Skip to content
  1. Dec 19, 2016
    • Dan McNulty's avatar
      schannel: fix wildcard cert name validation on Win CE · 0354eed4
      Dan McNulty authored
      Fixes a few issues in manual wildcard cert name validation in
      schannel support code for Win32 CE:
      - when comparing the wildcard name to the hostname, the wildcard
        character was removed from the cert name and the hostname
        was checked to see if it ended with the modified cert name.
        This allowed cert names like *.com to match the connection
        hostname. This violates recommendations from RFC 6125.
      - when the wildcard name in the certificate is longer than the
        connection hostname, a buffer overread of the connection
        hostname buffer would occur during the comparison of the
        certificate name and the connection hostname.
      0354eed4
    • Daniel Stenberg's avatar
      printf: fix floating point buffer overflow issues · 3ab3c16d
      Daniel Stenberg authored
      ... and add a bunch of floating point printf tests
      3ab3c16d
  2. Dec 18, 2016
  3. Dec 17, 2016
  4. Dec 16, 2016
  5. Dec 15, 2016
  6. Dec 14, 2016
  7. Dec 13, 2016
  8. Dec 11, 2016
  9. Dec 08, 2016
  10. Dec 07, 2016
    • Adam Langley's avatar
      openssl: don't use OpenSSL's ERR_PACK. · 71a55534
      Adam Langley authored
      ERR_PACK is an internal detail of OpenSSL. Also, when using it, a
      function name must be specified which is overly specific: the test will
      break whenever OpenSSL internally change things so that a different
      function creates the error.
      
      Closes #1157
      71a55534
  11. Dec 05, 2016
  12. Dec 03, 2016
  13. Dec 02, 2016