| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
as tls_connect(), however allows the name to use for verification to be
explicitly provided, rather than being inferred from the host value.
Requested by reyk@
ok reyk@ tedu@
|
| |
|
|
|
|
|
|
|
|
| |
to an actual host and use "servername" when referring to the name of the
TLS server that we expect to be indentified in the server certificate.
Likewise, rename verify_host to verify_name and use the term "name"
throughout the verification code (rather than host or hostname).
Requested by and ok tedu@
|
| |
|
|
|
|
|
|
| |
The tls_accept_socket() has been previously removed because the API is
not fixed yet; but it is also already used by httpd(8) and spamd(8) so
it is time to add it again and eventually change it later.
OK tedu@
|
| |
|
|
|
|
|
|
|
| |
use for DHE. This enables the use of DHE cipher suites.
Rename tls_config_set_ecdhcurve() to tls_config_set_ecdhecurve() since it
is only used to specify the curve for ephemeral ECDH.
Discussed with reyk@
|
| | |
|
| |
|
|
|
|
|
|
| |
specifying a file. This enables CA verification in privsep'ed
processes that are running chroot'ed without direct access to the
certificate files.
With feedback, tests, and OK from bluhm@
|
| |
|
|
|
| |
because the API design isn't fully settled.
Requested by jsing@ and tedu@.
|
| |
|
|
| |
patch from Sunil at Nimmagadda dot net
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
established using a pair of existing file descriptors.
Based on a diff/request from Jan Klemkow.
Rides previous libtls rename/library bump.
Discussed with tedu@.
|
|
|
distinguish between LibreSSL (the project) and libressl (the library).
Discussed with many.
|
