| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
| |
close the connection. Also correctly handle the error on failure.
Diff from cookieandscream via github.
|
| |
|
|
|
|
|
| |
for the server, rather than on the context for the connection. This makes
more sense than the current behaviour does.
Issue reported by Tim van der Molen.
|
| |
|
|
|
|
|
| |
dance handling code. This means that we get slightly useful messages when
a TLS connection or accept fails.
Requested by reyk@
|
| |
|
|
|
|
| |
failures return something that is actually useful to the caller.
ok reyk@
|
| |
|
|
|
| |
As discussed with beck@ jsing@ and others
OK beck@
|
| |
|
|
|
|
|
|
|
|
| |
libtls accepts size_t for lengths but libssl accepts int. This verifies
that the input does not exceed INT_MAX. It also avoids truncating size_t
when comparing with int and adds printf-style attributes for
tls_set_error().
with input from deraadt@ and tedu@
ok tedu@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Remove direct calls to printf from the tls_check_hostname() path. This allows
NUL byte error messages to bubble up to the caller, to be logged in a
program-appropriate way. It also removes non-portable calls to getprogname().
The semantics of tls_error() are changed slightly: the last error message is
not necessarily preserved between subsequent calls into the library.
When the previous call to libtls succeeds, client programs should treat the
return value of tls_error() as undefined.
ok tedu@
|
|
|
distinguish between LibreSSL (the project) and libressl (the library).
Discussed with many.
|
