summaryrefslogtreecommitdiff
path: root/lib/libtls/tls_client.c
AgeCommit message (Expand)Author
2021-10-21Eliminate a dead assignment and a weird cast. Adjust a comment toTheo Buehler
2021-06-01Update RFC reference. RFC 4366 was obsoleted by RFC 6066.Theo Buehler
2021-06-01Avoid sending a trailing dot in SNI as a clientTheo Buehler
2018-03-19Automatically handle library initialisation for libtls.Joel Sing
2018-02-10Add support to libtls for client-side TLS session resumption.Joel Sing
2017-08-10Add a tls_config_set_ecdhecurves() function to libtls, which allows theJoel Sing
2017-05-07Ensure that a client context has been connected before attempting toJoel Sing
2017-04-10Rework name verification code so that a match is indicated via an argument,Joel Sing
2017-01-26Use a flag to track when we need to call SSL_shutdown(). This avoids anJoel Sing
2017-01-12If tls_set_cbs() fails an error will already be specified, so do notJoel Sing
2016-12-26Hook up a certificate verify callback so that we can set user friendlyJoel Sing
2016-11-02Add OCSP client side support to libtls.Bob Beck
2016-09-04Maintain consistency with function naming.Joel Sing
2016-09-04Add callback-based interface to libtls.Brent Cook
2016-08-15Explicitly pass in an SSL_CTX * to the functions that operate on one,Joel Sing
2016-04-28Factor our the keypair handling in libtls. This results in more readableJoel Sing
2015-10-09fix a gotcha in the connect refactoring, that could result in droppingTheo de Raadt
2015-10-08If getaddrinfo() succeeds, then don't try look ups with other flags, evenPhilip Guenther
2015-09-29Instead of declaring a union in multiple places, move it to tls_internal.h.Joel Sing
2015-09-29clean some ugly intendation wartsTheo de Raadt
2015-09-12Ensure that we clear the libssl error stack before we make a function callJoel Sing
2015-09-11add tls_peer functions for checking names and issuers of peer certificates.Bob Beck
2015-09-10Split tls_handshake() out from tls_accept/tls_connect. By doing this theJoel Sing
2015-09-09Indent labels with a space so that diff -p is more friendly.Joel Sing
2015-09-09Add client certificate support. Still needs a few tweaks but this willBob Beck
2015-09-09Only take ownership of a socket if we allocated it within libtls. If we areJoel Sing
2015-09-08Remove the default HTTPS port from tls_connect() - this is a TLS library,Joel Sing
2015-08-27Improve libtls error messages.Joel Sing
2015-08-27Split the persistent/configuration flags from temporary state flags andJoel Sing
2015-08-22SSL_set_app_data is a macro for SSL_set_ex_data(), which is a wrapperJoel Sing
2015-08-22Store a reference to the libtls context in the SSL client connection appJoel Sing
2015-03-31Store errors that occur during a tls_accept_socket() call on the contextJoel Sing
2015-03-21free the server certificate in tls_connect_fds(); fixes a memory leak withStuart Henderson
2015-02-11Provide a tls_connect_servername() function that has the same behaviourJoel Sing
2015-02-11Be consistent with naming - only use "host" and "hostname" when referringJoel Sing
2015-02-09When parsing the host in tls_connect(), first check if it is a numericReyk Floeter
2015-02-08Use the AI_ADDRCONFIG flag in tls_connect(). This tells the resolverReyk Floeter
2015-02-07Convert tls_connect_fds() and tls_accept_socket() to the new OpenSSL errorJoel Sing
2015-01-30Make the TLS connect and accept error messages consistent.Alexander Bluhm
2015-01-22Allow to to load the CA chain directly from memory instead ofReyk Floeter
2015-01-13For non-blocking sockets tls_connect_fds() could fail with EAGAIN.Alexander Bluhm
2015-01-02Rename the tls_connect_socket() parameter 'socket' to 's' to avoidAlexander Bluhm
2014-12-27include netinet/in.h to define struct in6_addr.Brent Cook
2014-12-07Allow specific libtls hostname validation errors to propagate.Brent Cook
2014-12-07revert previous change for now, adjusting based on comments from jsing@Brent Cook
2014-12-07Allow specific libtls hostname validation errors to propagate.Brent Cook
2014-11-02Add a tls_connect_fds() function that allows a secure connection to beJoel Sing
2014-10-31Rename libressl to libtls to avoid confusion and to make it easier toJoel Sing