[svn] Don't rewrite "https://host" to "ftp://https//host" when SSL is not used.

[wget] / src / ChangeLog

diff --git a/src/ChangeLog b/src/ChangeLog
index 3fcc019f941e36b557d94cfa9d232c61bcf14d40..73f91bbe20d28cfb4b2cae43601ebef0afedbd81 100644 (file)
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,68 @@
+2005-05-12  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * url.c (rewrite_shorthand_url): Don't rewrite "https://host" to
+       "ftp://https//host" when SSL is not used.
+
+2005-05-11  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * openssl.c (ssl_check_server_identity): Renamed to
+       ssl_check_certificate because it does more than just checking the
+       server's identity.
+       (ssl_check_certificate): Tell the user about
+       --no-check-certificate.
+
+2005-05-11  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * openssl.c (ssl_init): Always use SSL_VERIFY_NONE, so that the
+       handshake finishes even if the certificate is invalid.  That way
+       ssl_check_server_identity can provide better diagnostics on why
+       the verification failed.
+
+2005-05-11  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * openssl.c (pattern_match): New function.
+       (ssl_check_server_identity): Treat peer certificate common name as
+       wildcard.
+
+2005-05-10  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * openssl.c (ssl_check_server_identity): Print certificate subject
+       and issuer.
+
+2005-05-10  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * res.c (res_register_specs): Correctly pass pointers to
+       hash_table_get_pair.
+
+2005-05-10  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * http.c (gethttp): Call ssl_check_server_identity.
+
+       * openssl.c (ssl_check_server_identity): New function, verifies
+       that the host name in the certificate matches the actual host
+       name.
+       (verify_cert_callback): Removed, since it didn't do anything
+       except returning the preverify_ok argument.
+
+       * connect.c (fd_transport_context): Allow retrieval of the context
+       pointer registered with fd_register_transport.
+
+2005-05-09  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * openssl.c (verify_cert_callback): Renamed from verify_callback.
+       Always return the received "ok" value.  Print the X509 name in
+       debug mode.
+       (ssl_init): Enable partial writes in SSL context.
+
+2005-05-08  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * http.c (http_loop): Check for wildcards in the URL path
+       component, not in the whole URL.
+
+       * ftp.c (ftp_loop): Check for wildcards in URL path before
+       unescaping, so the users can escape globbing metacharacters with %
+       escapes.
+
 2005-05-08  Hrvoje Niksic  <hniksic@xemacs.org>
 
        * init.c (run_command): Correctly interpret the return value of