summaryrefslogtreecommitdiff
path: root/src/lib/libtls/tls_conninfo.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove memset that was made redundant with the ASN1_time_parse()tb2021-01-051-4/+1
| | | | | | fix in libcrypto/asn1/a_time_tm.c r1.16. Suggested by jsing
* Provide tls_conn_cipher_strength().jsing2019-11-021-1/+10
| | | | | | | | | This returns the strength in bits of the symmetric cipher used for the connection. Diff from gilles@ ok tb@
* Tidy/standardise some code.jsing2018-02-101-6/+3
|
* Remove NULL check from tls_conninfo_cert_pem() - all of the other conninfojsing2018-02-101-3/+1
| | | | functions require the conninfo passed in to be non-NULL.
* Add support to libtls for client-side TLS session resumption.jsing2018-02-101-1/+20
| | | | | | | | | | | | A libtls client can specify a session file descriptor (a regular file with appropriate ownership and permissions) and libtls will manage reading and writing of session data across TLS handshakes. Discussed at length with deraadt@ and tedu@. Rides previous minor bump. ok beck@
* Do not bother NULLing pointers in a struct that is about to be freed.jsing2018-02-081-10/+1
|
* Make the symbol for ASN1_time_tm_clamp_notafter visible so libtlsbeck2017-08-271-1/+5
| | | | | can get at it, so libtls can also deal with notafter's past the realm of 32 bit time in portable
* Add tls_peer_cert_chain_pem - To retreive the peer certificate and chainbeck2017-04-051-1/+51
| | | | | | | as PEM format. This allows for it to be used or examined with tools external to libtls bump minor ok jsing@
* Internal changes to allow for relayd engine privsep. sends the hash of thebeck2017-04-051-25/+7
| | | | | | public key as an identifier to RSA, and adds an function for relayd to use to disable private key checking when doing engine privsep. ok jsing@
* Avoid leaking conninfo servername.jsing2017-01-091-1/+3
| | | | Issue found by and fix from Shuo Chen <chenshuo at chenshuo dot com>.
* make public ASN1_time_parse and ASN1_time_tm_cmp to replace former hiddenbeck2016-11-041-3/+3
| | | | | | functions.. document with a man page. bump majors on libtls, libssl, libcrypto ok jsing@ guenther@
* Various clean up and reorganisation of the connection info handling code.jsing2016-08-221-58/+89
| | | | | | | | | In particular, rename tls_free_conninfo() to tls_conninfo_free() and make it a real free function. Rename tls_get_conninfo() to tls_conninfo_populate() and have it allocate the struct tls_conninfo (after freeing any existing one). ok beck@
* Provide an API that enables server side SNI support - add the ability tojsing2016-08-221-1/+14
| | | | | | | | provide additional keypairs (via tls_config_add_keypair_{file,mem}()) and allow the server to determine what servername the client requested (via tls_conn_servername()). ok beck@
* Fix some style(9) issues.jsing2016-08-151-3/+6
|
* Add ALPN support to libtls.jsing2016-08-121-1/+34
| | | | ok beck@ doug@
* Revert previous since it adds new symbols.jsing2016-08-021-34/+1
| | | | Requested by deraadt@
* Add ALPN support to libtls.jsing2016-08-011-1/+34
| | | | ok beck@ doug@
* Add tls_peer_cert_notbefore and tls_peer_cert_notafter to expose peer ↵beck2015-10-071-1/+35
| | | | | | | certificate validity times for tls connections. ok jsing@
* Allow us to get cipher and version even if there is not a peer certificate.beck2015-10-071-10/+15
| | | | ok doug@
* Explicit NULL checks and style(9) tweaks.jsing2015-09-281-7/+7
|
* add visibility of ciper and connection version stringsbeck2015-09-131-1/+27
| | | | ok jsing@
* Move connection info into it's own private structure allocated and filled inbeck2015-09-121-0/+149
at handshake time. change accessors to return const char * to remove need for caller to free memory. ok jsing@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 12:27:46 +0000