summaryrefslogtreecommitdiff
path: root/lib/libtls
AgeCommit message (Expand)Author
2017-10-08hyphenate DER/PEM-encoded, for consistency;Jason McIntyre
2017-10-07Document tls_peer_cert_chain_pem().Joel Sing
2017-09-25If tls_config_parse_protocols() is called with a NULL pointer, return theJoel Sing
2017-09-20Keep track of which keypair is in use by a TLS context.Joel Sing
2017-09-20Slightly restructure tls_ocsp_verify_cb() to make it more like libtls code.Joel Sing
2017-09-20Provide a useful error if there are no OCSP URLs in the peer certificate.Joel Sing
2017-09-20Fix indentation.Joel Sing
2017-08-30Bump libssl/libtls minors due to symbol (re)addition.Joel Sing
2017-08-28Bump lib{crypto,ssl,tls} majors due to symbol removals.Joel Sing
2017-08-28Fix unchecked return nitBob Beck
2017-08-27Make the symbol for ASN1_time_tm_clamp_notafter visible so libtlsBob Beck
2017-08-13Switch to -Werror with clang for libressl.Doug Hogan
2017-08-12Document tls_config_set_dheparams().Joel Sing
2017-08-12Document tls_reset().Joel Sing
2017-08-11new sentence, new line;Jason McIntyre
2017-08-11Bump minor due to symbol addition.Joel Sing
2017-08-10Add a tls_config_set_ecdhecurves() function to libtls, which allows theJoel Sing
2017-08-09Don't use tls_cert_hash for the hashing used by the engine offloading magicClaudio Jeker
2017-08-01correct function name;Jason McIntyre
2017-07-06Document tls_config_set_crl_file() and tls_config_set_crl_mem().Joel Sing
2017-07-06Bump minor due to symbol addition.Joel Sing
2017-07-06Add support for providing CRLs to libtls - once a CRL is provided weJoel Sing
2017-07-05RFC 6066 states that IP literals are not permitted in "HostName" for aJoel Sing
2017-06-22Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so thatJoel Sing
2017-06-22Fix incorrect indentation.Joel Sing
2017-06-22Plug a memory leak in tls_keypair_cert_hash(), introduced in r1.60.Joel Sing
2017-06-22Remove dead code that has remained hiding since ressl.c r1.14!Joel Sing
2017-06-22Use the standard `rv' idiom in tls_keypair_load_cert(), rather thanJoel Sing
2017-05-16Plug a memory leak. The main_cert needs to be X509_free()ed sinceClaudio Jeker
2017-05-07Ensure that a client context has been connected before attempting toJoel Sing
2017-05-07Return an error if tls_handshake() is called on a TLS context that hasJoel Sing
2017-05-06Use freezero() for the tls_load_file() failure case, since we'reJoel Sing
2017-05-06BIO_free_all() and EVP_PKEY_free() can be called with NULL.Joel Sing
2017-05-06Be explicit about when it is safe to call tls_config_free().Joel Sing
2017-05-06Document tls_unload_file().Joel Sing
2017-05-06Perform reference counting for tls_config. This allows tls_config_free() toJoel Sing
2017-05-06Provide a tls_unload_file() function, that frees the memory returned fromJoel Sing
2017-05-06Bump minors for symbol addition in libcryptoBob Beck
2017-05-04Move tls_config_skip_private_key_check() out from under HIDDEN_DECLS.Claudio Jeker
2017-05-02use freezero() instead of memset/explicit_bzero + free. SubstantiallyTheo de Raadt
2017-04-30Only enable -Werror on libcrypto/libssl/libtls if we are building withJoel Sing
2017-04-30Add a tls_keypair_clear_key() function that uses freezero() to make keyJoel Sing
2017-04-27tls_free(3) and tls_config_free(3) accept NULL;Ingo Schwarze
2017-04-10Rework name verification code so that a match is indicated via an argument,Joel Sing
2017-04-07Use uint8_t instead of u_int8_t - for consistency and to make things easierJoel Sing
2017-04-05Add tls_peer_cert_chain_pem - To retreive the peer certificate and chainBob Beck
2017-04-05Internal changes to allow for relayd engine privsep. sends the hash of theBob Beck
2017-03-02fix error in Dt; from robert kleinJason McIntyre
2017-02-28Bump minors due to symbol addition.Joel Sing
2017-02-20spelling fix;Jason McIntyre