| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
added associated to a keypair used for SNI, and are usable for more than
just the "main" certificate. Modify httpd to use this.
Bump libtls minor.
ok jsing@
|
| |
|
|
|
|
|
| |
so that it does not send back bogus staples when SNI is in use.
(Further change is required to be able to use staples on all keypairs
and not just the main one)
ok jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
lifetime with tls_config_set_session_lifetime(). This enables tickets
and uses an internal automatic rekeying mode for the ticket keys.
If multiple processes are involved the following functions can be used to make
tickets work accross all instances:
- tls_config_set_session_id() sets the session identifier
- tls_config_add_ticket_key() adds an encryption and authentication key
For now only the last 4 keys added will be used (unless they are too old).
If tls_config_add_ticket_key() is used the caller must ensure to add new keys
regularly. It is best to do this 4 times per session lifetime (which is also
the ticket key lifetime).
Since tickets break PFS it is best to minimize the session lifetime according
to needs.
With a lot of help, input and OK beck@, jsing@
|
| |
|
|
|
|
|
|
|
|
| |
tls_config_set_verify_depth() from void to int. This makes them consistent
with all other tls_config_set_* functions and will allow for call time
validation to be implemented.
Rides libtls major bump.
ok beck@
|
| |
|
|
| |
Add support for server side OCSP stapling to netcat.
|
| | |
|
| |
|
|
| |
ok miod@
|
| |
|
|
|
|
| |
to indicate that it requires the peer to provide a stapled OCSP response
with the handshake. Provide a "-T muststaple" for nc that uses it.
ok jsing@, guenther@
|
| |
|
|
|
|
|
|
| |
provide additional keypairs (via tls_config_add_keypair_{file,mem}()) and
allow the server to determine what servername the client requested (via
tls_conn_servername()).
ok beck@
|
| |
|
|
| |
(this was in the original commit, but got reverted in the recommit).
|
| |
|
|
|
|
|
|
|
|
| |
tls_config_set_*_file() function is called. This allows us to immediately
propagate useful error messages, play more nicely with privsep/pledge and
have a single code path. Instead of always loading the default CA when
tls_config_new() is called, defer and only load the default CA when
tls_configure() is invoked, if a CA has not already been specified.
ok beck@ bluhm@
|
| |
|
|
| |
ok beck@ doug@
|
| |
|
|
| |
Requested by deraadt@
|
| |
|
|
| |
ok beck@ doug@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
"secure" (TLSv1.2+AEAD+PFS)
"compat" (HIGH:!aNULL)
"legacy" (HIGH:MEDIUM:!aNULL)
"insecure" (ALL:!aNULL:!eNULL)
This allows for flexibility and finer grained control, rather than having
two extremes (an issue raised by Marko Kreen some time ago).
ok beck@ tedu@
|
| | |
|
| |
|
|
|
|
| |
at least one matching cipher suite.
ok doug@
|
| |
|
|
|
|
|
|
|
|
| |
function is called. This simplifies code and results in a single memory
based code path being used to provide data to libssl. Errors that occur
when accessing the specified file are now detected and propagated
immediately. Since the file access now occurs when the configuration
function is called, we now play nicely with privsep/pledge.
ok beck@ bluhm@ doug@
|
| |
|
|
|
|
| |
existing naming standards. Also provide functions for setting a struct
tls_error * directly (rather than having to have a struct tls * or a
struct tls_config *).
|
| | |
|
| |
|
|
|
|
|
|
|
| |
and self-contained code, while preparing for the ability to handle
multiple keypairs. Also provide two additional functions that allow
a public certificate and private key to be set with a single function
call.
ok beck@
|
| |
|
|
|
|
|
|
|
|
|
| |
both configuration and contexts. This allows us to propagate errors that
occur during configuration, rather than either just failing with no reason
or delaying the failure until it can be propagated via the tls context.
Also provide a tls_config_error() function for retrieving the last error
from a tls_config *.
ok bcook@
|
| | |
|
| |
|
|
|
|
| |
certificate validity checking.
ok beck@
|
| |
|
|
|
|
|
|
| |
list. Prefer the server's cipher list by default.
Based on a diff from Kyle Thompson <jmp at giga dot moe>.
ok beck@ bcook@
|
| |
|
|
| |
Requested by bluhm@
|
| |
|
|
|
| |
ride upcoming minor bump
ok jsing@
|
| |
|
|
|
|
|
| |
tls_config_insecure_noverifyname(), so that it is more accurate and keeps
inline with the distinction between DNS hostname and server name.
Requested by tedu@ during s2k15.
|
| |
|
|
| |
configuration.
|
| |
|
|
|
|
|
| |
be those that are TLSv1.2 with AEAD and PFS. Provide a "compat" mode that
allows the previous default ciphers to be selected.
Discussed with tedu@ during s2k15.
|
| |
|
|
|
|
|
|
|
| |
to be converted into a libtls protocols value. This allows for things like:
"tlsv1.0,tlsv1.1" (TLSv1.0 and TLSv1.1)
"all,!tlsv1.0" (all protocols except TLSv1.0)
Discussed with tedu@ and reyk@
|
| |
|
|
| |
Found by reyk@
|
| |
|
|
|
|
|
|
|
|
| |
to an actual host and use "servername" when referring to the name of the
TLS server that we expect to be indentified in the server certificate.
Likewise, rename verify_host to verify_name and use the term "name"
throughout the verification code (rather than host or hostname).
Requested by and ok tedu@
|
| |
|
|
|
|
|
|
|
| |
use for DHE. This enables the use of DHE cipher suites.
Rename tls_config_set_ecdhcurve() to tls_config_set_ecdhecurve() since it
is only used to specify the curve for ephemeral ECDH.
Discussed with reyk@
|
| |
|
|
|
|
|
|
| |
specifying a file. This enables CA verification in privsep'ed
processes that are running chroot'ed without direct access to the
certificate files.
With feedback, tests, and OK from bluhm@
|
|
|
distinguish between LibreSSL (the project) and libressl (the library).
Discussed with many.
|
