summaryrefslogtreecommitdiff
path: root/src/lib/libtls/tls_server.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Provide a tls_accept_fds() function, which allows a TLS connection to bejsing2015-03-311-5/+16
| | | | | | accepted via an existing pair of file descriptors. Based on a diff from Jan Klemkow.
* Store errors that occur during a tls_accept_socket() call on the contextjsing2015-03-311-2/+2
| | | | | | | for the server, rather than on the context for the connection. This makes more sense than the current behaviour does. Issue reported by Tim van der Molen.
* Convert tls_connect_fds() and tls_accept_socket() to the new OpenSSL errorjsing2015-02-071-11/+6
| | | | | | | dance handling code. This means that we get slightly useful messages when a TLS connection or accept fails. Requested by reyk@
* Add tls_config_set_dheparams() to allow specification of the parameters tojsing2015-02-071-5/+10
| | | | | | | | | use for DHE. This enables the use of DHE cipher suites. Rename tls_config_set_ecdhcurve() to tls_config_set_ecdhecurve() since it is only used to specify the curve for ephemeral ECDH. Discussed with reyk@
* Make the TLS connect and accept error messages consistent.bluhm2015-01-301-3/+2
| | | | OK jsing@
* The SSL/TLS session Id context is limited to 32 bytes. Instead ofreyk2015-01-161-1/+13
| | | | | | | | using the name of relayd relay or smtpd pki, use a 32 byte arc4random buffer that should be unique for the context. This fixes an issue in OpenSMTPD when a long pki name could break the configuration. OK gilles@ benno@
* Rename libressl to libtls to avoid confusion and to make it easier tojsing2014-10-311-0/+134
distinguish between LibreSSL (the project) and libressl (the library). Discussed with many.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 06:08:20 +0000