summaryrefslogtreecommitdiff
path: root/lib/libtls/tls_config.c
AgeCommit message (Expand)Author
2022-01-25Introduce a signer interface intented to make TLS privsep simplerEric Faurot
2021-10-21Print uid with %u instead of %i.Theo Buehler
2021-01-21when using fake keys, skip the private key checkEric Faurot
2021-01-21Allow setting a keypair on a tls context without specifying the privateEric Faurot
2020-12-22Destroy the mutex in tls_config objects when tls_config_free is called.Brent Cook
2020-12-22Revert call to pthread_mutex_destroy until installers have a stub.Brent Cook
2020-12-21Destroy the mutex in a tls_config object when tls_config_free is called.Brent Cook
2020-01-20Add support for TLSv1.3 as a protocol to libtls.Joel Sing
2019-11-16Allow portable to override the default CA bundle locationBob Beck
2019-04-04Switch to pthread_mutex_init().Joel Sing
2019-04-01Add a mutex to guard reference counting for tls_config.Joel Sing
2019-03-27remove duplicate set key file call. from alf.Ted Unangst
2018-11-29expose the default cert file as a function, not a define. it's reallyTed Unangst
2018-04-07Correct tls_config_clear_keys() behaviour.Joel Sing
2018-03-20Avoid potentially calling strchr() on a NULL pointer inJoel Sing
2018-03-19Automatically handle library initialisation for libtls.Joel Sing
2018-02-10Move the keypair pubkey hash handling code to during config.Joel Sing
2018-02-10Add support to libtls for client-side TLS session resumption.Joel Sing
2018-02-08Split keypair handling out into its own file - it had already appearedJoel Sing
2018-02-05Be consistent with the goto label names used in libtls code.Joel Sing
2017-12-09Make tls_config_parse_protocols() work correctly when passed a NULL pointerJoel Sing
2017-09-25If tls_config_parse_protocols() is called with a NULL pointer, return theJoel Sing
2017-08-10Add a tls_config_set_ecdhecurves() function to libtls, which allows theJoel Sing
2017-08-09Don't use tls_cert_hash for the hashing used by the engine offloading magicClaudio Jeker
2017-07-06Add support for providing CRLs to libtls - once a CRL is provided weJoel Sing
2017-05-06Perform reference counting for tls_config. This allows tls_config_free() toJoel Sing
2017-05-02use freezero() instead of memset/explicit_bzero + free. SubstantiallyTheo de Raadt
2017-04-30Add a tls_keypair_clear_key() function that uses freezero() to make keyJoel Sing
2017-04-05Internal changes to allow for relayd engine privsep. sends the hash of theBob Beck
2017-01-31Add tls_config_[add|set]keypair_ocsp functions so that ocsp staples may beBob Beck
2017-01-29Move the ocsp staple to being part of the keypair structure internally,Bob Beck
2017-01-24Introduce ticket support. To enable them it is enough to set a positiveClaudio Jeker
2016-11-11Change the return value of tls_config_set_protocols() andJoel Sing
2016-11-05Add support for server side OCSP stapling to libtls.Bob Beck
2016-11-04Make the tls_keypair_new() function a valid prototype.Joel Sing
2016-11-04Avoid another signed vs unsigned comparison.Joel Sing
2016-11-04Add ocsp_require_stapling config option for tls - allows a connectionBob Beck
2016-08-22Provide an API that enables server side SNI support - add the ability toJoel Sing
2016-08-13Avoid leaking memory if tls_config_set_alpn() is called multiple timesJoel Sing
2016-08-13Load CA, certificate and key files into memory when the appropriateJoel Sing
2016-08-12Add ALPN support to libtls.Joel Sing
2016-08-02Revert previous since it adds new symbols.Joel Sing
2016-08-01Add ALPN support to libtls.Joel Sing
2016-07-13Split the existing TLS cipher suite groups into four:Joel Sing
2016-07-07Revert previous - it introduces problems with a common privsep use case.Joel Sing
2016-07-06Check that the given ciphers string is syntactically valid and results inJoel Sing
2016-07-06Always load CA, key and certificate files at the time the configurationJoel Sing
2016-05-27Rename some of the internal error setting functions to more closely followJoel Sing
2016-05-27Avoid leaking ca_mem when freeing a tls_config.Joel Sing
2016-04-28Factor our the keypair handling in libtls. This results in more readableJoel Sing