[svn] Don't rewrite "https://host" to "ftp://https//host" when SSL is not used.

[wget] / src / ChangeLog

diff --git a/src/ChangeLog b/src/ChangeLog
index 2991a9eb1c620d8929914923b65cd0f7b570c619..73f91bbe20d28cfb4b2cae43601ebef0afedbd81 100644 (file)
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,39 @@
+2005-05-12  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * url.c (rewrite_shorthand_url): Don't rewrite "https://host" to
+       "ftp://https//host" when SSL is not used.
+
+2005-05-11  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * openssl.c (ssl_check_server_identity): Renamed to
+       ssl_check_certificate because it does more than just checking the
+       server's identity.
+       (ssl_check_certificate): Tell the user about
+       --no-check-certificate.
+
+2005-05-11  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * openssl.c (ssl_init): Always use SSL_VERIFY_NONE, so that the
+       handshake finishes even if the certificate is invalid.  That way
+       ssl_check_server_identity can provide better diagnostics on why
+       the verification failed.
+
+2005-05-11  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * openssl.c (pattern_match): New function.
+       (ssl_check_server_identity): Treat peer certificate common name as
+       wildcard.
+
+2005-05-10  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * openssl.c (ssl_check_server_identity): Print certificate subject
+       and issuer.
+
+2005-05-10  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * res.c (res_register_specs): Correctly pass pointers to
+       hash_table_get_pair.
+
 2005-05-10  Hrvoje Niksic  <hniksic@xemacs.org>
 
        * http.c (gethttp): Call ssl_check_server_identity.