mirror of
https://github.com/libevent/libevent.git
synced 2025-01-09 00:56:20 +08:00
64d9f161fe
The problem is that if you go to a website whose certificate does not match its hostname, it should fail. Try this in a web browser for https://www.kegel.com/ for example. Your web browser will say the certificate is for *.pair.com, not for www.kegel.com, and won't let you visit it without clicking through a bunch of scary warnings. However, prior to this commit, https-client was happy to fetch https://www.kegel.com/ without complaining. That is bad. Now, with this commit, it will properly complain, which is good: pelletier@chives:~/src/libevent/sample$ ./https-client https://www.kegel.com/ Got 'MatchNotFound' for hostname 'www.kegel.com' and certificate: /C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Suite 210/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by pair Networks, Inc./OU=PairWildcardSSL $250,000/CN=*.pair.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ It will still succeed for sites with an exactly-matching certificate, such as https://github.com/ and that is also good! However, the problem is that the iSECPartners code doesn't handle wildcards, which means we reject https://ip.appspot.com/ even though it is perfectly legitimate, because we don't understand the wildcard: ppelletier@chives:~/src/libevent/sample$ ./https-client https://ip.appspot.com/ Got 'MatchNotFound' for hostname 'ip.appspot.com' and certificate: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.appspot.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ So, we need to fix this. In other words, "to be continued..."
0. BUILDING AND INSTALLATION (Briefly)
$ ./configure
$ make
$ make verify # (optional)
$ sudo make install
1. BUILDING AND INSTALLATION (In Depth)
To build libevent, type
$ ./configure && make
(If you got libevent from the git repository, you will
first need to run the included "autogen.sh" script in order to
generate the configure script.)
You can run the regression tests by running
$ make verify
Install as root via
# make install
Before reporting any problems, please run the regression tests.
To enable the low-level tracing build the library as:
CFLAGS=-DUSE_DEBUG ./configure [...]
Standard configure flags should work. In particular, see:
--disable-shared Only build static libraries
--prefix Install all files relative to this directory.
The configure script also supports the following flags:
--enable-gcc-warnings Enable extra compiler checking with GCC.
--disable-malloc-replacement
Don't let applications replace our memory
management functions
--disable-openssl Disable support for OpenSSL encryption.
--disable-thread-support Don't support multithreaded environments.
2. USEFUL LINKS:
For the latest released version of Libevent, see the official website at
http://libevent.org/ .
There's a pretty good work-in-progress manual up at
http://www.wangafu.net/~nickm/libevent-book/ .
For the latest development versions of Libevent, access our Git repository
via
"git clone git://levent.git.sourceforge.net/gitroot/levent/libevent"
You can browse the git repository online at
http://levent.git.sourceforge.net/git/gitweb-index.cgi .
To report bugs, request features, or submit patches to Libevent,
use the Sourceforge trackers at
https://sourceforge.net/tracker/?group_id=50884 .
There's also a libevent-users mailing list for talking about Libevent
use and development: http://archives.seul.org/libevent/users/
3. ACKNOWLEDGMENTS
The following people have helped with suggestions, ideas, code or
fixing bugs:
Samy Al Bahra
Jacob Appelbaum
Arno Bakker
Weston Andros Adamson
William Ahern
Ivan Andropov
Sergey Avseyev
Avi Bab
Joachim Bauch
Gilad Benjamini
Stas Bekman
Denis Bilenko
Julien Blache
Kevin Bowling
Tomash Brechko
Kelly Brock
Ralph Castain
Adrian Chadd
Lawnstein Chan
Shuo Chen
Ka-Hing Cheung
Andrew Cox
Paul Croome
George Danchev
Andrew Danforth
Ed Day
Christopher Davis
Mike Davis
Antony Dovgal
Mihai Draghicioiu
Alexander Drozdov
Mark Ellzey
Shie Erlich
Leonid Evdokimov
Juan Pablo Fernandez
Christophe Fillot
Mike Frysinger
Remi Gacogne
Artem Germanov
Alexander von Gernler
Artur Grabowski
Diwaker Gupta
Sebastian Hahn
Dave Hart
Greg Hazel
Michael Herf
Sebastian Hahn
Savg He
Mark Heily
Michael Herf
Greg Hewgill
Andrew Hochhaus
Aaron Hopkins
Tani Hosokawa
Jamie Iles
Claudio Jeker
Evan Jones
George Kadianakis
Phua Keat
Azat Khuzhin
Alexander Klauer
Kevin Ko
Brian Koehmstedt
Marko Kreen
Valery Kyholodov
Ross Lagerwall
Scott Lamb
Christopher Layne
Adam Langley
Graham Leggett
Philip Lewis
Zhou Li
David Libenzi
Yan Lin
Moshe Litvin
Simon Liu
Mitchell Livingston
Hagne Mahre
Lubomir Marinov
Abilio Marques
Abel Mathew
Nick Mathewson
James Mansion
Nicholas Marriott
Andrey Matveev
Caitlin Mercer
Dagobert Michelsen
Andrea Montefusco
Mansour Moufid
Mina Naguib
Felix Nawothnig
Trond Norbye
Linus Nordberg
Richard Nyberg
Jon Oberheide
Phil Oleson
Dave Pacheco
Derrick Pallas
Tassilo von Parseval
Catalin Patulea
Patrick Pelletier
Simon Perreault
Pierre Phaneuf
Amarin Phaosawasdi
Ryan Phillips
Dimitre Piskyulev
Pavel Plesov
Jon Poland
Roman Puls
Nate R
Robert Ransom
Bert JW Regeer
Peter Rosin
Maseeb Abdul Qadir
Wang Qin
Alex S
Hanna Schroeter
Ralf Schmitt
Mike Smellie
Kevin Springborn
Nir Soffer
Harlan Stenn
Steve Snyder
Dug Song
Dongsheng Song
Hannes Sowa
Ferenc Szalai
Brodie Thiesfield
Jason Toffaletti
Gisle Vanem
Bas Verhoeven
Constantine Verutin
Colin Watt
Zack Weinberg
Jardel Weyrich
Jay R. Wren
Zack Weinberg
Alejo
Alex
Taral
propanbutan
mmadia
yangacer
If we have forgotten your name, please contact us.