summaryrefslogtreecommitdiff
path: root/lib/libtls/tls.c
AgeCommit message (Expand)Author
2017-08-09Don't use tls_cert_hash for the hashing used by the engine offloading magicClaudio Jeker
2017-07-06Add support for providing CRLs to libtls - once a CRL is provided weJoel Sing
2017-06-22Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so thatJoel Sing
2017-06-22Fix incorrect indentation.Joel Sing
2017-06-22Plug a memory leak in tls_keypair_cert_hash(), introduced in r1.60.Joel Sing
2017-06-22Remove dead code that has remained hiding since ressl.c r1.14!Joel Sing
2017-05-07Return an error if tls_handshake() is called on a TLS context that hasJoel Sing
2017-05-06Perform reference counting for tls_config. This allows tls_config_free() toJoel Sing
2017-04-05Add tls_peer_cert_chain_pem - To retreive the peer certificate and chainBob Beck
2017-04-05Internal changes to allow for relayd engine privsep. sends the hash of theBob Beck
2017-01-26Use a flag to track when we need to call SSL_shutdown(). This avoids anJoel Sing
2017-01-22Disable session cache and tickets by default.Claudio Jeker
2017-01-13whitespaceTheo de Raadt
2017-01-03If certificate verification has been disabled, do not attempt to load aJoel Sing
2017-01-03Revert previous - the original code was correct since X509_verify_cert()Joel Sing
2017-01-02fix cert verify. a cert with an alt chain may verify but leave an errorTed Unangst
2016-12-26Hook up a certificate verify callback so that we can set user friendlyJoel Sing
2016-11-05rename ocsp_ctx to ocspBob Beck
2016-11-03Only set an error from libssl related code, if an error has not alreadyJoel Sing
2016-11-02Add OCSP client side support to libtls.Bob Beck
2016-09-04Add callback-based interface to libtls.Brent Cook
2016-08-22Various clean up and reorganisation of the connection info handling code.Joel Sing
2016-08-22Create contexts for server side SNI - these include the additional SSL_CTXJoel Sing
2016-08-15Explicitly pass in an SSL_CTX * to the functions that operate on one,Joel Sing
2016-08-13Load CA, certificate and key files into memory when the appropriateJoel Sing
2016-08-12Add ALPN support to libtls.Joel Sing
2016-08-02Revert previous since it adds new symbols.Joel Sing
2016-08-01Add ALPN support to libtls.Joel Sing
2016-07-07Revert previous - it introduces problems with a common privsep use case.Joel Sing
2016-07-06Always load CA, key and certificate files at the time the configurationJoel Sing
2016-07-06Correctly handle an EOF that occurs prior to the TLS handshake completing.Joel Sing
2016-05-27Rename some of the internal error setting functions to more closely followJoel Sing
2016-04-28Factor our the keypair handling in libtls. This results in more readableJoel Sing
2016-04-28Rework the error handling in libtls so that we can associate errors withJoel Sing
2016-01-18Call BIO_sock_init() from tls_init() to ensure sockets are enabled on Windows.Brent Cook
2015-10-07Allow us to get cipher and version even if there is not a peer certificate.Bob Beck
2015-09-29clean some ugly intendation wartsTheo de Raadt
2015-09-14Provide tls_config_insecure_noverifytime() in order to be able to disableJoel Sing
2015-09-14Expose EOF without close-notify via tls_close().Joel Sing
2015-09-14Return an error if tls_handshake() or tls_close() is called on a contextJoel Sing
2015-09-13work around the stupid semantics of SSL_read and SSL_write to make sureBob Beck
2015-09-13Don't leak conninfo - spotted by marko kreen.Bob Beck
2015-09-12Move connection info into it's own private structure allocated and filled inBob Beck
2015-09-12Ensure that we clear the libssl error stack before we make a function callJoel Sing
2015-09-11Store a reference to the peer certificate (if any) upon completion of theJoel Sing
2015-09-10Call tls_set_errorx() instead of tls_set_error() inJoel Sing
2015-09-10comment for errno clobbering, to indicate why we do this.Bob Beck
2015-09-10change TLS_READ_AGAIN to TLS_WANT_POLLIN and TLS_WRITE_AGAIN to TLS_WANT_POLLOUTBob Beck
2015-09-10Change tls_read and tls_write semantics to return an ssize_t to betterBob Beck
2015-09-10Split tls_handshake() out from tls_accept/tls_connect. By doing this theJoel Sing
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-03 13:04:10 +0000