| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | shorten the pkey text; | jmc | 2016-08-24 | 1 | -73/+25 |
| | | |||||
| * | shorten pkcs12; | jmc | 2016-08-23 | 1 | -187/+42 |
| | | |||||
| * | Various clean up and reorganisation of the connection info handling code. | jsing | 2016-08-22 | 3 | -69/+97 |
| | | | | | | | | | | In particular, rename tls_free_conninfo() to tls_conninfo_free() and make it a real free function. Rename tls_get_conninfo() to tls_conninfo_populate() and have it allocate the struct tls_conninfo (after freeing any existing one). ok beck@ | ||||
| * | Stick with the usual 'if NULL return NULL' idiom. | jsing | 2016-08-22 | 1 | -10/+10 |
| | | | | | ok beck@ | ||||
| * | Bump TLS_API due to the addition of server side SNI functions. | jsing | 2016-08-22 | 1 | -2/+2 |
| | | |||||
| * | Bump libtls minor due to the addition of symbols. | jsing | 2016-08-22 | 1 | -1/+1 |
| | | |||||
| * | Provide an API that enables server side SNI support - add the ability to | jsing | 2016-08-22 | 5 | -6/+107 |
| | | | | | | | | | provide additional keypairs (via tls_config_add_keypair_{file,mem}()) and allow the server to determine what servername the client requested (via tls_conn_servername()). ok beck@ | ||||
| * | Create contexts for server side SNI - these include the additional SSL_CTX | jsing | 2016-08-22 | 3 | -3/+174 |
| | | | | | | | | | | that is required for certificate switching with libssl and the certificate itself so that we can match against the subject and SANs. Hook up the servername callback and switch to the appropriate SSL_CTX if we find a matching certificate. ok beck@ | ||||
| * | shorten the pkcs8 text; | jmc | 2016-08-22 | 1 | -179/+63 |
| | | |||||
| * | Sorry Andrew and Luke, I'm pretty sure we deleted your IRIX and VMS code. | deraadt | 2016-08-22 | 1 | -4/+1 |
| | | |||||
| * | shorten pkcs7 text; | jmc | 2016-08-20 | 1 | -58/+37 |
| | | |||||
| * | shorten the passwd text; ok jsing | jmc | 2016-08-20 | 1 | -48/+14 |
| | | |||||
| * | shorten the ocsp text; ok beck | jmc | 2016-08-19 | 1 | -199/+71 |
| | | |||||
| * | Split out the TLS server SSL_CTX allocation and configuration code, so | jsing | 2016-08-18 | 1 | -19/+37 |
| | | | | | | | that it can be reused to allocate the additional SSL_CTXs needed for SNI. ok reyk@ | ||||
| * | Rework parts of the libtls man page for clarity. Split out the connection | jsing | 2016-08-18 | 1 | -45/+35 |
| | | | | | | | | information related functions under their own heading and dedup the text relating to when these functions can be called. With input from and ok jmc@ | ||||
| * | shorten the nseq text; | jmc | 2016-08-18 | 1 | -41/+17 |
| | | |||||
| * | wrterror() is fatal, delete dead code; ok tom@ natano@ tedu@ | otto | 2016-08-17 | 1 | -61/+22 |
| | | |||||
| * | shorten genrsa; ok jsing | jmc | 2016-08-16 | 1 | -42/+18 |
| | | |||||
| * | The tls_conninfo serial is also unused. | jsing | 2016-08-15 | 1 | -2/+1 |
| | | |||||
| * | Group conninfo fields by connection and peer cert based information, | jsing | 2016-08-15 | 1 | -5/+6 |
| | | | | | sort and remove unused fingerprint. | ||||
| * | Fix some style(9) issues. | jsing | 2016-08-15 | 1 | -3/+6 |
| | | |||||
| * | Explicitly pass in an SSL_CTX * to the functions that operate on one, | jsing | 2016-08-15 | 4 | -37/+38 |
| | | | | | | | | | | | | instead of assuming that they should use the one associated with the TLS context. This allows these functions to be used with the additional SSL contexts that are needed to support server-side SNI. Also rename tls_configure_keypair() to tls_configure_ssl_keypair(), so that these functions have a common prefix. ok reyk@ | ||||
| * | add a bit of spacing to previous, to keep the notes about deprecated | jmc | 2016-08-15 | 2 | -4/+6 |
| | | | | | | | functions out the way of the main body; ok guenther | ||||
| * | Reduce qabs() and qdiv() to aliases of llabs() and lldiv(). | guenther | 2016-08-14 | 12 | -228/+36 |
| | | | | | | | Merge the manual pages and call them deprecated there. ok and manpage tweak jmc@, ok natano@ | ||||
| * | shorten genpkey; ok guenther | jmc | 2016-08-14 | 1 | -78/+23 |
| | | |||||
| * | shorten gendsa; | jmc | 2016-08-13 | 1 | -20/+12 |
| | | |||||
| * | Avoid leaking memory if tls_config_set_alpn() is called multiple times | jsing | 2016-08-13 | 1 | -4/+5 |
| | | | | | (this was in the original commit, but got reverted in the recommit). | ||||
| * | Let libtls load the CA, certificate and key files for nc(1), now that it | jsing | 2016-08-13 | 1 | -22/+15 |
| | | | | | | | does this at the time the tls_config_set_*_file() function is called. ok bluhm@ | ||||
| * | Load CA, certificate and key files into memory when the appropriate | jsing | 2016-08-13 | 3 | -44/+98 |
| | | | | | | | | | | | tls_config_set_*_file() function is called. This allows us to immediately propagate useful error messages, play more nicely with privsep/pledge and have a single code path. Instead of always loading the default CA when tls_config_new() is called, defer and only load the default CA when tls_configure() is invoked, if a CA has not already been specified. ok beck@ bluhm@ | ||||
| * | Bump libtls minor due to symbol additions. | jsing | 2016-08-12 | 1 | -1/+1 |
| | | |||||
| * | Add ALPN support to libtls. | jsing | 2016-08-12 | 7 | -16/+168 |
| | | | | | ok beck@ doug@ | ||||
| * | trim errstr, and zap gendh (deprecated) entirely; | jmc | 2016-08-12 | 1 | -26/+1 |
| | | |||||
| * | shorten openssl enc, with help from jsing; | jmc | 2016-08-12 | 1 | -201/+39 |
| | | | | | ok jsing beck | ||||
| * | shorten ecparam; | jmc | 2016-08-10 | 1 | -102/+50 |
| | | |||||
| * | trim the ec text; | jmc | 2016-08-09 | 1 | -92/+39 |
| | | |||||
| * | trim the dsaparam section; ok guenther | jmc | 2016-08-08 | 1 | -56/+36 |
| | | |||||
| * | Update the link for the getentropy(2) manual to man.openbsd.org/ | tb | 2016-08-07 | 16 | -32/+32 |
| | | | | | ok deraadt@ | ||||
| * | Do not *printf %s NULL | deraadt | 2016-08-05 | 2 | -4/+6 |
| | | | | | ok bcook | ||||
| * | Obvious minor fixes: | schwarze | 2016-08-05 | 2 | -36/+57 |
| | | | | | | | | | * Add missing .Dv, .Ev, and .Fa macros. * Delete deprecated .Tn macros. * Mark up global variable names with .Va, not with .Fa or .Li. * Mark up config file commands with .Ic, not with .Fa. * Fix HISTORY, trivial to verify from the CSRG archive CD. | ||||
| * | shorten the openssl dsa text; | jmc | 2016-08-05 | 1 | -69/+35 |
| | | |||||
| * | Make RES_OPTIONS point directly to resolv.conf(5) instead of going through | martijn | 2016-08-05 | 1 | -3/+3 |
| | | | | | | | resolver(3). OK jmc@ | ||||
| * | shorten the openssl dhparam text; | jmc | 2016-08-03 | 1 | -84/+32 |
| | | | | | guenther helped rewrite the -dsaparam parts. | ||||
| * | Revert previous since it adds new symbols. | jsing | 2016-08-02 | 8 | -170/+16 |
| | | | | | Requested by deraadt@ | ||||
| * | Bump TLS_API for addition of ALPN support. | jsing | 2016-08-01 | 1 | -2/+2 |
| | | |||||
| * | Add ALPN support to libtls. | jsing | 2016-08-01 | 7 | -15/+168 |
| | | | | | ok beck@ doug@ | ||||
| * | shorten the openssl dgst text; in particular, do not try to | jmc | 2016-08-01 | 1 | -53/+24 |
| | | | | | list all the available digests; | ||||
| * | bump for LibreSSL 2.5.x | bcook | 2016-07-31 | 2 | -6/+6 |
| | | |||||
| * | use the style from the man page examples for getaddrinfo, which makes a | halex | 2016-07-30 | 1 | -21/+19 |
| | | | | | | | bit more sense ok jung@ deraadt@ | ||||
| * | remove HISTORY: it was a nonsense; | jmc | 2016-07-28 | 1 | -25/+1 |
| | | |||||
| * | some text cutting, after feedback from jsing; | jmc | 2016-07-28 | 1 | -12/+12 |
| | | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |