index
:
src
cvs/HEAD
kms/intel
kms/radeon
master
OpenBSD base system
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
lib
/
libtls
/
tls.c
Age
Commit message (
Expand
)
Author
2017-01-26
Use a flag to track when we need to call SSL_shutdown(). This avoids an
Joel Sing
2017-01-22
Disable session cache and tickets by default.
Claudio Jeker
2017-01-13
whitespace
Theo de Raadt
2017-01-03
If certificate verification has been disabled, do not attempt to load a
Joel Sing
2017-01-03
Revert previous - the original code was correct since X509_verify_cert()
Joel Sing
2017-01-02
fix cert verify. a cert with an alt chain may verify but leave an error
Ted Unangst
2016-12-26
Hook up a certificate verify callback so that we can set user friendly
Joel Sing
2016-11-05
rename ocsp_ctx to ocsp
Bob Beck
2016-11-03
Only set an error from libssl related code, if an error has not already
Joel Sing
2016-11-02
Add OCSP client side support to libtls.
Bob Beck
2016-09-04
Add callback-based interface to libtls.
Brent Cook
2016-08-22
Various clean up and reorganisation of the connection info handling code.
Joel Sing
2016-08-22
Create contexts for server side SNI - these include the additional SSL_CTX
Joel Sing
2016-08-15
Explicitly pass in an SSL_CTX * to the functions that operate on one,
Joel Sing
2016-08-13
Load CA, certificate and key files into memory when the appropriate
Joel Sing
2016-08-12
Add ALPN support to libtls.
Joel Sing
2016-08-02
Revert previous since it adds new symbols.
Joel Sing
2016-08-01
Add ALPN support to libtls.
Joel Sing
2016-07-07
Revert previous - it introduces problems with a common privsep use case.
Joel Sing
2016-07-06
Always load CA, key and certificate files at the time the configuration
Joel Sing
2016-07-06
Correctly handle an EOF that occurs prior to the TLS handshake completing.
Joel Sing
2016-05-27
Rename some of the internal error setting functions to more closely follow
Joel Sing
2016-04-28
Factor our the keypair handling in libtls. This results in more readable
Joel Sing
2016-04-28
Rework the error handling in libtls so that we can associate errors with
Joel Sing
2016-01-18
Call BIO_sock_init() from tls_init() to ensure sockets are enabled on Windows.
Brent Cook
2015-10-07
Allow us to get cipher and version even if there is not a peer certificate.
Bob Beck
2015-09-29
clean some ugly intendation warts
Theo de Raadt
2015-09-14
Provide tls_config_insecure_noverifytime() in order to be able to disable
Joel Sing
2015-09-14
Expose EOF without close-notify via tls_close().
Joel Sing
2015-09-14
Return an error if tls_handshake() or tls_close() is called on a context
Joel Sing
2015-09-13
work around the stupid semantics of SSL_read and SSL_write to make sure
Bob Beck
2015-09-13
Don't leak conninfo - spotted by marko kreen.
Bob Beck
2015-09-12
Move connection info into it's own private structure allocated and filled in
Bob Beck
2015-09-12
Ensure that we clear the libssl error stack before we make a function call
Joel Sing
2015-09-11
Store a reference to the peer certificate (if any) upon completion of the
Joel Sing
2015-09-10
Call tls_set_errorx() instead of tls_set_error() in
Joel Sing
2015-09-10
comment for errno clobbering, to indicate why we do this.
Bob Beck
2015-09-10
change TLS_READ_AGAIN to TLS_WANT_POLLIN and TLS_WRITE_AGAIN to TLS_WANT_POLLOUT
Bob Beck
2015-09-10
Change tls_read and tls_write semantics to return an ssize_t to better
Bob Beck
2015-09-10
Split tls_handshake() out from tls_accept/tls_connect. By doing this the
Joel Sing
2015-09-09
Indent labels with a space so that diff -p is more friendly.
Joel Sing
2015-09-09
Add client certificate support. Still needs a few tweaks but this will
Bob Beck
2015-09-09
always clear errno when coming back from tls_read tls_write, and tls_close.
Bob Beck
2015-09-09
nuke trailing whitespace
Bob Beck
2015-08-27
Improve libtls error messages.
Joel Sing
2015-08-27
Split the persistent/configuration flags from temporary state flags and
Joel Sing
2015-08-22
Make tls_read()/tls_write always set outlen to zero on error - this got
Joel Sing
2015-07-18
Set SSL_MODE_ENABLE_PARTIAL_WRITE and SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
Alexander Bluhm
2015-04-15
Treat SSL_ERROR_ZERO_RETURN as a success, rather than a failure. Also
Joel Sing
2015-04-15
Make tls_close() more robust - do not rely on a close notify being received
Joel Sing
[next]