summaryrefslogtreecommitdiff
path: root/src/lib/libc/stdlib/system.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2016-08-27shorten the req text;jmc1-452/+189
2016-08-27Enable ALPN regress now that it passes.jsing1-4/+2
2016-08-27Be more strict when parsing TLS extensions.jsing2-34/+74
Based on a diff from Kinichiro Inoguchi. ok beck@
2016-08-27Pull in <stdio.h> for NULLguenther1-1/+2
ok deraadt@
2016-08-26Repeated occurances of the idiom buf[5][BUFSIZ] -- ridiculous. Give eachderaadt1-86/+87
buf a special name, recognize that most are PATH_MAX, and remove a few that are not needed at all. ok jsing beck
2016-08-26Pull in <time.h> for clock_gettime()guenther1-1/+2
ok deraadt@
2016-08-25shorten the pkeyutl text;jmc1-83/+40
help/ok guenther
2016-08-24shorten the pkeyparam text;jmc1-23/+8
2016-08-24shorten the pkey text;jmc1-73/+25
2016-08-23shorten pkcs12;jmc1-187/+42
2016-08-22Various clean up and reorganisation of the connection info handling code.jsing3-69/+97
In particular, rename tls_free_conninfo() to tls_conninfo_free() and make it a real free function. Rename tls_get_conninfo() to tls_conninfo_populate() and have it allocate the struct tls_conninfo (after freeing any existing one). ok beck@
2016-08-22Stick with the usual 'if NULL return NULL' idiom.jsing1-10/+10
ok beck@
2016-08-22Bump TLS_API due to the addition of server side SNI functions.jsing1-2/+2
2016-08-22Bump libtls minor due to the addition of symbols.jsing1-1/+1
2016-08-22Provide an API that enables server side SNI support - add the ability tojsing5-6/+107
provide additional keypairs (via tls_config_add_keypair_{file,mem}()) and allow the server to determine what servername the client requested (via tls_conn_servername()). ok beck@
2016-08-22Create contexts for server side SNI - these include the additional SSL_CTXjsing3-3/+174
that is required for certificate switching with libssl and the certificate itself so that we can match against the subject and SANs. Hook up the servername callback and switch to the appropriate SSL_CTX if we find a matching certificate. ok beck@
2016-08-22shorten the pkcs8 text;jmc1-179/+63
2016-08-22Sorry Andrew and Luke, I'm pretty sure we deleted your IRIX and VMS code.deraadt1-4/+1
2016-08-20shorten pkcs7 text;jmc1-58/+37
2016-08-20shorten the passwd text; ok jsingjmc1-48/+14
2016-08-19shorten the ocsp text; ok beckjmc1-199/+71
2016-08-18Split out the TLS server SSL_CTX allocation and configuration code, sojsing1-19/+37
that it can be reused to allocate the additional SSL_CTXs needed for SNI. ok reyk@
2016-08-18Rework parts of the libtls man page for clarity. Split out the connectionjsing1-45/+35
information related functions under their own heading and dedup the text relating to when these functions can be called. With input from and ok jmc@
2016-08-18shorten the nseq text;jmc1-41/+17
2016-08-17wrterror() is fatal, delete dead code; ok tom@ natano@ tedu@otto1-61/+22
2016-08-16shorten genrsa; ok jsingjmc1-42/+18
2016-08-15The tls_conninfo serial is also unused.jsing1-2/+1
2016-08-15Group conninfo fields by connection and peer cert based information,jsing1-5/+6
sort and remove unused fingerprint.
2016-08-15Fix some style(9) issues.jsing1-3/+6
2016-08-15Explicitly pass in an SSL_CTX * to the functions that operate on one,jsing4-37/+38
instead of assuming that they should use the one associated with the TLS context. This allows these functions to be used with the additional SSL contexts that are needed to support server-side SNI. Also rename tls_configure_keypair() to tls_configure_ssl_keypair(), so that these functions have a common prefix. ok reyk@
2016-08-15add a bit of spacing to previous, to keep the notes about deprecatedjmc2-4/+6
functions out the way of the main body; ok guenther
2016-08-14Reduce qabs() and qdiv() to aliases of llabs() and lldiv().guenther12-228/+36
Merge the manual pages and call them deprecated there. ok and manpage tweak jmc@, ok natano@
2016-08-14shorten genpkey; ok guentherjmc1-78/+23
2016-08-13shorten gendsa;jmc1-20/+12
2016-08-13Avoid leaking memory if tls_config_set_alpn() is called multiple timesjsing1-4/+5
(this was in the original commit, but got reverted in the recommit).
2016-08-13Let libtls load the CA, certificate and key files for nc(1), now that itjsing1-22/+15
does this at the time the tls_config_set_*_file() function is called. ok bluhm@
2016-08-13Load CA, certificate and key files into memory when the appropriatejsing3-44/+98
tls_config_set_*_file() function is called. This allows us to immediately propagate useful error messages, play more nicely with privsep/pledge and have a single code path. Instead of always loading the default CA when tls_config_new() is called, defer and only load the default CA when tls_configure() is invoked, if a CA has not already been specified. ok beck@ bluhm@
2016-08-12Bump libtls minor due to symbol additions.jsing1-1/+1
2016-08-12Add ALPN support to libtls.jsing7-16/+168
ok beck@ doug@
2016-08-12trim errstr, and zap gendh (deprecated) entirely;jmc1-26/+1
2016-08-12shorten openssl enc, with help from jsing;jmc1-201/+39
ok jsing beck
2016-08-10shorten ecparam;jmc1-102/+50
2016-08-09trim the ec text;jmc1-92/+39
2016-08-08trim the dsaparam section; ok guentherjmc1-56/+36
2016-08-07Update the link for the getentropy(2) manual to man.openbsd.org/tb16-32/+32
ok deraadt@
2016-08-05Do not *printf %s NULLderaadt2-4/+6
ok bcook
2016-08-05Obvious minor fixes:schwarze2-36/+57
* Add missing .Dv, .Ev, and .Fa macros. * Delete deprecated .Tn macros. * Mark up global variable names with .Va, not with .Fa or .Li. * Mark up config file commands with .Ic, not with .Fa. * Fix HISTORY, trivial to verify from the CSRG archive CD.
2016-08-05shorten the openssl dsa text;jmc1-69/+35
2016-08-05Make RES_OPTIONS point directly to resolv.conf(5) instead of going throughmartijn1-3/+3
resolver(3). OK jmc@
2016-08-03shorten the openssl dhparam text;jmc1-84/+32
guenther helped rewrite the -dsaparam parts.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 17:46:55 +0000