| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
so that it does not send back bogus staples when SNI is in use.
(Further change is required to be able to use staples on all keypairs
and not just the main one)
ok jsing@
|
| |
|
|
| |
ok jmc@
|
| |
|
|
| |
Add support for server side OCSP stapling to netcat.
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
| |
functions.. document with a man page.
bump majors on libtls, libssl, libcrypto
ok jsing@ guenther@
|
| |
|
|
|
|
| |
to indicate that it requires the peer to provide a stapled OCSP response
with the handshake. Provide a "-T muststaple" for nc that uses it.
ok jsing@, guenther@
|
| |
|
|
|
| |
or certificate validation.
ok jsing@
|
| |
|
|
|
| |
split out internals of OCSP verification to allow callback
to verify before TLS handshake is complete
|
| |
|
|
| |
ok jsing@
|
| |
|
|
| |
ok jsing@
|
|
|
- Provide access to certificate OCSP URL
- Provide ability to check a raw OCSP reply against an
established TLS ctx
- Check and validate OCSP stapling info in the TLS handshake
if a stapled OCSP response is provided.`
Add example code to show OCSP URL and stapled info
into netcat.
ok jsing@
|
