| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
|
|
|
|
|
|
|
|
|
| |
Instead of extracting information from the X509 certificate chain in
the fetcher the entire chain is propagated in Distinguished Encoding
Rules (DER) format.
This allows all the information contained in a certificate chain to be
retained which can subsequently be presented to the user
|
|
|
|
| |
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
|
|
|
|
| |
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
|
|
|
|
|
|
|
|
| |
Since OpenSSL 1.0.2 there has been hostname verification support
which cURL doesn't turn on for some reason. Turn it on so that
we get better hostname verification handling.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
|
|
|
|
|
| |
This adds an ssl faliure code and explanation why curl fetcher
does not currently set it.
|
|
In doing this, also propagate why the certificates were bad
so that the page can display a reason. We will need FatMessages
for all these.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
|