mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-02-11 14:50:40 +08:00
Code Issues Packages Projects Releases Wiki Activity
23c3f81ed7
curl/lib/vtls
History
Nathan Moinvaziri f6700c744b schannel: fix ordering of cert chain info 
- Use CERT_CONTEXT's pbCertEncoded to determine chain order.

CERT_CONTEXT from SECPKG_ATTR_REMOTE_CERT_CONTEXT contains
end-entity/server certificate in pbCertEncoded. We can use this pointer
to determine the order of certificates when enumerating hCertStore using
CertEnumCertificatesInStore.

This change is to help ensure that the ordering of the certificate chain
requested by the user via CURLINFO_CERTINFO has the same ordering on all
versions of Windows.

Prior to this change Schannel certificate order was reversed in 8986df80
but that was later reverted in f540a39b when it was discovered that
Windows 11 22H2 does the reversal on its own.

Ref: https://github.com/curl/curl/issues/9706

Closes https://github.com/curl/curl/pull/11632
2023-09-08 03:47:13 -04:00
..
bearssl.c spelling: use 'reuse' not 're-use' in code and elsewhere 2023-08-23 23:22:36 +02:00
bearssl.h
gtls.c spelling: use 'reuse' not 're-use' in code and elsewhere 2023-08-23 23:22:36 +02:00
gtls.h
hostcheck.c gskit: remove 2023-08-07 20:57:48 +02:00
hostcheck.h
keylog.c
keylog.h
mbedtls_threadlock.c
mbedtls_threadlock.h
mbedtls.c spelling: use 'reuse' not 're-use' in code and elsewhere 2023-08-23 23:22:36 +02:00
mbedtls.h
openssl.c openssl: when CURLOPT_SSL_CTX_FUNCTION is registered, init x509 store before 2023-09-07 16:18:48 +02:00
openssl.h
rustls.c trace: make tracing available in non-debug builds 2023-08-03 17:32:25 +02:00
rustls.h
schannel_int.h schannel: verify hostname independent of verify cert 2023-08-11 12:27:18 -04:00
schannel_verify.c schannel: verify hostname independent of verify cert 2023-08-11 12:27:18 -04:00
schannel.c schannel: fix ordering of cert chain info 2023-09-08 03:47:13 -04:00
schannel.h schannel: verify hostname independent of verify cert 2023-08-11 12:27:18 -04:00
sectransp.c sectransp: fix compiler warnings 2023-08-31 23:02:43 +00:00
sectransp.h
vtls_int.h gskit: remove 2023-08-07 20:57:48 +02:00
vtls.c spelling: use 'reuse' not 're-use' in code and elsewhere 2023-08-23 23:22:36 +02:00
vtls.h vtls: clarify "ALPN: offers" message 2023-08-01 08:16:14 +02:00
wolfssl.c http2: polish things around POST 2023-09-04 19:48:49 +02:00
wolfssl.h
x509asn1.c gskit: remove 2023-08-07 20:57:48 +02:00
x509asn1.h gskit: remove 2023-08-07 20:57:48 +02:00