luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
00ac47bfaa
curl/lib/vtls
History
Jay Satiro 889c071d3c schannel: verify hostname independent of verify cert 
Prior to this change when CURLOPT_SSL_VERIFYPEER (verifypeer) was off
and CURLOPT_SSL_VERIFYHOST (verifyhost) was on we did not verify the
hostname in schannel code.

This fixes KNOWN_BUG 2.8 "Schannel disable CURLOPT_SSL_VERIFYPEER and
verify hostname". We discussed a fix several years ago in #3285 but it
went stale.

Assisted-by: Daniel Stenberg

Bug: https://curl.haxx.se/mail/lib-2018-10/0113.html
Reported-by: Martin Galvan

Ref: https://github.com/curl/curl/pull/3285

Fixes https://github.com/curl/curl/issues/3284
Closes https://github.com/curl/curl/pull/10056
2023-08-11 12:27:18 -04:00
..
bearssl.c bearssl: don't load CA certs when peer verification is disabled 2023-07-27 03:39:19 -04:00
bearssl.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
gtls.c cmake: add support for "unity" builds 2023-06-07 13:06:08 +00:00
gtls.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
hostcheck.c gskit: remove 2023-08-07 20:57:48 +02:00
hostcheck.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
keylog.c copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
keylog.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
mbedtls_threadlock.c copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
mbedtls_threadlock.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
mbedtls.c trace: make tracing available in non-debug builds 2023-08-03 17:32:25 +02:00
mbedtls.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
openssl.c openssl: auto-detect SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED 2023-08-08 09:10:04 +00:00
openssl.h ngtcp2: add CURLOPT_SSL_CTX_FUNCTION support for openssl+wolfssl 2023-01-10 13:41:21 +01:00
rustls.c trace: make tracing available in non-debug builds 2023-08-03 17:32:25 +02:00
rustls.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
schannel_int.h schannel: verify hostname independent of verify cert 2023-08-11 12:27:18 -04:00
schannel_verify.c schannel: verify hostname independent of verify cert 2023-08-11 12:27:18 -04:00
schannel.c schannel: verify hostname independent of verify cert 2023-08-11 12:27:18 -04:00
schannel.h schannel: verify hostname independent of verify cert 2023-08-11 12:27:18 -04:00
sectransp.c trace: make tracing available in non-debug builds 2023-08-03 17:32:25 +02:00
sectransp.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
vtls_int.h gskit: remove 2023-08-07 20:57:48 +02:00
vtls.c gskit: remove 2023-08-07 20:57:48 +02:00
vtls.h vtls: clarify "ALPN: offers" message 2023-08-01 08:16:14 +02:00
wolfssl.c crypto: ensure crypto initialization works 2023-08-08 10:44:01 +02:00
wolfssl.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
x509asn1.c gskit: remove 2023-08-07 20:57:48 +02:00
x509asn1.h gskit: remove 2023-08-07 20:57:48 +02:00