#
9d32724c |
| 01-Nov-2024 |
Viktor Szakats |
certs: add missing `-CAcreateserial` option for LibreSSL Also: - display openssl path and version. - quote a string. Follow-up to 9b0c0d6ade052c46cf72d2fd43017bacb0ba07f6 #1
certs: add missing `-CAcreateserial` option for LibreSSL Also: - display openssl path and version. - quote a string. Follow-up to 9b0c0d6ade052c46cf72d2fd43017bacb0ba07f6 #15129 Closes #15471
show more ...
|
#
9b0c0d6a |
| 02-Oct-2024 |
Viktor Szakats |
tests: let openssl generate random cert serials Generate the certificate serial numbers automatically instead of doing from shell (or Perl earlier). Fixes intermittent CI failur
tests: let openssl generate random cert serials Generate the certificate serial numbers automatically instead of doing from shell (or Perl earlier). Fixes intermittent CI failures due to the shell-based random generator generating the same serial number twice: ``` $ openssl ca -config EdelCurlRoot-ca.cnf -revoke Server-localhost0h-sv.crt Using configuration from EdelCurlRoot-ca.cnf ERROR:Already revoked, serial number 66FDB23A make: *** [../../../tests/certs/Server-localhost0h-sv.pem] Error 1 ``` https://github.com/curl/curl/actions/runs/11151401083/job/30994755798?pr=15128#step:10:498 Follow-up to fa461b4eff52b413f88debf543b5350a6cef4724 #14486 Follow-up to fa69b41c7790fab86fd363242c81d8ef2e89e183 #13307 Closes #15129
show more ...
|
#
fa69b41c |
| 07-Apr-2024 |
Viktor Szakats |
GHA: add shellcheck job and fix warnings, shell tidy-ups Reviewed-by: Daniel Stenberg Closes #13307
|
#
2bc1d775 |
| 02-Jan-2023 |
Daniel Stenberg |
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - save
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205
show more ...
|
#
ef07452a |
| 23-Dec-2022 |
Paul Howarth |
tests: avoid use of sha1 in certificates The SHA-1 algorithm is deprecated (particularly for security-sensitive applications) in a variety of OS environments. This already affects RH
tests: avoid use of sha1 in certificates The SHA-1 algorithm is deprecated (particularly for security-sensitive applications) in a variety of OS environments. This already affects RHEL-9 and derivatives, which are not willing to use certificates using that algorithm. The fix is to use sha256 instead, which is already used for most of the other certificates in the test suite. Fixes #10135 This gets rid of issues related to sha1 signatures. Manual steps after "make clean-certs" and "make build-certs": - Copy tests/certs/stunnel-sv.pem to tests/stunnel.pem (make clean-certs does not remove the original tests/stunnel.pem) - Copy tests/certs/Server-localhost-sv.pubkey-pinned into --pinnedpubkey options of tests/data/test2041 and tests/data/test2087 Closes #10153
show more ...
|
#
f7029718 |
| 25-Nov-2022 |
Stefan Eissing |
tests: add authorityInfoAccess to generated certs Generate stunnel.pem as well Closes #9980
|
#
9178208a |
| 02-Sep-2022 |
Daniel Stenberg |
tests/certs/scripts: insert standard curl source headers ... including the SPDX-License-Identifier. These omissions were not detected by the RUEUSE CI job nor the copyright.pl s
tests/certs/scripts: insert standard curl source headers ... including the SPDX-License-Identifier. These omissions were not detected by the RUEUSE CI job nor the copyright.pl scanners because we have a general wildcard in .reuse/dep5 for "tests/certs/*". Reported-by: Samuel Henrique Fixes #9417 Closes #9420
show more ...
|
Revision tags: curl-7_76_1, curl-7_76_0, curl-7_75_0, curl-7_74_0, curl-7_73_0, tiny-curl-7_72_0, curl-7_72_0, curl-7_71_1, curl-7_71_0, curl-7_70_0 |
|
#
9a8b3b3e |
| 23-Mar-2020 |
Daniel Stenberg |
copyright: fix out-of-date copyright ranges and missing headers Reported by the new script 'scripts/copyright.pl'. The script has a regex whitelist for the files that don't need copyrigh
copyright: fix out-of-date copyright ranges and missing headers Reported by the new script 'scripts/copyright.pl'. The script has a regex whitelist for the files that don't need copyright headers. Removed three (mostly usesless) README files from docs/ Closes #5141
show more ...
|
Revision tags: curl-7_69_1, curl-7_69_0, curl-7_68_0, curl-7_67_0, curl-7_66_0, curl-7_65_3, curl-7_65_2, curl-7_65_1, curl-7_65_0, curl-7_64_1, curl-7_64_0, curl-7_63_0, curl-7_62_0 |
|
#
b801b453 |
| 23-Sep-2018 |
Viktor Szakats |
whitespace fixes - replace tabs with spaces where possible - remove line ending spaces - remove double/triple newlines at EOF - fix a non-UTF-8 character - cleanup a few inde
whitespace fixes - replace tabs with spaces where possible - remove line ending spaces - remove double/triple newlines at EOF - fix a non-UTF-8 character - cleanup a few indentations/line continuations in manual examples Closes https://github.com/curl/curl/pull/3037
show more ...
|
#
ba782baa |
| 19-Sep-2018 |
Daniel Stenberg |
certs: generate tests certs with sha256 digest algorithm As OpenSSL 1.1.1 starts to complain and fail on sha1 CAs: "SSL certificate problem: CA signature digest algorithm too weak"
certs: generate tests certs with sha256 digest algorithm As OpenSSL 1.1.1 starts to complain and fail on sha1 CAs: "SSL certificate problem: CA signature digest algorithm too weak" Closes #3014
show more ...
|
Revision tags: curl-7_61_1, curl-7_61_0, curl-7_60_0, curl-7_59_0, curl-7_58_0, curl-7_57_0, curl-7_56_1, curl-7_56_0, curl-7_55_1, curl-7_55_0, curl-7_54_1, curl-7_54_0, curl-7_53_1, curl-7_53_0, curl-7_52_1, curl-7_52_0, curl-7_51_0, curl-7_50_3, curl-7_50_2, curl-7_50_1, curl-7_50_0, curl-7_49_1, curl-7_49_0, curl-7_48_0, curl-7_47_1, curl-7_47_0, curl-7_46_0, curl-7_45_0, curl-7_44_0, curl-7_43_0, curl-7_42_1, curl-7_42_0 |
|
#
38c304a5 |
| 21-Mar-2015 |
Dan Fandrich |
tests/certs: added make target to rebuild certificates The certificate generation scripts were also updated to better match the format of the certificates currently checked in.
|
Revision tags: curl-7_41_0, curl-7_40_0, curl-7_39_0, curl-7_38_0, curl-7_37_1, curl-7_37_0, curl-7_36_0, curl-7_35_0, curl-7_34_0, curl-7_33_0, curl-7_32_0, curl-7_31_0, curl-7_30_0, curl-7_29_0, curl-7_28_1, curl-7_28_0, curl-7_27_0, curl-7_26_0, curl-7_25_0, curl-7_24_0, curl-7_23_1, curl-7_23_0, curl-7_22_0, curl-7_21_7, curl-7_21_6, curl-7_21_5, curl-7_21_4, curl-7_21_3, curl-7_21_2, curl-7_21_1, curl-7_21_0 |
|
#
645bdd83 |
| 27-May-2010 |
Kamil Dudka |
tests/certs/scripts: generate also CRL ... and make it possible to do so without any user interaction
|
Revision tags: curl-7_20_1 |
|
#
a07bc791 |
| 14-Feb-2010 |
Yang Tse |
removed trailing whitespace
|
Revision tags: curl-7_20_0, curl-7_19_7, curl-7_19_6 |
|
#
e73fe837 |
| 11-Aug-2009 |
Daniel Stenberg |
- Peter Sylvester made the HTTPS test server use specific certificates for each test, so that the test suite can now be used to actually test the verification of cert names etc. This made
- Peter Sylvester made the HTTPS test server use specific certificates for each test, so that the test suite can now be used to actually test the verification of cert names etc. This made an error show up in the OpenSSL- specific code where it would attempt to match the CN field even if a subjectAltName exists that doesn't match. This is now fixed and verified in test 311.
show more ...
|