GothenburgBitFactory/taskwarrior
1
0
Fork 0
mirror of https://github.com/GothenburgBitFactory/taskwarrior.git synced 2025-06-26 10:54:26 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
7549 commits 6 branches 57 tags 42 MiB
Commit graph

44 commits

Author SHA1 Message Date
Paul Beckingham
5110a83efa Cleanup: Corrected object initialization using {} 2015-10-16 08:22:03 -04:00
Paul Beckingham
5f9a543b1b TLS: Diagnostics 
- When a certificate fails validation, display the full set of reasons, in
  debug mode.
 2015-04-26 20:52:34 -04:00
Paul Beckingham
75775786e6 TLS: Fixed version conditional 
- The call to gnutls_certificate_verification_status_print was protected by an
  #ifdef which had the wrong GnuTLS version number.
 2015-04-26 20:51:46 -04:00
Paul Beckingham
caa8c8e884 TLS: Fixed cert verification bug 
- When a cert was unreadable, instead of exiting verification with a value of
  GNUTLS_E_CERTIFICATE_ERROR, the value was assigned to 'status', which has
  different semantics.
 2015-04-26 20:51:08 -04:00
Paul Beckingham
b7ad091d00 Updated copyright to 2015 2015-01-01 00:00:41 -05:00
Paul Beckingham
2c6b3b3991 TD-79 
- TD-79 Bad error message for wrong hostname configuration (thanks to Jens
        Erat).
 2014-10-23 22:46:50 -04:00
Paul Beckingham
1a1bda18ce TLSClient 
- Rearranged includes, now matches taskd.
 2014-09-18 22:28:47 -04:00
Paul Beckingham
748ca4896f TLS 
- Added many more diagnostics for when GnuTLS calls fail.
- Fixed bug whereby hostname verification failed no matter what.
 2014-09-16 00:02:18 -04:00
Paul Beckingham
01d96c25c4 TLS Errors 
- Added TLS error to output during client init.
 2014-09-15 17:02:52 -04:00
atomicules
7c6618e50a TLSServer/Client need to include <errno.h> on NetBSD 
Same fix applied as per Solaris. See TD-55 and
c60ec0b6ee
 2014-08-23 12:05:00 -04:00
Paul Beckingham
c60ec0b6ee TD-55 
- TD-55 TLSServer/Client need to include <errno.h> on Solaris (thanks to Tatjana
        Heuser).
 2014-05-23 16:23:51 -04:00
Paul Beckingham
7f3e42e4e1 TLS 
- Reworded error messages for bad PEM files (thanks to catern).
 2014-05-12 22:04:01 -04:00
Paul Beckingham
ea6ff48d58 Portability 
- Attempt 4 to eliminate build warning without causing problems.
 2014-05-11 10:44:51 -04:00
Paul Beckingham
325d0d1738 Documentation 
- Mentioned the hostname verification.
 2014-04-05 10:37:53 -04:00
Alexander Sulfrian
7fb1487993 TLSClient: add hostname verifcation 
The CN or subjectAltNames of the TLS certification is now matched with
the hostname connected to.

taskd.trust is now a tristate value (allow all, ignore hostname,
strict) to optionally disable the new hostname verification.
 2014-03-22 13:17:40 -04:00
Alexander Sulfrian
fdcc04d13e TLSClient: add verify_certificate as member function 
Certificate verification is now done in a member function of the
TLSClient, so that the member variables could be accessed.
 2014-03-22 12:55:06 -04:00
Paul Beckingham
40dd95ddfb Code Cleanup 
- Removed debugging and redundant code.
- Removed socket cast.
- Added diagnostic message on handshake fail.
 2014-03-17 18:45:02 -04:00
Alexander Sulfrian
88b94ac2fc TLSClient: do certification verification with old gnutls 
The automatic verification for the server certificate with
gnutls_certificate_set_verify_function does only work with gnutls
>=2.9.10. So with older versions we should call the verify function
manually after the gnutls handshake.

Signed-off-by: Paul Beckingham <paul@beckingham.net>
 2014-03-17 14:38:42 -04:00
Marton Suranyi
c7ebe6b3e2 iBug #1511 
- #1511 sync init crashes if client certification file is empty or invalid
        (thanks to Marton Suranyi).

Signed-off-by: Paul Beckingham <paul@beckingham.net>
 2014-01-31 09:00:28 -05:00
Paul Beckingham
341c2fb474 Bug 
- Removed debugging code.
 2014-01-15 23:19:41 -05:00
Paul Beckingham
8ed92ca498 Copyright 
- Bumped copyright to 2014, ready for release.
 2014-01-01 13:32:22 -05:00
Paul Beckingham
0df30a5be0 Sync 
- Default TLS cipher selection, with override (thanks to Zed Jorarard).
- Updated documentation.
 2013-11-16 15:07:45 -05:00
Paul Beckingham
7fa3f71575 TLS 
- Connected code paths to use CA or trust.
 2013-11-03 12:51:13 -05:00
Paul Beckingham
ef6153334a Merge branch '2.3.0' of tasktools.org:task into 2.3.0 2013-10-31 19:18:23 -04:00
Paul Beckingham
9a7752b07a Portability 
- Fixed OpenBSD build error (thanks to Aaron Bieber).
 2013-10-31 19:17:06 -04:00
Paul Beckingham
9dbad51062 Portability 
- Added version-specific GnuTLS calls.
 2013-10-30 23:51:07 -04:00
Paul Beckingham
169cc7b5cb Code Cleanup 
- Removed unused header.
- Added ctor initialization.
- Removed misleading comment.
 2013-10-30 00:20:38 -04:00
Paul Beckingham
517e48506e TLS 
- Corrected ::recv error handling.
 2013-10-29 23:05:21 -04:00
Paul Beckingham
b77ac4114c Certificates 
- Added feedback from GnuTLS to the handshake diagnistic message.
 2013-10-29 23:04:48 -04:00
Paul Beckingham
1725460728 Certificates 
- Stores the socket in the session.
 2013-10-29 23:04:12 -04:00
Paul Beckingham
7c08ce749f Certificates 
- Stores the host name in the session, for handѕhake validation.
 2013-10-29 23:03:21 -04:00
Paul Beckingham
eda9ac56da Certificates 
- Added certificate verification callback.
 2013-10-29 23:02:32 -04:00
Paul Beckingham
5a0dfa634c Certificates 
- Implemented TLSClient::trust, which overrides certifcate validation.
 2013-10-29 22:59:04 -04:00
Paul Beckingham
6fc065e03e Certificates 
- CA is now checked for existence before use.
- Error messages no longer have 'ERROR:' prepended.
 2013-09-16 00:06:49 -04:00
Paul Beckingham
2a5bf05590 TLS 
- Error strings were being constructed incorrectly.
- Client-side handshake errors were treated as recoverable.
- TLS errors were being displayed as debug messages, not errors.
 2013-09-15 01:55:03 -04:00
Paul Beckingham
779e32540a Portability 
- Included the wrong errno.h (thanks to natano).
 2013-07-20 09:17:19 -04:00
Paul Beckingham
11051fbf61 Build 
- Eliminated build warnings.
 2013-06-09 00:55:18 -04:00
Paul Beckingham
8e5b57954d TLS 
- Fixed loop termination bug.
- Chose a better default buffer size.
 2013-06-08 23:34:06 -04:00
Paul Beckingham
00f8f56c00 TLS 
- Associated debugging output with log level > 0.
- Fixed bug where TLSClient::_limit was uninitialized.
 2013-05-19 20:04:19 -04:00
Paul Beckingham
adf374eb06 Build Warnings 
- Eliminated warnings in TLS code.
 2013-05-15 00:44:52 -04:00
Paul Beckingham
39228808eb Build Error 
- More missing/wrong includes.
 2013-05-12 15:43:03 -04:00
Paul Beckingham
2db34640a6 Build Error 
- Missing include.
 2013-05-12 12:19:36 -04:00
Paul Beckingham
dcc9554da8 Build Errors 
- Added missing includes.
 2013-05-12 12:15:15 -04:00
Paul Beckingham
1e9fb8eebc Sync 
- Implemented sync over TLS.
- Obsoleted the Socket code, replacing it with TLSClient, TLSServer.
- Added task server details to the 'diagnostics' command output.
- 'rc.debug.tls' controls the GnuTLS log level.
- Removed redundant cmake diagnostics.
 2013-05-12 01:05:58 -04:00
Renamed from src/Socket.cpp (Browse further)