index
:
src
cvs/HEAD
kms/intel
kms/radeon
master
OpenBSD base system
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
lib
/
libtls
/
tls_config.c
Age
Commit message (
Expand
)
Author
2018-11-29
expose the default cert file as a function, not a define. it's really
Ted Unangst
2018-04-07
Correct tls_config_clear_keys() behaviour.
Joel Sing
2018-03-20
Avoid potentially calling strchr() on a NULL pointer in
Joel Sing
2018-03-19
Automatically handle library initialisation for libtls.
Joel Sing
2018-02-10
Move the keypair pubkey hash handling code to during config.
Joel Sing
2018-02-10
Add support to libtls for client-side TLS session resumption.
Joel Sing
2018-02-08
Split keypair handling out into its own file - it had already appeared
Joel Sing
2018-02-05
Be consistent with the goto label names used in libtls code.
Joel Sing
2017-12-09
Make tls_config_parse_protocols() work correctly when passed a NULL pointer
Joel Sing
2017-09-25
If tls_config_parse_protocols() is called with a NULL pointer, return the
Joel Sing
2017-08-10
Add a tls_config_set_ecdhecurves() function to libtls, which allows the
Joel Sing
2017-08-09
Don't use tls_cert_hash for the hashing used by the engine offloading magic
Claudio Jeker
2017-07-06
Add support for providing CRLs to libtls - once a CRL is provided we
Joel Sing
2017-05-06
Perform reference counting for tls_config. This allows tls_config_free() to
Joel Sing
2017-05-02
use freezero() instead of memset/explicit_bzero + free. Substantially
Theo de Raadt
2017-04-30
Add a tls_keypair_clear_key() function that uses freezero() to make key
Joel Sing
2017-04-05
Internal changes to allow for relayd engine privsep. sends the hash of the
Bob Beck
2017-01-31
Add tls_config_[add|set]keypair_ocsp functions so that ocsp staples may be
Bob Beck
2017-01-29
Move the ocsp staple to being part of the keypair structure internally,
Bob Beck
2017-01-24
Introduce ticket support. To enable them it is enough to set a positive
Claudio Jeker
2016-11-11
Change the return value of tls_config_set_protocols() and
Joel Sing
2016-11-05
Add support for server side OCSP stapling to libtls.
Bob Beck
2016-11-04
Make the tls_keypair_new() function a valid prototype.
Joel Sing
2016-11-04
Avoid another signed vs unsigned comparison.
Joel Sing
2016-11-04
Add ocsp_require_stapling config option for tls - allows a connection
Bob Beck
2016-08-22
Provide an API that enables server side SNI support - add the ability to
Joel Sing
2016-08-13
Avoid leaking memory if tls_config_set_alpn() is called multiple times
Joel Sing
2016-08-13
Load CA, certificate and key files into memory when the appropriate
Joel Sing
2016-08-12
Add ALPN support to libtls.
Joel Sing
2016-08-02
Revert previous since it adds new symbols.
Joel Sing
2016-08-01
Add ALPN support to libtls.
Joel Sing
2016-07-13
Split the existing TLS cipher suite groups into four:
Joel Sing
2016-07-07
Revert previous - it introduces problems with a common privsep use case.
Joel Sing
2016-07-06
Check that the given ciphers string is syntactically valid and results in
Joel Sing
2016-07-06
Always load CA, key and certificate files at the time the configuration
Joel Sing
2016-05-27
Rename some of the internal error setting functions to more closely follow
Joel Sing
2016-05-27
Avoid leaking ca_mem when freeing a tls_config.
Joel Sing
2016-04-28
Factor our the keypair handling in libtls. This results in more readable
Joel Sing
2016-04-28
Rework the error handling in libtls so that we can associate errors with
Joel Sing
2015-09-29
clean some ugly intendation warts
Theo de Raadt
2015-09-14
Provide tls_config_insecure_noverifytime() in order to be able to disable
Joel Sing
2015-09-10
Add support for preferring the server's cipher list or the client's cipher
Joel Sing
2015-09-09
Indent labels with a space so that diff -p is more friendly.
Joel Sing
2015-09-09
Add client certificate support. Still needs a few tweaks but this will
Bob Beck
2015-02-22
Rename tls_config_insecure_noverifyhost() to
Joel Sing
2015-02-22
Check return values when setting dheparams and ecdhecurve for the default
Joel Sing
2015-02-22
In the interests of being secure by default, make the default TLS ciphers
Joel Sing
2015-02-12
Add a tls_config_parse_protocols() function that allows a protocols string
Joel Sing
2015-02-12
Fix handling of "legacy" mode for tls_config_set_dheparams().
Joel Sing
2015-02-11
Be consistent with naming - only use "host" and "hostname" when referring
Joel Sing
[next]