git-market/curl-curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-13 12:41:42 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
cf4164fa8d
curl-curl/tests/http
History
Stefan Eissing 065b149df0
OpenSSL: check reuse of sessions for verify status 
OpenSSL records its peer verification status inside its SSL_SESSION
objects. When a session is later reused, the SSL connection inherits
this verify status.

Session keys prevent reuse of sessions between connections that verify
the peer and those who do not. However, when Apple SecTrust is used
to verify a connection, this does not update the Sessions verify
status (and there is no setter). On session reuse, OpenSSL fails
the verification and Apple SecTrust cannot verify either since the
certificate peer chain is not available.

Fix this by checking the verification status on session reuse and
remove the session again if the peer needs to be verified, but the
session is not.

Reported-by: Christian Schmitza
Fixes #20435
Closes #20446
2026-01-27 14:03:47 +01:00
..
testenv vquic: drop support for OpenSSL-QUIC 2026-01-17 22:49:34 +01:00
.gitignore tidy-up: mostly whitespace nits 2023-08-31 23:02:10 +00:00
CMakeLists.txt cmake: update a comment 2025-12-12 13:09:52 +01:00
config.ini.in pytest: add tests using sshd 2025-12-12 11:58:57 +01:00
conftest.py pytest: add tests using sshd 2025-12-12 11:58:57 +01:00
Makefile.am tidy-up: miscellaneous 2026-01-15 13:06:13 +01:00
requirements.txt GHA: bump pip-dependencies 2026-01-13 23:17:10 +01:00
scorecard.py ratelimit: download finetune 2026-01-16 16:42:31 +01:00
test_01_basic.py pytest: fix and improve reliability 2025-12-02 17:15:36 +01:00
test_02_download.py OpenSSL: check reuse of sessions for verify status 2026-01-27 14:03:47 +01:00
test_03_goaway.py vquic: drop support for OpenSSL-QUIC 2026-01-17 22:49:34 +01:00
test_04_stuttered.py pytest fixes and improvements 2025-11-17 08:02:52 +01:00
test_05_errors.py vquic: drop support for OpenSSL-QUIC 2026-01-17 22:49:34 +01:00
test_06_eyeballs.py test: increase altsvc test reliability 2025-12-10 00:23:33 +01:00
test_07_upload.py vquic: drop support for OpenSSL-QUIC 2026-01-17 22:49:34 +01:00
test_08_caddy.py OpenSSL: check reuse of sessions for verify status 2026-01-27 14:03:47 +01:00
test_09_push.py pytest fixes and improvements 2025-11-17 08:02:52 +01:00
test_10_proxy.py badwords: fix issues found in tests 2025-11-17 13:30:35 +01:00
test_11_unix.py ip_quadruple/proxy: make port uint16_t 2025-11-27 14:32:01 +01:00
test_12_reuse.py test: increase altsvc test reliability 2025-12-10 00:23:33 +01:00
test_13_proxy_auth.py pytest fixes and improvements 2025-11-17 08:02:52 +01:00
test_14_auth.py vquic: drop support for OpenSSL-QUIC 2026-01-17 22:49:34 +01:00
test_15_tracing.py pytest: skip specific tests for no-verbose builds 2025-10-02 10:41:46 +02:00
test_16_info.py lib: timer stats improvements 2025-11-25 16:18:59 +01:00
test_17_ssl_use.py OpenSSL: check reuse of sessions for verify status 2026-01-27 14:03:47 +01:00
test_18_methods.py pytest fixes and improvements 2025-11-17 08:02:52 +01:00
test_19_shutdown.py OpenSSL: check reuse of sessions for verify status 2026-01-27 14:03:47 +01:00
test_20_websockets.py websocket: improve handling of 0-len frames 2025-08-28 11:00:02 +02:00
test_30_vsftpd.py ftp: make EPRT connections non-blocking 2025-12-06 14:48:04 +01:00
test_31_vsftpds.py ftp: make EPRT connections non-blocking 2025-12-06 14:48:04 +01:00
test_32_ftps_vsftpd.py ftp: make EPRT connections non-blocking 2025-12-06 14:48:04 +01:00
test_40_socks.py pytest: socksd startup delay 2025-12-09 16:03:38 +01:00
test_50_scp.py pytest: add tests using sshd 2025-12-12 11:58:57 +01:00
test_51_sftp.py pytest: add tests using sshd 2025-12-12 11:58:57 +01:00