| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | Bump libcrypto/libssl/libtls majors due to libcrypto symbol removal and | jsing | 2016-12-21 | 1 | -1/+1 | |
| | | | | | changes to libssl non-opaque structs. | |||||
| * | Bump TLS_API due to recent feature additions and changes. | jsing | 2016-11-11 | 1 | -2/+2 | |
| | | ||||||
| * | Change the return value of tls_config_set_protocols() and | jsing | 2016-11-11 | 3 | -12/+18 | |
| | | | | | | | | | | | tls_config_set_verify_depth() from void to int. This makes them consistent with all other tls_config_set_* functions and will allow for call time validation to be implemented. Rides libtls major bump. ok beck@ | |||||
| * | Disable ec assembly for amd64 pending fixes for ssh, and bump | beck | 2016-11-11 | 1 | -2/+2 | |
| | | | | | majors appropriately | |||||
| * | Set the callback on the correct ssl_ctx for the SNI case, instead of | beck | 2016-11-06 | 1 | -2/+2 | |
| | | | | | | the master only. ok jsing@ | |||||
| * | fix misplaced quote by tls_peer_ocsp_this_update | bcook | 2016-11-05 | 1 | -2/+2 | |
| | | ||||||
| * | tweak previous; | jmc | 2016-11-05 | 1 | -6/+6 | |
| | | ||||||
| * | bump minors for symbol addition for ocsp and x25519 symbol additions | beck | 2016-11-05 | 1 | -1/+1 | |
| | | ||||||
| * | Add support for server side OCSP stapling to libtls. | beck | 2016-11-05 | 7 | -12/+79 | |
| | | | | | Add support for server side OCSP stapling to netcat. | |||||
| * | rename ocsp_ctx to ocsp | beck | 2016-11-05 | 3 | -68/+68 | |
| | | | | | ok jsing@ | |||||
| * | Remove generated Symbols.map on make clean. | jsing | 2016-11-05 | 1 | -1/+3 | |
| | | | | | ok guenther@ | |||||
| * | Build with WARNINGS=Yes. | jsing | 2016-11-04 | 1 | -1/+3 | |
| | | ||||||
| * | Avoid shadowing the socket global. | jsing | 2016-11-04 | 1 | -3/+3 | |
| | | | | | ok miod@ | |||||
| * | Make the tls_keypair_new() function a valid prototype. | jsing | 2016-11-04 | 1 | -2/+2 | |
| | | ||||||
| * | Avoid another signed vs unsigned comparison. | jsing | 2016-11-04 | 1 | -2/+6 | |
| | | | | | ok miod@ | |||||
| * | Add an explict list of exported symbols with just the functions declared | guenther | 2016-11-04 | 3 | -2/+85 | |
| | | | | | | | | in <tls.h>, and use __{BEGIN,END}_HIDDEN_DECLS in tls_internal.h to optimize internal functions ok jsing@ | |||||
| * | make public ASN1_time_parse and ASN1_time_tm_cmp to replace former hidden | beck | 2016-11-04 | 4 | -10/+7 | |
| | | | | | | | functions.. document with a man page. bump majors on libtls, libssl, libcrypto ok jsing@ guenther@ | |||||
| * | Address some signed vs unsigned warnings and check that an integer value | jsing | 2016-11-04 | 1 | -4/+14 | |
| | | | | | | | | | | is positive before passing it to several functions as a size_t. Additionally, in tls_load_file() there is not much point using calloc(), when we're immediately reading into the buffer (having an extra byte for NUL termination seems pointless given the API). ok beck@ miod@ | |||||
| * | Assign and test, as is consistent with the rest of the libtls code. | jsing | 2016-11-04 | 1 | -7/+4 | |
| | | ||||||
| * | Use a consistent name for struct bio_cb * variables. | jsing | 2016-11-04 | 1 | -6/+6 | |
| | | ||||||
| * | Rename struct bio_cb_st to struct bio_cb. | jsing | 2016-11-04 | 1 | -8/+8 | |
| | | ||||||
| * | Do not cast a pointer to a struct, to a char * when assigning to a void *. | jsing | 2016-11-04 | 1 | -2/+2 | |
| | | ||||||
| * | Use a consistent name for a BIO *, rather than having four different names | jsing | 2016-11-04 | 1 | -49/+51 | |
| | | | | | in the same file. | |||||
| * | Avoid signed vs unsigned comparisons. | jsing | 2016-11-04 | 1 | -3/+4 | |
| | | | | | ok miod@ | |||||
| * | There's not much point having three static functions that do a cast and | jsing | 2016-11-04 | 1 | -33/+6 | |
| | | | | | | assign a pointer, when we can just inline the three and do one cast followed by three pointer assignments. | |||||
| * | Do not mix declarations and code. | jsing | 2016-11-04 | 1 | -3/+7 | |
| | | ||||||
| * | Rename the internal bio related functions so that they have a common | jsing | 2016-11-04 | 1 | -22/+22 | |
| | | | | | prefix. Makes the code more readable and removes shadowing. | |||||
| * | There's not much point in casting a void * to a specific type just before | jsing | 2016-11-04 | 1 | -4/+2 | |
| | | | | | | | calling free(). ok beck@ ingo@ | |||||
| * | bump minor for ocsp_require_stapling addition | beck | 2016-11-04 | 1 | -1/+1 | |
| | | ||||||
| * | Add ocsp_require_stapling config option for tls - allows a connection | beck | 2016-11-04 | 5 | -6/+25 | |
| | | | | | | | to indicate that it requires the peer to provide a stapled OCSP response with the handshake. Provide a "-T muststaple" for nc that uses it. ok jsing@, guenther@ | |||||
| * | Don't do OCSP validation when we have disabled certificate verification | beck | 2016-11-03 | 2 | -5/+8 | |
| | | | | | | or certificate validation. ok jsing@ | |||||
| * | Only set an error from libssl related code, if an error has not already | jsing | 2016-11-03 | 2 | -7/+47 | |
| | | | | | | | | | been set by libtls code. This avoids the situation where a libtls callback has set an error, only to have it replaced by a less useful libssl based error. ok beck@ | |||||
| * | Fix handshake failures: | beck | 2016-11-03 | 1 | -20/+26 | |
| | | | | | | split out internals of OCSP verification to allow callback to verify before TLS handshake is complete | |||||
| * | bit more cleanup; | jmc | 2016-11-02 | 1 | -9/+9 | |
| | | ||||||
| * | fix shadow declaration of time in parameter list. | beck | 2016-11-02 | 1 | -2/+2 | |
| | | | | | ok jsing@ | |||||
| * | Ensure handshake is complete before processing an ocsp response for a ctx | beck | 2016-11-02 | 1 | -0/+3 | |
| | | | | | ok jsing@ | |||||
| * | tweak previous; | jmc | 2016-11-02 | 1 | -32/+26 | |
| | | ||||||
| * | bump minor for ocsp api additions | beck | 2016-11-02 | 1 | -1/+1 | |
| | | ||||||
| * | Add OCSP client side support to libtls. | beck | 2016-11-02 | 7 | -8/+604 | |
| | | | | | | | | | | | | | | - Provide access to certificate OCSP URL - Provide ability to check a raw OCSP reply against an established TLS ctx - Check and validate OCSP stapling info in the TLS handshake if a stapled OCSP response is provided.` Add example code to show OCSP URL and stapled info into netcat. ok jsing@ | |||||
| * | use the same type for buf as the return type in tls_load_file | bcook | 2016-10-03 | 1 | -2/+3 | |
| | | | | | ok tedu@, noted by kinichiro | |||||
| * | Update ld search path for libssl/libcrypto, fixes cross-build after source ↵ | bcook | 2016-09-19 | 1 | -3/+3 | |
| | | | | | | | moved. from Patrick Wildt | |||||
| * | Set callbacks on the right tls ctx on accept. | bcook | 2016-09-14 | 1 | -2/+2 | |
| | | | | | From Tobias Pape | |||||
| * | Handle the FLUSH BIO cntl, that happens at the end of SSL handshakes. | bcook | 2016-09-14 | 1 | -1/+2 | |
| | | | | | from Tobias Pape | |||||
| * | Allow callback read/write functions to set TLS_WANT_POLLOUT/POLLIN. | bcook | 2016-09-14 | 1 | -3/+21 | |
| | | | | | from Tobias Pape | |||||
| * | add a little more typing to the first callback argument. | tedu | 2016-09-13 | 2 | -7/+7 | |
| | | | | | it's always a tls context. | |||||
| * | minor tweaks; | jmc | 2016-09-04 | 1 | -7/+7 | |
| | | ||||||
| * | Bump TLS_API for addition of callbacks. | jsing | 2016-09-04 | 1 | -2/+2 | |
| | | ||||||
| * | Maintain consistency with function naming. | jsing | 2016-09-04 | 2 | -8/+8 | |
| | | ||||||
| * | Sort headers and use the installed tls.h, rather than the local one. | jsing | 2016-09-04 | 1 | -5/+5 | |
| | | ||||||
| * | $OpenBSD$ tag | jsing | 2016-09-04 | 1 | -1/+1 | |
| | | ||||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |