Instead of extracting information from the X509 certificate chain in
the fetcher the entire chain is propagated in Distinguished Encoding
Rules (DER) format.
This allows all the information contained in a certificate chain to be
retained which can subsequently be presented to the user
In order to be able to use a generic hashmap in things such
as the fs_backing_store we want one to exist. Here it is,
along with some moderately comprehensive tests.
Current limits:
1. All keys and values are owned by the hashmap
2. The hashmap, while capable of different bucket counts
only has a single fixed count for now
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
Any errors from the fetch which are not already handled are
reported with an internal query page instead of a modal
dialog.
This is much less invasive for the user and much more in
keeping with how this is handled by other browsers.
The handler is similar to the timeout handler but the
functionality is kept separate as it is intended timeout
handling be extended in future.
allow the browser to be compiled without libutf8proc. Without this
library safe utf8 conversion and verification is not possible
so the browser will loose the ability to navigate to adresses
using the idna punycode scheme.
Since OpenSSL 1.0.2 there has been hostname verification support
which cURL doesn't turn on for some reason. Turn it on so that
we get better hostname verification handling.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
In doing this, also propagate why the certificates were bad
so that the page can display a reason. We will need FatMessages
for all these.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
We now handle authentication requests via an `about:` page
which presents a nice form built into the browser window.
In order to do this, we add internal navigation as a concept
to the browser window and we strip the 401login support from all
frontends except monkey.
The 401login callback is now intended for password safe type support
rather than an immediately interactive prompt.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
In further preparation for the auth and cert queries being handled
as special contents from `about:` this excises the query pathway
from the llcache pretty much entirely.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
