1. 08 Aug, 2021 1 commit
  2. 07 Aug, 2021 1 commit
  3. 24 Jul, 2021 2 commits
  4. 20 Jul, 2021 1 commit
  5. 15 Jul, 2021 1 commit
  6. 24 Jun, 2021 2 commits
    • Michael Catanzaro's avatar
      Remove TLS section of SoupSession porting docs · 2f92f5fb
      Michael Catanzaro authored and Patrick Griffis's avatar Patrick Griffis committed
      SoupSessionAsync and SoupSessionSync are growing the new behavior, so
      there is no longer any difference to document here.
      2f92f5fb
    • Patrick Griffis's avatar
      Enable ssl-use-system-ca-file on deprecated Sync and Async sessions · 71ca70a0
      Patrick Griffis authored
      The default was disabled for backwards compatability however it
      was an unsafe default and many projects unknowingly did not enable
      it.
      
      This is a break in behavior however the security concerns are important.
      The belief that all projects would switch to the safer SoupSession
      didn't happen and the number of under-maintained projects is too
      many to fix quickly.
      
      This brings a base level of security to all of them and will likely
      not actually break much as the modern internet depends on CAs heavily.
      
      For users who are broken by it, the possible fixes are:
      
      - Add the CA for the service you can no longer connect to to the
        system CA database on your computer
      - Get the administrator of the service you were connecting to to
        switch to using a certificate signed by a public CA
      - Use http rather than https
      - Wait for, or request, the app to be updated
      
      For system administrators who provide a service whose users have been broken by this, the possible fixes are:
      
      - Update your service to use a certificate signed by a public CA
      - Get each user to add the CA to their system CA db, as above
      - Get each user to move to an alternative app
      
      For developers of apps whose users have been broken by this, the possible fixes are:
      
      - Document how users can add CAs to the system CA DB, as above
      - Add a config option to allow users to turn ssl-use-system-ca-file off again.
        (Note that this will probably eventually result in someone filing a CVE against your app.)
      - Add a config option to allow users to configure a file containing a CA to be trusted,
        and then read that in as a GTlsDatabaseFile and set it as SoupSession:tls-database
      - Add a ton of code to allow users to accept certificates signed by unknown CAs and then
        remember the certificates for next time. (We have no easily-copied examples of how to do this.)
      71ca70a0
  7. 13 May, 2021 1 commit
  8. 06 May, 2021 1 commit
  9. 04 May, 2021 1 commit
  10. 27 Apr, 2021 1 commit
  11. 01 Apr, 2021 1 commit
  12. 17 Mar, 2021 1 commit
  13. 08 Mar, 2021 1 commit
  14. 04 Mar, 2021 1 commit
    • Iain Lane's avatar
      tests/connection-test: Update expected events for GLib 2.67 · f9061aad
      Iain Lane authored
      See GLib commit f0a7b147806e852e2090eeda6e4e38f7d3f52b52 for full
      details, but now the extra RESOLVING event is not emitted any more.
      
      To cater for situations where libsoup is run against an older version of
      GLib, keep a runtime check for older versions.
      
      Fixes: #215
      f9061aad
  15. 28 Dec, 2020 1 commit
  16. 30 Sep, 2020 1 commit
  17. 23 Sep, 2020 1 commit
  18. 22 Sep, 2020 1 commit
  19. 16 Sep, 2020 2 commits
  20. 14 Sep, 2020 1 commit
  21. 13 Sep, 2020 2 commits
  22. 12 Sep, 2020 1 commit
  23. 10 Sep, 2020 2 commits
  24. 09 Sep, 2020 1 commit
  25. 06 Sep, 2020 2 commits
  26. 05 Sep, 2020 1 commit
  27. 04 Sep, 2020 1 commit
  28. 30 Aug, 2020 1 commit
  29. 26 Aug, 2020 2 commits
  30. 25 Aug, 2020 1 commit
  31. 23 Aug, 2020 2 commits
  32. 20 Aug, 2020 1 commit