016-06-06 | 1 | -1/+1 |
| | |||||
* | Update content to split public and internal API | Vincent Sanders | 2016-06-06 | 1 | -1/+0 |
| | |||||
* | move fetch header into public API | Vincent Sanders | 2016-05-30 | 3 | -3/+3 |
| | |||||
* | move misc header into public API | Vincent Sanders | 2016-05-30 | 1 | -1/+1 |
| |