The curl fetcher can operate without openssl library being
available, additionaly curl itself may be compiled with a
different TLS library.
In either case this will simply cause the "unknown" error to be
reported for all TLS failiures and page information to lack any
certificate information.
If dom_to_box is still in progress when we destroy an HTML
content, we need to cancel the conversion otherwise we will
end up with a scheduled callback into infinity.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
Since OpenSSL 1.0.2 there has been hostname verification support
which cURL doesn't turn on for some reason. Turn it on so that
we get better hostname verification handling.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
In doing this, also propagate why the certificates were bad
so that the page can display a reason. We will need FatMessages
for all these.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
We now handle authentication requests via an `about:` page
which presents a nice form built into the browser window.
In order to do this, we add internal navigation as a concept
to the browser window and we strip the 401login support from all
frontends except monkey.
The 401login callback is now intended for password safe type support
rather than an immediately interactive prompt.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
In further preparation for the auth and cert queries being handled
as special contents from `about:` this excises the query pathway
from the llcache pretty much entirely.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
* Fetchers now provide the certificates before headers
* This is propagated all the way to the browser window
* When a query occurs, we retrieve it from there and fire
the query with those stored certificates.
* The serial number is a bignum, store it as hex.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
This reworks CONTENT_MSG_ERROR to be structured data and
removes the CONTENT_MSG_ERRORCODE message kind.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
Currently only supporting text input, password input, and hidden
input, along with text areas, this mirrors the text values in
and out of the DOM, allowing JS to adjust the gadget values and
for the gadget values to be interrogated from JS.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
As a first step in refactoring query handling to be managed
by `browser_window`, this migrates the calling of the query
handler from the llcache object code up to the hlcache.
In theory this may result in multiple queries happening for one
object, but we mitigate multiple-responses in the llcache so
all should be well.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
In order to prevent a problem where iterating causes an abort
which causes an iteration which clears the iteratorness of a
user allowing it to delete itself causing a segfault, preserve
the iteratorness when iterating in send_message
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>