summaryrefslogtreecommitdiff
path: root/src/lib/libtls (follow)
Commit message (Expand)AuthorAgeFilesLines
* Remove OpenSSL engine RSAX.doug2015-07-191-1/+1
* tweak previous; ok dougjmc2015-07-191-4/+4
* Crank the major of libtls: the behaviour of tls_write() has beenreyk2015-07-191-1/+1
* Add documentation on how to use TLS_{READ,WRITE}_AGAIN.doug2015-07-191-2/+29
* Set SSL_MODE_ENABLE_PARTIAL_WRITE and SSL_MODE_ACCEPT_MOVING_WRITE_BUFFERbluhm2015-07-181-1/+4
* Crank major for libcrypto, ssl and tls due to MDC-2DES removal.doug2015-06-201-2/+2
* Add standard headers, C++ support to tls.h.bcook2015-06-191-1/+12
* Link ssl and crypto via BSDOBJDIR, works with native and cross buildstobiasu2015-06-051-3/+3
* Record inter-library dependencies between libcrypto, libssl and libtlskettenis2015-05-171-1/+4
* Reject dNSName of " " for subjectAltName extension.doug2015-04-291-1/+20
* Treat SSL_ERROR_ZERO_RETURN as a success, rather than a failure. Alsojsing2015-04-151-5/+6
* Make tls_close() more robust - do not rely on a close notify being receivedjsing2015-04-151-13/+17
* comma fix;jmc2015-04-031-3/+3
* Handle the case where multiple calls to SSL_shutdown() are required tojsing2015-04-022-8/+14
* Correct man page title.jsing2015-04-021-2/+2
* Document the fact that the tls_accept_*() functions can returnjsing2015-04-021-7/+11
* Bump libtls minor due to API addition.jsing2015-03-311-1/+1
* Provide a tls_accept_fds() function, which allows a TLS connection to bejsing2015-03-314-9/+39
* Store errors that occur during a tls_accept_socket() call on the contextjsing2015-03-314-11/+12
* free the server certificate in tls_connect_fds(); fixes a memory leak withsthen2015-03-211-1/+2
* Prefix function parameter names with underscores in tls.h, since this makesjsing2015-02-261-42/+44
* Bump libtls major due to symbol removal.jsing2015-02-221-3/+2
* Rename tls_config_insecure_noverifyhost() tojsing2015-02-224-21/+20
* Check return values when setting dheparams and ecdhecurve for the defaultjsing2015-02-221-11/+14
* In the interests of being secure by default, make the default TLS ciphersjsing2015-02-222-2/+17
* explain how tls_accept_socket works.tedu2015-02-211-2/+9
* tls_config_set_protocols is really void. Greg Martin.tedu2015-02-211-3/+3
* fill out docs a bit more, notably the read/write again behaviors.tedu2015-02-211-3/+27
* s/tls_load_keys/tls_load_file/jsing2015-02-151-2/+2
* Document tls_config_parse_protocols() and update documentation forjsing2015-02-152-5/+27
* bump minor for TLS_PROTOCOLS_ALL. OK jsing@reyk2015-02-121-1/+1
* Add a tls_config_parse_protocols() function that allows a protocols stringjsing2015-02-122-2/+63
* Fix handling of "legacy" mode for tls_config_set_dheparams().jsing2015-02-121-2/+2
* Change TLS_PROTOCOLS_DEFAULT to be TLSv1.2 only. Add a TLS_PROTOCOLS_ALLjsing2015-02-121-2/+4
* Provide a tls_connect_servername() function that has the same behaviourjsing2015-02-114-6/+27
* Be consistent with naming - only use "host" and "hostname" when referringjsing2015-02-116-60/+61
* When parsing the host in tls_connect(), first check if it is a numericreyk2015-02-091-29/+49
* Use the AI_ADDRCONFIG flag in tls_connect(). This tells the resolverreyk2015-02-081-1/+2
* Added tls_load_file()reyk2015-02-071-1/+2
* Add manpage bits for tls_load_file() and tls_accept_socket().reyk2015-02-072-2/+28
* Add tls_load_file() as a helper to load certificates or encrypted keysreyk2015-02-072-2/+92
* Convert tls_connect_fds() and tls_accept_socket() to the new OpenSSL errorjsing2015-02-074-26/+16
* Add tls_config_set_dheparams() to allow specification of the parameters tojsing2015-02-077-22/+53
* Attempt to implement the OpenSSL error dance so that TLS read/writejsing2015-02-071-29/+61
* Rename SSL_CTX_use_certificate_chain() to SSL_CTX_use_certificate_chain_mem().reyk2015-02-061-2/+2
* Make the TLS connect and accept error messages consistent.bluhm2015-01-302-5/+4
* last entry in NAME should not have a trailing comma;jmc2015-01-221-2/+2
* Add MLINK for tls_config_set_ca_mem()reyk2015-01-221-1/+2
* Allow to to load the CA chain directly from memory instead ofreyk2015-01-226-8/+39
* The SSL/TLS session Id context is limited to 32 bytes. Instead ofreyk2015-01-161-1/+13