generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2025-07-02 00:43:27 +02:00
Code Issues Projects Releases Wiki Activity
5,965 Commits 159 Branches 73 Tags
Commit Graph

123 Commits

Author SHA1 Message Date
Günter Obiltschnig
27335031e1 fixed GH #2380: Calling Poco::Net::X509Certificate::addChainCertificate() leads to double free. 2019-06-22 18:11:05 +02:00
Günter Obiltschnig
ec8ea48062 SecureSMTPClientSession now uses _host from SMTPClientSession 2019-05-16 14:35:19 +02:00
Günter Obiltschnig
6000982c8b added preliminary TLSv1.3 support with OpenSSL version 1.1.1 2018-08-24 10:47:05 +02:00
proller
bada9ed2b9 Backport #2257 to Poco 1.9.1 2018-08-18 11:09:43 +02:00
Joerg-Christian Boehme
5fb10f6746 Set EVP private key on SSL context (#2259) 2018-06-03 11:27:32 -05:00
Günter Obiltschnig
8dc4223acb X509Certificate::verify(): use OpenSSL X509_check_host() and X509_check_ip_asc() if available 2018-03-05 22:17:31 +01:00
Günter Obiltschnig
451f05121e #2197: fix style 2018-03-05 22:15:39 +01:00
Günter Obiltschnig
38c9328db6 fix style 2018-03-05 19:54:01 +01:00
Joerg-Christian Boehme
4c05d4baf7 Improve ssl context, include a function to add CA certificates. 2018-03-05 13:37:45 +01:00
Günter Obiltschnig
320fa9c445 don't set _peerHostName from peerAddress 2017-12-21 14:32:08 +01:00
Günter Obiltschnig
04e7e04d4d Remove \$Id`$ headers 2017-09-09 11:14:06 +02:00
Günter Obiltschnig
75a7ee4b0f Crypto and NetSSL fixes for OpenSSL 1.1 2016-11-27 23:58:39 +01:00
Guenter Obiltschnig
3bd6689751 fixed GH #1472: HTTP(S)StreamFactory should send a User-Agent header 2016-10-26 12:58:52 +02:00
Guenter Obiltschnig
9bc12df4a2 style fix 2016-09-26 17:00:42 +02:00
Guenter Obiltschnig
7c37f18f84 fixed some warnings and minor issues detected by clang-analyzer 2016-09-13 11:37:12 +02:00
Guenter Obiltschnig
0b30bacb41 fixed GH #1303: HTTPSClientSession::sendRequest() fails if server has wildcard cert 2016-07-03 12:48:15 +02:00
Guenter Obiltschnig
d0e268fcbb use TLS_*_method() instead of deprecated SSLv23_*_method() if OpenSSL version is >= 1.1; initialize default/fallback client context to support all TLS protocols, not just TLSv1 2016-03-12 12:18:18 +01:00
Guenter Obiltschnig
ee9477afd3 fixed GH# 1184: Attempting to connect via a proxy throws a DNS error "Host not found" 2016-03-10 09:54:08 +01:00
Guenter Obiltschnig
f7ba58c80f fix for GH #1160: Poco::Net::NetException "SSL Exception: error:1409F07F:SSL routines:ssl3_write_pending:bad write retry 2016-02-26 20:15:58 +01:00
Guenter Obiltschnig
dee1efd56a added Context::preferServerCiphers() 2016-01-19 16:01:17 +01:00
Guenter Obiltschnig
82c6c5f149 added support for ECDH, new Context ctor 2016-01-19 15:19:14 +01:00
Guenter Obiltschnig
e9b2b3bcdd NetSSL: add support for disabling certain protocols 2016-01-19 11:36:02 +01:00
Guenter Obiltschnig
b124d5b392 merged doc fixes from develop branch 2015-10-10 17:32:31 +02:00
Guenter Obiltschnig
ef3946786a improved SSLManager to automatically set-up a reasonable client Context if none is configured 2015-10-06 09:41:31 +02:00
Guenter Obiltschnig
89816c0ea2 HTTPSessionInstantiator: respect global proxy config 2015-09-17 11:56:28 +02:00
Guenter Obiltschnig
3b31772717 fixed comments 2014-11-21 09:05:25 +01:00
Guenter Obiltschnig
781acfa0bd added nonProxyHosts to ProxyConfig to allow bypassing proxy for certain hosts 2014-11-11 22:54:44 +01:00
Guenter Obiltschnig
420c3b55a7 added support for global HTTP proxy configuration 2014-11-09 17:22:10 +01:00
Guenter Obiltschnig
558091d53f fixed a memory leak if the CA file was not found while creating the Context (the OpenSSL context would leak) 2014-10-18 17:22:07 +02:00
Guenter Obiltschnig
84adc737d4 - don't throw if SSL client unexpectedly closes connection as this seems to be the normal behavior of web browsers (seen with Chrome and IE) 2014-10-02 14:58:45 +02:00
Günter Obiltschnig
a2617235fe #538 more dtor fixes and some style fixes along the way 2014-09-29 12:09:01 +02:00
Guenter Obiltschnig
544229302e #538 prevent destructors from throwing exceptions 2014-09-19 09:46:49 +02:00
Guenter Obiltschnig
a56c21a250 style cleanup 2014-09-17 11:46:31 +02:00
Rangell Reale
21f2e115eb * Allows SecureStreamSocket::attach to be used in server connections 
* Move order of condition for isLocalHost in peer certificate verification, to skip DNS lookup if not needed
 2014-09-12 16:43:52 -03:00
Günter Obiltschnig
a4488f2f76 fixed server context initialization 2014-09-03 11:26:09 +02:00
Guenter Obiltschnig
1a81dbef15 enabled TLSv1.1 and 1.2 support in configuration 2014-09-02 18:54:12 +02:00
Guenter Obiltschnig
3f1e2c002a added support for TLSv1.1 and TLSv1.2 to Context 2014-09-02 17:30:02 +02:00
Guenter Obiltschnig
16ef87e6c8 added support for TLSv1.1 and TLSv1.2 to Context 2014-09-02 17:23:47 +02:00
Oldřich Jedlička
f4465ea1e3 Catch also NoAddressFoundException from DNS. 
The certificate validation might fail on NoAddressFoundException - if the
hostname from certificate could not be translated to IP address.
 2014-06-09 10:11:53 +02:00
Roger Meier
b0581433a7 LICENSE: add info about SPDX-License-Identifier usage and use it 
fix: remove executable flag and change back to 100644 (was 100755)

Signed-off-by: Roger Meier <r.meier@siemens.com>
 2014-05-14 08:38:09 +02:00
Guenter Obiltschnig
2341a1d236 SecureSMTPClientSession bugfix: save hostname for cert validation 2014-05-12 16:01:56 +02:00
Roger Meier
628a06f718 LICENSE: add info about SPDX-License-Identifier usage and use it 
Signed-off-by: Roger Meier <roger@bufferoverflow.ch>
 2014-05-04 21:02:42 +02:00
Guenter Obiltschnig
f764673c61 cert hostname validation is case insensitive and stricter for wildcard certificates 2014-04-09 17:05:54 +02:00
Guenter Obiltschnig
436737171d Poco::Net::X509Certificate::verify() no longer uses DNS reverse lookups to validate host names 2014-04-09 16:36:14 +02:00
Guenter Obiltschnig
3838d665a0 improved error handling, specifically socket timeouts 2013-12-13 12:36:24 +01:00
Guenter Obiltschnig
8f07db4aa3 various fixes - see CHANGELOG 2013-11-14 21:54:41 +01:00
Guenter Obiltschnig
981b0a1ae4 fixed GH# 251: HTTPStreamFactory::unregisterFactory missing implementation? 2013-08-02 18:07:36 +02:00
Guenter Obiltschnig
476a7e4f31 fixed a potential endless loop in SecureStreamSocketImpl::sendBytes() 
and also removed unnecessary code
 2013-05-25 00:07:27 +02:00
Alex
ed24d96dda edited for coding standard compliance 2013-01-16 23:14:34 -06:00
Henrique Magarotto
f269e1ca23 ssl & unclean shutdown response 2013-01-15 17:58:10 -02:00