Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/certificate verification levels #150

Merged
merged 14 commits into from
Feb 2, 2024
Merged

Feature/certificate verification levels #150

merged 14 commits into from
Feb 2, 2024

Conversation

dnzbk
Copy link
Collaborator

@dnzbk dnzbk commented Feb 1, 2024
edited

  • Added Certificate verification levels:

    • None: NO certificate signing check, NO certificate hostname check
    • Minimal: certificate signing check, NO certificate hostname check
    • Strict: certificate signing check, certificate hostname check

  • Tested on a mock nzbget NNTP nserv server with self-signed certificate and got expected results:

    • "Strict" -> test failed
    • "Minimal" -> test failed
    • "None" -> test passed"

@dnzbk dnzbk requested review from phnzb and luckedea February 1, 2024 11:23
@dnzbk dnzbk linked an issue Feb 1, 2024 that may be closed by this pull request
Make cert check configurable per server #53
Closed
luckedea
luckedea approved these changes Feb 2, 2024
View reviewed changes
Copy link
Member

@luckedea luckedea left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you, looks good

@dnzbk dnzbk merged commit 5956a17 into develop Feb 2, 2024
@dnzbk dnzbk deleted the feature-certificate-verification-level branch February 2, 2024 13:27
dnzbk added a commit that referenced this pull request Feb 9, 2024
@dnzbk
Merge pull request #161 from nzbgetcom/develop
c116a63 
nzbget-23.0
  - Features:
    - Extension Manager [#76](7348b19);
        * The new nzbget extension system, which makes it easy to download/update/delete 
        extensions with backward compatibility with the old system;
        * extensions [master list](https://github.com/nzbgetcom/nzbget-extensions/);
        * changed:
          -  RPC request "configtemplates" -  no longer returns script templates, but only the config template;
        * added:
          - new RPC requests:
            - "loadextensions" - loads all extensions from {ScriptDIR} and returns an array of structures in JSON/XML formats;
            - "updateextension" - downloads by url and name and installs the extension. Returns 'true' or error response in JSON/XML formats;
            - "deleteextension" - deletes extension by name. Returns 'true' or error response in JSON/XML formats;
            - "downloadextension" - downloads by url and installs the extension. Returns 'true' or error response in JSON/XML formats;
            - "testextension" - tries to find the right executor program for the extension, e.g. Python. 
            Returns 'true' or error response in JSON/XML formats;
          - "EXTENSION MANAGER" section in webui to download/delete/update extensions;
          - Boost.Json library to work with JSON;
          - more unit tests;
        * refactored:
          - replaced raw pointers with smart pointers and const refs where possible for memory safty reasons;
        * removed:
          - testdata_FILES from Makefile.am;
          - EMail and Logger scripts;
    - Docker support [#55](1913e33);
    - Synology support (spk) [#72](3f8fd6d);
    - QNAP support [#158](9676c77);
    - aarch64 mipseb mipsel ppc6xx ppc500 architectures to linux build [#61](9599854) [#146](fcc104d);
    - article read chunk size [#52](1aa42f2);
      * Added ArticleReadChunkSize config option which allows to adjust 
      the buffer size for customization on different platforms, which can lead to increased performance;
    - increased the number of default connections to 8  [#54](55eca4c);
    - automatic search for a suitable interpreter on POSIX [#74](ec0756d);
    - certificate verification levels [#150](5956a17);
        * levels:
          - None: NO certificate signing check, NO certificate hostname check; 
          - Minimal: certificate signing check, NO certificate hostname check;
          - Strict: certificate signing check, certificate hostname check;
        * tested on a mock nzbget NNTP nserv server with self-signed certificate and got expected results:
          - "Strict" -> test failed;
          - "Minimal" -> test failed;
          - "None" -> test passed";
  - Bug fixies:
    - possible memory corruption [#148](16ab25d);
  - For developers:
    - fixed unit tests (Windows only for now) and started migration to CMake [#64](73e8c00);
      * We are going to completely migrate to CMake as a more universal one for cross-platform development and drop autotools and MSBuild;
    - using libxml2 on Windows and vcpkg package manager to install dependencies [#70](f8cb2bd);
      * libxml2 library is now used on Windows to work with xml in the same way we already do on Linux and macOS;
      * removed platform-dependent code for working with xml on Windows;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@luckedea luckedea luckedea approved these changes

@phnzb phnzb Awaiting requested review from phnzb

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Make cert check configurable per server
3 participants
@dnzbk @luckedea @ureyNZB