[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 157/163: TODO: Configurable loading of OpenSSL conf
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 157/163: TODO: Configurable loading of OpenSSL configuration file |
Date: |
Sun, 05 Aug 2018 12:38:03 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit d3bd7cb388f631c16a35c1c631f0dbd0879389fc
Author: Daniel Stenberg <address@hidden>
AuthorDate: Tue Jul 10 10:57:20 2018 +0200
TODO: Configurable loading of OpenSSL configuration file
Closes #2724
---
docs/TODO | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/docs/TODO b/docs/TODO
index cea637868..269c93006 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -112,6 +112,7 @@
13.6 Provide callback for cert verification
13.7 improve configure --with-ssl
13.8 Support DANE
+ 13.9 Configurable loading of OpenSSL configuration file
13.11 Support intermediate & root pinning for PINNEDPUBLICKEY
13.12 Support HSTS
13.13 Support HPKP
@@ -767,6 +768,17 @@ that doesn't exist on the server, just like
--ftp-create-dirs.
Björn Stenberg wrote a separate initial take on DANE that was never
completed.
+13.9 Configurable loading of OpenSSL configuration file
+
+ libcurl calls the OpenSSL function CONF_modules_load_file() in openssl.c,
+ Curl_ossl_init(). "We regard any changes in the OpenSSL configuration as a
+ security risk or at least as unnecessary."
+
+ Please add a configuration switch or something similar to disable the
+ CONF_modules_load_file() call.
+
+ See https://github.com/curl/curl/issues/2724
+
13.11 Support intermediate & root pinning for PINNEDPUBLICKEY
CURLOPT_PINNEDPUBLICKEY does not consider the hashes of intermediate & root
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 92/163: KNOWN_BUGS: NTLM doen't support password with § character, (continued)
- [GNUnet-SVN] [gnurl] 92/163: KNOWN_BUGS: NTLM doen't support password with § character, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 94/163: configure: use pkg-config for c-ares detection, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 98/163: RELEASE-NOTES: synced, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 93/163: GOVERNANCE.md: explains how this project is run, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 101/163: curl-confopts.m4: fix typo from ed224f23d5beb, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 153/163: lib/curl_setup.h: remove unicode bom from 8272ec50f02, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 134/163: DEPRECATE: mention the PR that disabled axTLS, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 133/163: docs/DEPRECATE.md: spelling and minor formatting, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 143/163: CMake: Remove unused functions, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 154/163: lib/curl_setup.h: remove unicode character, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 157/163: TODO: Configurable loading of OpenSSL configuration file,
gnunet <=
- [GNUnet-SVN] [gnurl] 114/163: CURLOPT_SSL_VERIFYPEER.3: fix syntax mistake, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 117/163: url: check Curl_conncache_add_conn return code, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 144/163: CMake: Remove unused 'output_var' from 'collect_true', gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 129/163: openssl: Remove some dead code, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 150/163: schannel: make more cipher options conditional, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 162/163: gnurl: rename CURLINFO and CURLOPT section 3 manpages post-merge, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 124/163: travis: add a build using the synchronous name resolver, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 138/163: example/crawler.c: simple crawler based on libxml2, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 132/163: DEPRECATE: new doc describing planned item removals, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 135/163: DEPRECATE: linkified, gnunet, 2018/08/05