| Age | Commit message (Expand) | Author |
|---|
| 2018-11-29 | expose the default cert file as a function, not a define. it's really | Ted Unangst |
| 2018-11-06 | Define TLS_CA_CERT_FILE rather than having every application create their | Joel Sing |
| 2018-04-07 | Switch to OPENSSL_init_ssl() and prevent an openssl configuration file from | Joel Sing |
| 2018-03-19 | Automatically handle library initialisation for libtls. | Joel Sing |
| 2018-03-08 | un-revert tls_init pthread_once change, now that stub is added so that builds... | Bob Beck |
| 2018-03-07 | backout. diff was not tested comprehensively, resulting in a broken tree. | Theo de Raadt |
| 2018-03-07 | Make tls_init() concurrently callable using pthread_once(). | Bob Beck |
| 2018-02-10 | Move the keypair pubkey hash handling code to during config. | Joel Sing |
| 2018-02-08 | Have tls_keypair_pubkey_hash() call tls_keypair_load_cert() instead of | Joel Sing |
| 2018-02-08 | Move tls_keypair_pubkey_hash() to the keypair file. | Joel Sing |
| 2018-02-08 | Avoid a memory leak that results when the same tls_config is reused. | Joel Sing |
| 2017-09-20 | Keep track of which keypair is in use by a TLS context. | Joel Sing |
| 2017-08-28 | Fix unchecked return nit | Bob Beck |
| 2017-08-09 | Don't use tls_cert_hash for the hashing used by the engine offloading magic | Claudio Jeker |
| 2017-07-06 | Add support for providing CRLs to libtls - once a CRL is provided we | Joel Sing |
| 2017-06-22 | Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so that | Joel Sing |
| 2017-06-22 | Fix incorrect indentation. | Joel Sing |
| 2017-06-22 | Plug a memory leak in tls_keypair_cert_hash(), introduced in r1.60. | Joel Sing |
| 2017-06-22 | Remove dead code that has remained hiding since ressl.c r1.14! | Joel Sing |
| 2017-05-07 | Return an error if tls_handshake() is called on a TLS context that has | Joel Sing |
| 2017-05-06 | Perform reference counting for tls_config. This allows tls_config_free() to | Joel Sing |
| 2017-04-05 | Add tls_peer_cert_chain_pem - To retreive the peer certificate and chain | Bob Beck |
| 2017-04-05 | Internal changes to allow for relayd engine privsep. sends the hash of the | Bob Beck |
| 2017-01-26 | Use a flag to track when we need to call SSL_shutdown(). This avoids an | Joel Sing |
| 2017-01-22 | Disable session cache and tickets by default. | Claudio Jeker |
| 2017-01-13 | whitespace | Theo de Raadt |
| 2017-01-03 | If certificate verification has been disabled, do not attempt to load a | Joel Sing |
| 2017-01-03 | Revert previous - the original code was correct since X509_verify_cert() | Joel Sing |
| 2017-01-02 | fix cert verify. a cert with an alt chain may verify but leave an error | Ted Unangst |
| 2016-12-26 | Hook up a certificate verify callback so that we can set user friendly | Joel Sing |
| 2016-11-05 | rename ocsp_ctx to ocsp | Bob Beck |
| 2016-11-03 | Only set an error from libssl related code, if an error has not already | Joel Sing |
| 2016-11-02 | Add OCSP client side support to libtls. | Bob Beck |
| 2016-09-04 | Add callback-based interface to libtls. | Brent Cook |
| 2016-08-22 | Various clean up and reorganisation of the connection info handling code. | Joel Sing |
| 2016-08-22 | Create contexts for server side SNI - these include the additional SSL_CTX | Joel Sing |
| 2016-08-15 | Explicitly pass in an SSL_CTX * to the functions that operate on one, | Joel Sing |
| 2016-08-13 | Load CA, certificate and key files into memory when the appropriate | Joel Sing |
| 2016-08-12 | Add ALPN support to libtls. | Joel Sing |
| 2016-08-02 | Revert previous since it adds new symbols. | Joel Sing |
| 2016-08-01 | Add ALPN support to libtls. | Joel Sing |
| 2016-07-07 | Revert previous - it introduces problems with a common privsep use case. | Joel Sing |
| 2016-07-06 | Always load CA, key and certificate files at the time the configuration | Joel Sing |
| 2016-07-06 | Correctly handle an EOF that occurs prior to the TLS handshake completing. | Joel Sing |
| 2016-05-27 | Rename some of the internal error setting functions to more closely follow | Joel Sing |
| 2016-04-28 | Factor our the keypair handling in libtls. This results in more readable | Joel Sing |
| 2016-04-28 | Rework the error handling in libtls so that we can associate errors with | Joel Sing |
| 2016-01-18 | Call BIO_sock_init() from tls_init() to ensure sockets are enabled on Windows. | Brent Cook |
| 2015-10-07 | Allow us to get cipher and version even if there is not a peer certificate. | Bob Beck |
| 2015-09-29 | clean some ugly intendation warts | Theo de Raadt |
