+2005-05-12 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * url.c (rewrite_shorthand_url): Don't rewrite "https://host" to
+ "ftp://https//host" when SSL is not used.
+
+2005-05-11 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (ssl_check_server_identity): Renamed to
+ ssl_check_certificate because it does more than just checking the
+ server's identity.
+ (ssl_check_certificate): Tell the user about
+ --no-check-certificate.
+
+2005-05-11 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (ssl_init): Always use SSL_VERIFY_NONE, so that the
+ handshake finishes even if the certificate is invalid. That way
+ ssl_check_server_identity can provide better diagnostics on why
+ the verification failed.
+
+2005-05-11 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (pattern_match): New function.
+ (ssl_check_server_identity): Treat peer certificate common name as
+ wildcard.
+
+2005-05-10 Hrvoje Niksic <hniksic@xemacs.org>
+
+ * openssl.c (ssl_check_server_identity): Print certificate subject
+ and issuer.
+
2005-05-10 Hrvoje Niksic <hniksic@xemacs.org>
* res.c (res_register_specs): Correctly pass pointers to