luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73f62acaa2
curl/lib/vtls
History
Justin Maggard 88cae14550
mbedtls: add more informative logging 
After TLS handshare, indicate which TLS version was negotiated in
addition to the cipher in the handshake completed log message.

Also use the verify callback for certificate logging and collection.
This allows things to work even when MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
is disabled in the mbedtls library.

And lastly, catch certificate validation errors later so we can give the
user more informative error messages that indicate what the failure was
from certificate validation.

Tested on both current LTS versions (2.28 and 3.6).

Closes #14444
2024-08-17 10:57:45 +02:00
..
bearssl.c spnego_gssapi: implement TLS channel bindings for openssl 2024-08-12 19:16:54 +02:00
bearssl.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
cipher_suite.c rustls: add support for setting TLS version and ciphers 2024-08-16 09:55:02 +02:00
cipher_suite.h rustls: add support for setting TLS version and ciphers 2024-08-16 09:55:02 +02:00
gtls.c gnutls/wolfssl: improve error message when certificate fails 2024-08-14 11:47:01 +02:00
gtls.h connection: shutdown TLS (for FTP) better 2024-06-10 13:08:12 +02:00
hostcheck.c code: language cleanup in comments 2024-07-01 22:58:55 +02:00
hostcheck.h code: language cleanup in comments 2024-07-01 22:58:55 +02:00
keylog.c tls: use shared init code for TCP+QUIC 2024-04-09 09:08:05 +02:00
keylog.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
mbedtls_threadlock.c mbedtls: properly cleanup the thread-shared entropy 2024-03-12 03:09:37 -04:00
mbedtls_threadlock.h tidy-up: one comment and EOF newlines 2024-03-12 15:38:44 +00:00
mbedtls.c mbedtls: add more informative logging 2024-08-17 10:57:45 +02:00
mbedtls.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
openssl.c vtls: fix static function name collisions between TLS backends 2024-08-13 09:28:27 +02:00
openssl.h openssl: stop duplicate ssl key logging for legacy OpenSSL 2024-05-24 15:22:53 -04:00
rustls.c rustls: add support for setting TLS version and ciphers 2024-08-16 09:55:02 +02:00
rustls.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
schannel_int.h code: language cleanup in comments 2024-07-01 22:58:55 +02:00
schannel_verify.c tidy-up: misc spelling (bit, ASCII) 2024-08-15 15:30:09 +02:00
schannel.c spnego_gssapi: implement TLS channel bindings for openssl 2024-08-12 19:16:54 +02:00
schannel.h build: do not publish HAVE_BORINGSSL, HAVE_AWSLC macros 2023-10-08 22:29:45 +00:00
sectransp.c vtls: fix static function name collisions between TLS backends 2024-08-13 09:28:27 +02:00
sectransp.h copyright: update all copyright lines and remove year ranges 2023-01-03 09:19:21 +01:00
vtls_int.h spnego_gssapi: implement TLS channel bindings for openssl 2024-08-12 19:16:54 +02:00
vtls.c spnego_gssapi: implement TLS channel bindings for openssl 2024-08-12 19:16:54 +02:00
vtls.h spnego_gssapi: implement TLS channel bindings for openssl 2024-08-12 19:16:54 +02:00
wolfssl.c gnutls/wolfssl: improve error message when certificate fails 2024-08-14 11:47:01 +02:00
wolfssl.h wolfssl: improve shutdown handling 2024-08-05 08:49:20 +02:00
x509asn1.c x509asn1: raise size limit for x509 certification information 2024-08-02 23:20:57 +02:00
x509asn1.h x509asn1: unittests and fixes for gtime2str 2024-07-30 23:08:59 +02:00