summaryrefslogtreecommitdiff
path: root/src/lib/libtls/tls_server.c (follow)
Commit message (Expand)AuthorAgeFilesLines
* Add TLS_ERROR_INVALID_CONTEXT error code to libtlsjoshua2024-03-261-3/+4
* Add error code support to libtlsjoshua2024-03-261-20/+34
* add missing #include <string.h>; ok tb@op2023-05-141-1/+3
* Check function return value in libtlsinoguchi2022-01-191-9/+21
* Use SSL_AD_INTERNAL_ERRORtb2021-06-141-2/+2
* Remove unnecessary cast in free.tb2021-06-011-2/+2
* Acquire mutex before incrementing the refcount. Fixes COV-186144bcook2019-05-131-1/+3
* Automatically handle library initialisation for libtls.jsing2018-03-191-1/+4
* Split keypair handling out into its own file - it had already appearedjsing2018-02-081-38/+1
* Keep track of which keypair is in use by a TLS context.jsing2017-09-201-1/+5
* Add a tls_config_set_ecdhecurves() function to libtls, which allows thejsing2017-08-101-11/+5
* RFC 6066 states that IP literals are not permitted in "HostName" for ajsing2017-07-051-3/+9
* Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so thatjsing2017-06-221-2/+3
* Use the standard `rv' idiom in tls_keypair_load_cert(), rather thanjsing2017-06-221-5/+4
* Perform reference counting for tls_config. This allows tls_config_free() tojsing2017-05-061-1/+3
* Rework name verification code so that a match is indicated via an argument,jsing2017-04-101-3/+8
* Disable client-initiated renegotiation for libtls servers.jsing2017-01-311-1/+3
* Use a flag to track when we need to call SSL_shutdown(). This avoids anjsing2017-01-261-1/+3
* Introduce ticket support. To enable them it is enough to set a positiveclaudio2017-01-241-10/+86
* If tls_set_cbs() fails an error will already be specified, so do notjsing2017-01-121-4/+2
* Set the callback on the correct ssl_ctx for the SNI case, instead ofbeck2016-11-061-2/+2
* Add support for server side OCSP stapling to libtls.beck2016-11-051-1/+7
* Avoid shadowing the socket global.jsing2016-11-041-3/+3
* Set callbacks on the right tls ctx on accept.bcook2016-09-141-2/+2
* Maintain consistency with function naming.jsing2016-09-041-4/+4
* Add callback-based interface to libtls.bcook2016-09-041-10/+50
* Create contexts for server side SNI - these include the additional SSL_CTXjsing2016-08-221-1/+133
* Split out the TLS server SSL_CTX allocation and configuration code, sojsing2016-08-181-19/+37
* Explicitly pass in an SSL_CTX * to the functions that operate on one,jsing2016-08-151-4/+5
* Add ALPN support to libtls.jsing2016-08-121-1/+19
* Revert previous since it adds new symbols.jsing2016-08-021-19/+1
* Add ALPN support to libtls.jsing2016-08-011-1/+19
* Factor our the keypair handling in libtls. This results in more readablejsing2016-04-281-2/+2
* clean some ugly intendation wartsderaadt2015-09-291-3/+3
* Ensure that we clear the libssl error stack before we make a function calljsing2015-09-121-1/+3
* actually set return value to 0 on success.beck2015-09-111-1/+2
* Split tls_handshake() out from tls_accept/tls_connect. By doing this thejsing2015-09-101-30/+46
* Add support for preferring the server's cipher list or the client's cipherjsing2015-09-101-1/+5
* Indent labels with a space so that diff -p is more friendly.jsing2015-09-091-3/+3
* Add client certificate support. Still needs a few tweaks but this willbeck2015-09-091-2/+9
* Only take ownership of a socket if we allocated it within libtls. If we arejsing2015-09-091-8/+2
* Improve libtls error messages.jsing2015-08-271-9/+9
* Unify error message between client and server.jsing2015-08-221-2/+2
* SSL_set_app_data is a macro for SSL_set_ex_data(), which is a wrapperjsing2015-08-221-3/+5
* Provide a tls_accept_fds() function, which allows a TLS connection to bejsing2015-03-311-5/+16
* Store errors that occur during a tls_accept_socket() call on the contextjsing2015-03-311-2/+2
* Convert tls_connect_fds() and tls_accept_socket() to the new OpenSSL errorjsing2015-02-071-11/+6
* Add tls_config_set_dheparams() to allow specification of the parameters tojsing2015-02-071-5/+10
* Make the TLS connect and accept error messages consistent.bluhm2015-01-301-3/+2
* The SSL/TLS session Id context is limited to 32 bytes. Instead ofreyk2015-01-161-1/+13