| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Switch to pthread_mutex_init(). | jsing | 2019-04-04 | 1 | -3/+5 |
| * | Add a mutex to guard reference counting for tls_config. | jsing | 2019-04-01 | 1 | -2/+9 |
| * | remove duplicate set key file call. from alf. | tedu | 2019-03-27 | 1 | -3/+1 |
| * | expose the default cert file as a function, not a define. it's really | tedu | 2018-11-29 | 1 | -1/+9 |
| * | Correct tls_config_clear_keys() behaviour. | jsing | 2018-04-07 | 1 | -5/+2 |
| * | Avoid potentially calling strchr() on a NULL pointer in | jsing | 2018-03-20 | 1 | -7/+6 |
| * | Automatically handle library initialisation for libtls. | jsing | 2018-03-19 | 1 | -2/+11 |
| * | Move the keypair pubkey hash handling code to during config. | jsing | 2018-02-10 | 1 | -7/+11 |
| * | Add support to libtls for client-side TLS session resumption. | jsing | 2018-02-10 | 1 | -1/+40 |
| * | Split keypair handling out into its own file - it had already appeared | jsing | 2018-02-08 | 1 | -125/+6 |
| * | Be consistent with the goto label names used in libtls code. | jsing | 2018-02-05 | 1 | -10/+10 |
| * | Make tls_config_parse_protocols() work correctly when passed a NULL pointer | jsing | 2017-12-09 | 1 | -3/+5 |
| * | If tls_config_parse_protocols() is called with a NULL pointer, return the | jsing | 2017-09-25 | 1 | -1/+4 |
| * | Add a tls_config_set_ecdhecurves() function to libtls, which allows the | jsing | 2017-08-10 | 1 | -12/+72 |
| * | Don't use tls_cert_hash for the hashing used by the engine offloading magic | claudio | 2017-08-09 | 1 | -2/+2 |
| * | Add support for providing CRLs to libtls - once a CRL is provided we | jsing | 2017-07-06 | 1 | -1/+17 |
| * | Perform reference counting for tls_config. This allows tls_config_free() to | jsing | 2017-05-06 | 1 | -1/+6 |
| * | use freezero() instead of memset/explicit_bzero + free. Substantially | deraadt | 2017-05-02 | 1 | -4/+2 |
| * | Add a tls_keypair_clear_key() function that uses freezero() to make key | jsing | 2017-04-30 | 1 | -5/+11 |
| * | Internal changes to allow for relayd engine privsep. sends the hash of the | beck | 2017-04-05 | 1 | -1/+8 |
| * | Add tls_config_[add|set]keypair_ocsp functions so that ocsp staples may be | beck | 2017-01-31 | 1 | -14/+99 |
| * | Move the ocsp staple to being part of the keypair structure internally, | beck | 2017-01-29 | 1 | -5/+21 |
| * | Introduce ticket support. To enable them it is enough to set a positive | claudio | 2017-01-24 | 1 | -1/+101 |
| * | Change the return value of tls_config_set_protocols() and | jsing | 2016-11-11 | 1 | -5/+11 |
| * | Add support for server side OCSP stapling to libtls. | beck | 2016-11-05 | 1 | -1/+15 |
| * | Make the tls_keypair_new() function a valid prototype. | jsing | 2016-11-04 | 1 | -2/+2 |
| * | Avoid another signed vs unsigned comparison. | jsing | 2016-11-04 | 1 | -2/+6 |
| * | Add ocsp_require_stapling config option for tls - allows a connection | beck | 2016-11-04 | 1 | -1/+7 |
| * | Provide an API that enables server side SNI support - add the ability to | jsing | 2016-08-22 | 1 | -1/+57 |
| * | Avoid leaking memory if tls_config_set_alpn() is called multiple times | jsing | 2016-08-13 | 1 | -4/+5 |
| * | Load CA, certificate and key files into memory when the appropriate | jsing | 2016-08-13 | 1 | -13/+68 |
| * | Add ALPN support to libtls. | jsing | 2016-08-12 | 1 | -1/+68 |
| * | Revert previous since it adds new symbols. | jsing | 2016-08-02 | 1 | -69/+1 |
| * | Add ALPN support to libtls. | jsing | 2016-08-01 | 1 | -1/+69 |
| * | Split the existing TLS cipher suite groups into four: | jsing | 2016-07-13 | 1 | -3/+7 |
| * | Revert previous - it introduces problems with a common privsep use case. | jsing | 2016-07-07 | 1 | -68/+11 |
| * | Check that the given ciphers string is syntactically valid and results in | jsing | 2016-07-06 | 1 | -1/+17 |
| * | Always load CA, key and certificate files at the time the configuration | jsing | 2016-07-06 | 1 | -11/+68 |
| * | Rename some of the internal error setting functions to more closely follow | jsing | 2016-05-27 | 1 | -3/+3 |
| * | Avoid leaking ca_mem when freeing a tls_config. | jsing | 2016-05-27 | 1 | -1/+2 |
| * | Factor our the keypair handling in libtls. This results in more readable | jsing | 2016-04-28 | 1 | -14/+100 |
| * | Rework the error handling in libtls so that we can associate errors with | jsing | 2016-04-28 | 1 | -3/+15 |
| * | clean some ugly intendation warts | deraadt | 2015-09-29 | 1 | -2/+2 |
| * | Provide tls_config_insecure_noverifytime() in order to be able to disable | jsing | 2015-09-14 | 1 | -1/+8 |
| * | Add support for preferring the server's cipher list or the client's cipher | jsing | 2015-09-10 | 1 | -1/+15 |
| * | Indent labels with a space so that diff -p is more friendly. | jsing | 2015-09-09 | 1 | -2/+2 |
| * | Add client certificate support. Still needs a few tweaks but this will | beck | 2015-09-09 | 1 | -1/+13 |
| * | Rename tls_config_insecure_noverifyhost() to | jsing | 2015-02-22 | 1 | -6/+5 |
| * | Check return values when setting dheparams and ecdhecurve for the default | jsing | 2015-02-22 | 1 | -11/+14 |
| * | In the interests of being secure by default, make the default TLS ciphers | jsing | 2015-02-22 | 1 | -1/+13 |
