| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2015-09-10 | document client side certificate verification functionality. | beck | 2 | -3/+19 | |
| ok jsing@ | |||||
| 2015-09-10 | reduce .Nd to one line and kill .Tn while here | schwarze | 5 | -25/+15 | |
| 2015-09-10 | Remove pointless comments. | jsing | 6 | -12/+12 | |
| ok "captain obvious" | |||||
| 2015-09-10 | document changed tls_read and tls_write semantics. | beck | 1 | -15/+58 | |
| document functions that clear errno. change examples to provide demonstration of both the blocking and non-blocking cases. ok jsing@, bluhm@ | |||||
| 2015-09-10 | Replace remaining M_ASN1_STRING_* macros with calls to ASN1_STRING_*. | jsing | 6 | -36/+36 | |
| This is not the same as the macro expansion, however the ASN1_STRING_* functions do match the macro expansions. ok doug@ miod@ | |||||
| 2015-09-10 | mlink tls_handshake; | jmc | 1 | -1/+2 | |
| 2015-09-10 | tweak previous; | jmc | 1 | -3/+3 | |
| 2015-09-10 | missing commas at the end of .Nm lines in the NAME section | schwarze | 1 | -3/+3 | |
| 2015-09-10 | Correctly document the behaviour of tls_close() - the caller is responsible | jsing | 1 | -5/+6 | |
| for closing the file descriptors unless libtls allocated them. ok beck@ | |||||
| 2015-09-10 | Replace TLS_{READ,WRITE}_AGAIN with TLS_WANT_POLL{IN,OUT} and correctly | jsing | 1 | -20/+13 | |
| document the calling requirements. ok beck@ | |||||
| 2015-09-10 | Update libtls man page to reflect tls_handshake() related changes. | jsing | 1 | -35/+37 | |
| ok beck@ | |||||
| 2015-09-10 | revert accidental commit | beck | 1 | -4/+4 | |
| 2015-09-10 | comment for errno clobbering, to indicate why we do this. | beck | 2 | -5/+9 | |
| ok deraadt@ jsing@ | |||||
| 2015-09-10 | bump major | beck | 1 | -1/+1 | |
| ok jsing@ | |||||
| 2015-09-10 | change TLS_READ_AGAIN to TLS_WANT_POLLIN and TLS_WRITE_AGAIN to TLS_WANT_POLLOUT | beck | 2 | -7/+7 | |
| to make it more clear to users of this api what needs to be done in these error cases. Discussed extensively with bluhm@ and jsing@ and others. ok jsing@ | |||||
| 2015-09-10 | Change tls_read and tls_write semantics to return an ssize_t to better | beck | 2 | -21/+14 | |
| match read() and write() semantics to make porting existing code using read/write easier.. requested by bluhm@ who convinced jsing and I to break the api ok jsing@ bluhm@ | |||||
| 2015-09-10 | Split tls_handshake() out from tls_accept/tls_connect. By doing this the | jsing | 5 | -59/+120 | |
| tls_accept/tls_connect functions can be guaranteed to succeed or fail and will no longer return TLS_READ_AGAIN/TLS_WRITE_AGAIN. This also resolves the semantics of tls_accept_*. The tls_handshake() function now does I/O and can return TLS_READ_AGAIN/TLS_WRITE_AGAIN. Calls to tls_read() and tls_write() will trigger the handshake if it has not already completed, meaning that in many cases existing code will continue to work. Discussed over many coffees at l2k15. ok beck@ bluhm@ | |||||
| 2015-09-10 | tweak Nd after previous; ok mpi | jmc | 1 | -2/+2 | |
| 2015-09-10 | add MLINKS for _prefer_ciphers_* | jmc | 1 | -1/+3 | |
| 2015-09-10 | Add support for preferring the server's cipher list or the client's cipher | jsing | 5 | -8/+47 | |
| list. Prefer the server's cipher list by default. Based on a diff from Kyle Thompson <jmp at giga dot moe>. ok beck@ bcook@ | |||||
| 2015-09-10 | Remove link_addr(3). A function to encode the name of an interface in | mpi | 3 | -136/+8 | |
| a sockaddr_dl is a questionnable interface. But now it makes it harder to properly reference ifp becauses of this. Set sdl_index to the index of the corresponding interface when constructing a routing message. Ridding previous libc crank. ok guenther@, deraadt@, dlg@ | |||||
| 2015-09-10 | Fix an incorrect error check in DSA verify. | bcook | 2 | -8/+4 | |
| From Matt Caswell's OpenSSL commit "RT3192: spurious error in DSA verify". https://github.com/openssl/openssl/commit/eb63bce040d1cc6147d256f516b59552c018e29b | |||||
| 2015-09-10 | Fix shadowed verify_error in s_server by removing the unused global. | bcook | 4 | -10/+8 | |
| 's_time -verify 1' will now actually verify the peer certificate. ok beck@ | |||||
| 2015-09-10 | Remove SOCKET_PROTOCOL, a redundant define that was only used once. | lteo | 1 | -4/+2 | |
| No binary change. ok millert@ miod@ | |||||
| 2015-09-10 | Remove unused defines. No binary change. | lteo | 2 | -9/+2 | |
| ok deraadt@ miod@ | |||||
| 2015-09-09 | Add missing CVS Mdocdate tags. No text change, except for the change | schwarze | 16 | -16/+16 | |
| of date that can't be helped. | |||||
| 2015-09-09 | Indent labels with a space so that diff -p is more friendly. | jsing | 6 | -18/+18 | |
| Requested by bluhm@ | |||||
| 2015-09-09 | Check handshake_func against NULL rather than 0, since it is a function | jsing | 2 | -14/+14 | |
| pointer. ok bcook@ miod@ | |||||
| 2015-09-09 | Add client certificate support. Still needs a few tweaks but this will | beck | 6 | -34/+76 | |
| ride upcoming minor bump ok jsing@ | |||||
| 2015-09-09 | always clear errno when coming back from tls_read tls_write, and tls_close. | beck | 1 | -9/+20 | |
| this avoids the problem of people checking for return values < 0 and then checking for errno before checking for TLS_READ_AGAIN TLS_WRITE_AGAIN - since we can not guarantee what errno will be set to from the underlying library calls | |||||
| 2015-09-09 | nuke trailing whitespace | beck | 1 | -4/+3 | |
| ok jsing@ | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |