| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Use "EC/RSA key setup failure" to align error with others | tb | 2021-02-01 | 1 | -3/+3 |
| * | Move private key setup to a helper function with proper error | eric | 2021-01-26 | 1 | -10/+47 |
| * | return -1 on error for consistency | eric | 2021-01-21 | 1 | -2/+2 |
| * | Allow setting a keypair on a tls context without specifying the private | eric | 2021-01-21 | 1 | -22/+62 |
| * | Clear SSL_MODE_AUTO_RETRY in libtls, since we handle WANT_POLLIN correctly. | jsing | 2020-05-24 | 1 | -1/+3 |
| * | Add support for TLSv1.3 as a protocol to libtls. | jsing | 2020-01-20 | 1 | -1/+4 |
| * | Add a mutex to guard reference counting for tls_config. | jsing | 2019-04-01 | 1 | -1/+3 |
| * | expose the default cert file as a function, not a define. it's really | tedu | 2018-11-29 | 1 | -2/+2 |
| * | Define TLS_CA_CERT_FILE rather than having every application create their | jsing | 2018-11-06 | 1 | -2/+2 |
| * | Switch to OPENSSL_init_ssl() and prevent an openssl configuration file from | jsing | 2018-04-07 | 1 | -3/+2 |
| * | Automatically handle library initialisation for libtls. | jsing | 2018-03-19 | 1 | -3/+2 |
| * | un-revert tls_init pthread_once change, now that stub is added so that builds... | beck | 2018-03-08 | 1 | -12/+20 |
| * | backout. diff was not tested comprehensively, resulting in a broken tree. | deraadt | 2018-03-07 | 1 | -20/+12 |
| * | Make tls_init() concurrently callable using pthread_once(). | beck | 2018-03-07 | 1 | -12/+20 |
| * | Move the keypair pubkey hash handling code to during config. | jsing | 2018-02-10 | 1 | -4/+29 |
| * | Have tls_keypair_pubkey_hash() call tls_keypair_load_cert() instead of | jsing | 2018-02-08 | 1 | -2/+3 |
| * | Move tls_keypair_pubkey_hash() to the keypair file. | jsing | 2018-02-08 | 1 | -41/+1 |
| * | Avoid a memory leak that results when the same tls_config is reused. | jsing | 2018-02-08 | 1 | -1/+4 |
| * | Keep track of which keypair is in use by a TLS context. | jsing | 2017-09-20 | 1 | -1/+4 |
| * | Fix unchecked return nit | beck | 2017-08-28 | 1 | -2/+5 |
| * | Don't use tls_cert_hash for the hashing used by the engine offloading magic | claudio | 2017-08-09 | 1 | -7/+20 |
| * | Add support for providing CRLs to libtls - once a CRL is provided we | jsing | 2017-07-06 | 1 | -1/+41 |
| * | Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so that | jsing | 2017-06-22 | 1 | -6/+6 |
| * | Fix incorrect indentation. | jsing | 2017-06-22 | 1 | -2/+2 |
| * | Plug a memory leak in tls_keypair_cert_hash(), introduced in r1.60. | jsing | 2017-06-22 | 1 | -1/+3 |
| * | Remove dead code that has remained hiding since ressl.c r1.14! | jsing | 2017-06-22 | 1 | -4/+1 |
| * | Return an error if tls_handshake() is called on a TLS context that has | jsing | 2017-05-07 | 1 | -1/+6 |
| * | Perform reference counting for tls_config. This allows tls_config_free() to | jsing | 2017-05-06 | 1 | -3/+10 |
| * | Add tls_peer_cert_chain_pem - To retreive the peer certificate and chain | beck | 2017-04-05 | 1 | -1/+4 |
| * | Internal changes to allow for relayd engine privsep. sends the hash of the | beck | 2017-04-05 | 1 | -2/+65 |
| * | Use a flag to track when we need to call SSL_shutdown(). This avoids an | jsing | 2017-01-26 | 1 | -2/+3 |
| * | Disable session cache and tickets by default. | claudio | 2017-01-22 | 1 | -1/+5 |
| * | whitespace | deraadt | 2017-01-13 | 1 | -3/+3 |
| * | If certificate verification has been disabled, do not attempt to load a | jsing | 2017-01-03 | 1 | -5/+9 |
| * | Revert previous - the original code was correct since X509_verify_cert() | jsing | 2017-01-03 | 1 | -5/+5 |
| * | fix cert verify. a cert with an alt chain may verify but leave an error | tedu | 2017-01-02 | 1 | -5/+5 |
| * | Hook up a certificate verify callback so that we can set user friendly | jsing | 2016-12-26 | 1 | -4/+29 |
| * | rename ocsp_ctx to ocsp | beck | 2016-11-05 | 1 | -6/+6 |
| * | Only set an error from libssl related code, if an error has not already | jsing | 2016-11-03 | 1 | -6/+41 |
| * | Add OCSP client side support to libtls. | beck | 2016-11-02 | 1 | -1/+6 |
| * | Add callback-based interface to libtls. | bcook | 2016-09-04 | 1 | -1/+5 |
| * | Various clean up and reorganisation of the connection info handling code. | jsing | 2016-08-22 | 1 | -8/+5 |
| * | Create contexts for server side SNI - these include the additional SSL_CTX | jsing | 2016-08-22 | 1 | -1/+27 |
| * | Explicitly pass in an SSL_CTX * to the functions that operate on one, | jsing | 2016-08-15 | 1 | -23/+21 |
| * | Load CA, certificate and key files into memory when the appropriate | jsing | 2016-08-13 | 1 | -27/+25 |
| * | Add ALPN support to libtls. | jsing | 2016-08-12 | 1 | -1/+9 |
| * | Revert previous since it adds new symbols. | jsing | 2016-08-02 | 1 | -9/+1 |
| * | Add ALPN support to libtls. | jsing | 2016-08-01 | 1 | -1/+9 |
| * | Revert previous - it introduces problems with a common privsep use case. | jsing | 2016-07-07 | 1 | -3/+20 |
| * | Always load CA, key and certificate files at the time the configuration | jsing | 2016-07-06 | 1 | -20/+3 |
