luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bd15d8beb3
curl/lib/vtls
History
Stefan Eissing 43012cb3af
ssl session cache: add exportable flag 
Give peers and `exportable` flag, set TRUE when sessions for this peer
should not be exported. This evalualtes if the peer uses confidential
information (like srp username/password), a client certificate OR if the
"ssl_peer_key" contains relative paths.

When SSL is configured with paths for relevant components, like CA trust
anchors, an attempt is made to make this path absolute. When that does
not work or the infrstructure is not available, the peer key is marked
as *local*.

Exporting sessions based on relative paths may lead to confusion when
later imported in another execution context.

Closes #16322
2025-02-17 14:25:30 +01:00
..
.checksrc strparse: switch to curl_off_t as base data type 2025-02-15 21:58:48 +01:00
bearssl.c vtls: only remember the expiry timestamp in session cache 2024-12-30 16:14:52 +01:00
bearssl.h
cipher_suite.c lib: use bool/TRUE/FALSE properly 2024-10-03 09:31:56 +02:00
cipher_suite.h
gtls.c tidy-up: make per-file ARRAYSIZE macros global as CURL_ARRAYSIZE 2025-02-07 14:21:59 +01:00
gtls.h vtls: only remember the expiry timestamp in session cache 2024-12-30 16:14:52 +01:00
hostcheck.c
hostcheck.h
keylog.c lib: use bool/TRUE/FALSE properly 2024-10-03 09:31:56 +02:00
keylog.h
mbedtls_threadlock.c
mbedtls_threadlock.h
mbedtls.c all: remove FIXME and TODO comments 2025-02-10 14:44:06 +01:00
mbedtls.h
openssl.c openssl: remove bad gotos into other scope 2025-02-17 08:46:11 +01:00
openssl.h openssl: define HAVE_KEYLOG_CALLBACK before use 2025-01-28 11:15:10 +01:00
rustls.c vtls: remove 'detach/attach' functions from TLS handler struct 2024-12-18 15:52:03 +01:00
rustls.h
schannel_int.h schannel: fix TLS cert verification by IP SAN 2024-10-31 08:59:37 +01:00
schannel_verify.c tool_getpass: restore UWP getpass_r(), fixup CI builds, fix UWP -Wnull-dereference 2024-11-26 13:01:57 +01:00
schannel.c strparse: switch to curl_off_t as base data type 2025-02-15 21:58:48 +01:00
schannel.h msvc: add missing push/pop for warning pragmas 2025-01-27 20:59:47 +01:00
sectransp.c lib: use Curl_str_* instead of strtok_r() 2025-02-17 13:18:28 +01:00
sectransp.h
vtls_int.h lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
vtls_scache.c ssl session cache: add exportable flag 2025-02-17 14:25:30 +01:00
vtls_scache.h multihandle: add an ssl_scache here 2025-01-13 10:32:03 +01:00
vtls_spack.c vtls: feature ssls-export for SSL session im-/export 2025-01-08 23:32:07 +01:00
vtls_spack.h vtls: feature ssls-export for SSL session im-/export 2025-01-08 23:32:07 +01:00
vtls.c all: remove FIXME and TODO comments 2025-02-10 14:44:06 +01:00
vtls.h lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
wolfssl.c wolfssl: when using PQ KEM, use ML-KEM, not Kyber 2025-02-14 22:58:53 +01:00
wolfssl.h lib: TLS session ticket caching reworked 2024-12-20 14:59:23 +01:00
x509asn1.c tidy-up: delete, comment or scope C macros reported unused 2025-02-14 10:37:14 +01:00
x509asn1.h x509asn1: add parse recursion limit 2025-02-03 20:10:09 +01:00