gergely/taskwarrior-2.x
1
0
Fork 0
Code Issues Actions Packages Projects Releases 1 Wiki Activity
11,518 Commits 5 Branches 55 Tags
d47c70579f413a5aea1bdf4717fdce46739e8bc3
Commit Graph

86 Commits

Author SHA1 Message Date
Jan Palus
d541e0da65 TLSClient: fix multiple issues with error handling 
- do not check errno on successful function calls (it might not be
  cleared after previous failed one)
- GNUTLS_E_* are not passed through errno but as function return value
- therefore there's more error spectrum than -1
- do not assume whole header is received, check number of bytes fetched

small additional improvements:
- read as many bytes into buffer as possible before appending to data
- skip writing nul byte at the end of buffer and use append() instead
- additional sanity checks
 2022-02-11 00:19:04 -05:00
Leo
57680f5bde Uncoditionally include errno.h instead of guessing 
POSIX tells us that it is errno.h, musl fails to build with -Werror
because it redirects sys/errno.h->errno.h and uses #warning

(cherry picked from commit 041248e7cc)
 2021-10-02 21:30:40 -04:00
Tomas Babej
0bc92d6115 meta: Adjust copyright headers 2021-09-05 12:02:07 -04:00
begasus
4fff27f4bc Fix reference for errno.h on Haiku 2021-05-14 00:04:48 -04:00
Tomas Babej
9017cd6e53 doc: Update copyright to 2021 2021-01-02 02:48:22 -05:00
Paul Beckingham
3e0a428185 Revert "[clang-tidy] Use .empty instead of comparing size" 
This reverts commit a331cceded.
 2020-12-05 16:18:37 -05:00
Paul Beckingham
5502729131 Revert "[clang-tidy] Switch C headers to C++ ones" 
This reverts commit 0344856d65.
 2020-12-05 16:18:37 -05:00
Paul Beckingham
c43a513158 Revert "[clang-tidy] Replace C style casts with C++ ones" 
This reverts commit 13e1bf7204.
 2020-12-05 16:18:37 -05:00
Rosen Penev
13e1bf7204 [clang-tidy] Replace C style casts with C++ ones 
Found with google-readability-casting

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 2020-12-05 15:03:43 -05:00
Rosen Penev
0344856d65 [clang-tidy] Switch C headers to C++ ones 
Found using modernize-return-braced-init-list

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 2020-12-05 15:03:43 -05:00
Rosen Penev
a331cceded [clang-tidy] Use .empty instead of comparing size 
Found with readability-container-size-empty

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 2020-12-05 15:03:43 -05:00
Tomas Babej
a09f9d48ab Update copyright to 2020 2020-11-21 12:27:05 -05:00
Tomas Babej
8066e4e6e2 meta: Update copyright year 2019-01-01 08:46:21 -05:00
Kirill Bobyrev
5cdbe6d019 Use nullptr instead lf C-styled NULL 2018-03-07 22:21:28 +03:00
Simon Ruderich
e817dfc800 Always use https:// link for opensource.org 
It was already used in a few places, make this consistent.
 2018-03-04 14:53:07 +01:00
Paul Beckingham
0de169bb10 Copyright 2018 2017-12-31 19:22:07 -05:00
Paul Beckingham
88ef997d6a Reapplying include removal without libshared update 2017-05-08 17:47:36 -04:00
Paul Beckingham
dbfe220499 Revert "TLSClient: Remove double include" 
This reverts commit 2321c17d8d.
 2017-05-08 17:33:44 -04:00
Tomas Babej
2321c17d8d TLSClient: Remove double include 2017-05-08 21:59:03 +02:00
Tomas Babej
282c59a394 TLSClient: Improve diagnostics 
Task now correctly distinguishes the situation where CA file is present,
but not valid in some sense (empty file, not valid PEM, ..). In this
case the gnutls_certificate_set_x509_trust_file returns 0, as the number
of certificates detected in the file.

The method returns negative numbers for other errors, such as the CA
file itself missing.

Also clarify that when validating client cert/key pair, each of them can
be the source of the problem, not only the cliet certificate file.
 2017-02-18 20:43:21 +01:00
Tomas Babej
66328f97b5 TLSClient: Respect 'allow all' and 'ignore hostname' trust settings 2017-02-18 20:21:42 +01:00
Tomas Babej
a4a704fd37 style: Remove doubled spaces in the error message 2017-02-18 20:20:37 +01:00
Tomas Babej
8c1d625a54 TLSClient: Free error data after extracting error message 2017-02-18 20:19:03 +01:00
Paul Beckingham
39f8e7528e TLS: Now uses SNI 2017-02-11 13:51:02 -05:00
Paul Beckingham
c79ed7cf4c TLSClient: Removed test code 2017-02-09 01:47:54 +01:00
Paul Beckingham
d8227a8439 TLSClient: Typo 2017-02-09 01:45:05 +01:00
Paul Beckingham
0432b9090a TLS: Aligned source with Taskserver 2017-01-10 22:14:51 -05:00
Paul Beckingham
a50e65a134 Copyright update 2017-01-01 12:30:04 -05:00
Paul Beckingham
a7465d58d7 TW-1855: "Well-known" CA certificates not properly auto-loaded 
- Thanks to Flavio Poletti.
 2016-12-19 12:16:22 -05:00
Paul Beckingham
85eb32c87d TLSClient: Added GnuTLS 3.4.6 API support 
- This greatly simplifies cert validation.
 2016-12-19 12:01:01 -05:00
Paul Beckingham
00a7b377cc TLSClient: Corrected version number for API call 2016-12-19 11:59:24 -05:00
Paul Beckingham
efdf0ca4dd TLSClient: Added handshake timeout 2016-12-19 11:58:33 -05:00
Paul Beckingham
6d3af50604 TLSClient: Commented possible need for version protection 2016-12-19 11:57:24 -05:00
Paul Beckingham
e717d13802 TLSClient: Labelled GnuTLS calls with version numbers 2016-12-19 11:56:47 -05:00
Paul Beckingham
355620c640 libhsared: migrating from local to libshared 2016-12-06 07:20:45 -05:00
Paul Beckingham
54c0717cdb TLSClient: Improved C++ core guidelines 2016-11-19 13:12:07 -05:00
Paul Beckingham
08bbf9aa20 TLSClient: Improved C+ Core Guidelines compliance 2016-11-06 01:05:14 -04:00
Paul Beckingham
688d6b658b TLSClient: No longer calls gnutls_global_{de,}init for 3.3.0+ 2016-11-06 01:04:36 -04:00
Paul Beckingham
95f4989f77 Cleanup: Don't use string literals when character literals are needed 2016-10-14 22:27:34 -04:00
Paul Beckingham
641d232dea Copyright: Updated to 2016 2015-12-31 15:06:43 -05:00
Paul Beckingham
1407e0410e TLSClient: Added more diagnostics in debug mode 2015-11-08 17:03:35 -05:00
Paul Beckingham
5c8b7148b4 Task: Moved include to top of list, per flint++ recommendation 2015-11-01 19:59:10 -05:00
Paul Beckingham
5110a83efa Cleanup: Corrected object initialization using {} 2015-10-16 08:22:03 -04:00
Paul Beckingham
5f9a543b1b TLS: Diagnostics 
- When a certificate fails validation, display the full set of reasons, in
  debug mode.
 2015-04-26 20:52:34 -04:00
Paul Beckingham
75775786e6 TLS: Fixed version conditional 
- The call to gnutls_certificate_verification_status_print was protected by an
  #ifdef which had the wrong GnuTLS version number.
 2015-04-26 20:51:46 -04:00
Paul Beckingham
caa8c8e884 TLS: Fixed cert verification bug 
- When a cert was unreadable, instead of exiting verification with a value of
  GNUTLS_E_CERTIFICATE_ERROR, the value was assigned to 'status', which has
  different semantics.
 2015-04-26 20:51:08 -04:00
Paul Beckingham
b7ad091d00 Updated copyright to 2015 2015-01-01 00:00:41 -05:00
Paul Beckingham
2c6b3b3991 TD-79 
- TD-79 Bad error message for wrong hostname configuration (thanks to Jens
        Erat).
 2014-10-23 22:46:50 -04:00
Paul Beckingham
1a1bda18ce TLSClient 
- Rearranged includes, now matches taskd.
 2014-09-18 22:28:47 -04:00
Paul Beckingham
748ca4896f TLS 
- Added many more diagnostics for when GnuTLS calls fail.
- Fixed bug whereby hostname verification failed no matter what.
 2014-09-16 00:02:18 -04:00