summaryrefslogtreecommitdiff
path: root/lib/libtls/tls_server.c
AgeCommit message (Expand)Author
2017-09-20Keep track of which keypair is in use by a TLS context.Joel Sing
2017-08-10Add a tls_config_set_ecdhecurves() function to libtls, which allows theJoel Sing
2017-07-05RFC 6066 states that IP literals are not permitted in "HostName" for aJoel Sing
2017-06-22Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so thatJoel Sing
2017-06-22Use the standard `rv' idiom in tls_keypair_load_cert(), rather thanJoel Sing
2017-05-06Perform reference counting for tls_config. This allows tls_config_free() toJoel Sing
2017-04-10Rework name verification code so that a match is indicated via an argument,Joel Sing
2017-01-31Disable client-initiated renegotiation for libtls servers.Joel Sing
2017-01-26Use a flag to track when we need to call SSL_shutdown(). This avoids anJoel Sing
2017-01-24Introduce ticket support. To enable them it is enough to set a positiveClaudio Jeker
2017-01-12If tls_set_cbs() fails an error will already be specified, so do notJoel Sing
2016-11-06Set the callback on the correct ssl_ctx for the SNI case, instead ofBob Beck
2016-11-05Add support for server side OCSP stapling to libtls.Bob Beck
2016-11-04Avoid shadowing the socket global.Joel Sing
2016-09-14Set callbacks on the right tls ctx on accept.Brent Cook
2016-09-04Maintain consistency with function naming.Joel Sing
2016-09-04Add callback-based interface to libtls.Brent Cook
2016-08-22Create contexts for server side SNI - these include the additional SSL_CTXJoel Sing
2016-08-18Split out the TLS server SSL_CTX allocation and configuration code, soJoel Sing
2016-08-15Explicitly pass in an SSL_CTX * to the functions that operate on one,Joel Sing
2016-08-12Add ALPN support to libtls.Joel Sing
2016-08-02Revert previous since it adds new symbols.Joel Sing
2016-08-01Add ALPN support to libtls.Joel Sing
2016-04-28Factor our the keypair handling in libtls. This results in more readableJoel Sing
2015-09-29clean some ugly intendation wartsTheo de Raadt
2015-09-12Ensure that we clear the libssl error stack before we make a function callJoel Sing
2015-09-11actually set return value to 0 on success.Bob Beck
2015-09-10Split tls_handshake() out from tls_accept/tls_connect. By doing this theJoel Sing
2015-09-10Add support for preferring the server's cipher list or the client's cipherJoel Sing
2015-09-09Indent labels with a space so that diff -p is more friendly.Joel Sing
2015-09-09Add client certificate support. Still needs a few tweaks but this willBob Beck
2015-09-09Only take ownership of a socket if we allocated it within libtls. If we areJoel Sing
2015-08-27Improve libtls error messages.Joel Sing
2015-08-22Unify error message between client and server.Joel Sing
2015-08-22SSL_set_app_data is a macro for SSL_set_ex_data(), which is a wrapperJoel Sing
2015-03-31Provide a tls_accept_fds() function, which allows a TLS connection to beJoel Sing
2015-03-31Store errors that occur during a tls_accept_socket() call on the contextJoel Sing
2015-02-07Convert tls_connect_fds() and tls_accept_socket() to the new OpenSSL errorJoel Sing
2015-02-07Add tls_config_set_dheparams() to allow specification of the parameters toJoel Sing
2015-01-30Make the TLS connect and accept error messages consistent.Alexander Bluhm
2015-01-16The SSL/TLS session Id context is limited to 32 bytes. Instead ofReyk Floeter
2014-10-31Rename libressl to libtls to avoid confusion and to make it easier toJoel Sing