| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2019-11-16 | Allow portable to override the default CA bundle location | Bob Beck | |
| ok kinichiro@ jsing@ | |||
| 2019-11-02 | Bump libcrypto, libssl and libtls minors due to symbol additions. | Joel Sing | |
| 2019-11-02 | Document tls_conn_cipher_strength(). | Joel Sing | |
| ok schwarze@ | |||
| 2019-11-02 | Provide tls_conn_cipher_strength(). | Joel Sing | |
| This returns the strength in bits of the symmetric cipher used for the connection. Diff from gilles@ ok tb@ | |||
| 2019-10-24 | Bump libcrypto, libssl and libtls majors due to changes in struct sizes | Joel Sing | |
| and symbol addition. | |||
| 2019-07-09 | Group tls_{handshake,read,write,close}() return values documentation. | Joel Sing | |
| Move the documentation for tls_error() down so that both the special return values for tls_{handshake,read,write,close}() directly follow the standard return values for the same functions. Prompted by deraadt@. ok deraadt@ schwarze@ | |||
| 2019-06-20 | tls_read() & tls_write() return 4 possible values: TLS_WANT_POLLOUT, | Theo de Raadt | |
| TLS_WANT_POLLIN, -1, or 0. After handling the first two, check for -1 rather than vaguely "< 0". ok jsing | |||
| 2019-06-05 | provide getters and setters for the RSA_METHOD interface | Gilles Chehade | |
| ok tb@, jsing@, sthen@ | |||
| 2019-05-13 | Acquire mutex before incrementing the refcount. Fixes COV-186144 | Brent Cook | |
| ok tb@ | |||
| 2019-04-13 | Null out pointers on asprintf() failure. | Theo Buehler | |
| These pointers will be passed to free. According to asprintf(3), "on OpenBSD, ret will be set to the null pointer, but this behavior should not be relied upon." ok jsing | |||
| 2019-04-04 | Only assign destlen when src is non-NULL. | Joel Sing | |
| This avoids ever having a non-zero len with a NULL pointer. | |||
| 2019-04-04 | Switch to pthread_mutex_init(). | Joel Sing | |
| While PTHREAD_MUTEX_INITIALIZER can be used on OpenBSD, some other platforms do not like it. Noted by bcook@ | |||
| 2019-04-04 | Bump libssl/libtls minors due to symbol addition. | Joel Sing | |
| 2019-04-01 | Add a mutex to guard reference counting for tls_config. | Joel Sing | |
| This makes libtls more friendly for multithreaded use - otherwise we can end up with incorrect refcounts and end up freeing when we should not be (or not freeing when we should be). ok beck@ | |||
| 2019-03-27 | remove duplicate set key file call. from alf. | Ted Unangst | |
| ok jsing | |||
| 2019-03-20 | fix examples (libtls uses its own error reporting mechanism) | Marc Espie | |
| okay tb@ | |||
| 2019-03-17 | bump minors after symbol addition | Theo Buehler | |
| 2019-01-22 | bump minors after symbol addition | Theo Buehler | |
| 2019-01-19 | bump minors after symbol addition | Theo Buehler | |
| 2018-12-14 | Delete a note taken during the rev. 1.1 man page splite | Ingo Schwarze | |
| that should have been deleted before commit. The cross reference is already present below SEE ALSO. Glitch noticed by jsing@. | |||
| 2018-11-29 | missed adding tls_default_ca_cert_file here. found by sthen | Ted Unangst | |
| 2018-11-29 | expose the default cert file as a function, not a define. it's really | Ted Unangst | |
| an internal detail of the library, so the string should live inside it, not in the application code. ok jsing | |||
| 2018-11-11 | bump minors after symbol addition. | Theo Buehler | |
| 2018-11-06 | Define TLS_CA_CERT_FILE rather than having every application create their | Joel Sing | |
| own define for /etc/ssl/cert.pem. ok beck@ bluhm@ tb@ | |||
| 2018-10-24 | Bump libcrypto/libssl/libtls majors due to symbol removals (libcrypto) | Joel Sing | |
| and changes to struct visibility/sizes (libssl). | |||
| 2018-09-12 | crank to follow minor crank in libcrypto; ok tb@ jsing@ | Damien Miller | |
| 2018-08-24 | crank majors after symbol addition/modification/removal | Theo Buehler | |
| 2018-08-21 | typo in argument type, from Mario dot Andres dot Campos at gmail dot com | Ingo Schwarze | |
| 2018-07-24 | Use the same order in NAME, SYNOPSIS, DESCRIPTION, and RETURN VALUES to | Theo Buehler | |
| improve readability and ease of maintenance. Positive feedback jmc Detailed suggestion & ok schwarze | |||
| 2018-07-23 | Document tls_peer_ocsp_result() and use it in place of the non-existent | Theo Buehler | |
| tls_peer_ocsp_result_msg() in the documentation. input & ok jsing Reads fine to jmc and makes sense to schwarze | |||
| 2018-07-09 | Move a detail on tls_connect(3) to its documentation and be a bit more | Theo Buehler | |
| explicit about the servername argument of tls_connect_servername(3). input & ok jsing, input & ok schwarze on earlier version | |||
| 2018-07-09 | wording tweak for tls_init() from jsing | Theo Buehler | |
| ok jsing, schwarze | |||
| 2018-07-08 | Simplify and shorten the description of tls_init(3), | Ingo Schwarze | |
| fixing an awkward wording noticed by tb@. OK tb@ | |||
| 2018-05-26 | minor markup improvement: .Fa *cctx -> .Pf * Fa cctx | Ingo Schwarze | |
| 2018-05-26 | Quote .Fa arguments containing blanks. | Ingo Schwarze | |
| Diff from Jack Burton <jack at saosce dot com dot au>. | |||
| 2018-04-07 | Correct tls_config_clear_keys() behaviour. | Joel Sing | |
| Previously this incorrectly called tls_keypair_clear(), which results in the private key being cleared, along with the certificate, OCSP staple and pubkey hash. This breaks OCSP stapling if tls_config_clear_keys() is called following tls_configure(), as is done by httpd. Fix this by calling tls_keypair_clear_key() so that only the private key is cleared, leaving the other public data untouched. While here, remove tls_keypair_clear() and fold the necessary parts into tls_keypair_free(). ok beck@ | |||
| 2018-04-07 | Switch to OPENSSL_init_ssl() and prevent an openssl configuration file from | Joel Sing | |
| being loaded behind our back, at a later point. ok beck@ | |||
| 2018-03-20 | Avoid potentially calling strchr() on a NULL pointer in | Joel Sing | |
| tls_config_set_ecdhecurve(). Spotted by Coverity. | |||
| 2018-03-20 | bump minors after symbol addition | Theo Buehler | |
| 2018-03-19 | Automatically handle library initialisation for libtls. | Joel Sing | |
| Now that we have tls_init() under pthread_once(), automatically initialise libtls from the entry point functions (tls_config(), tls_client() and tls_server()) - this makes an explicit tls_init() call no longer a requirement. ok bcook@ beck@ inoguchi@ | |||
| 2018-03-17 | crank majors | Theo Buehler | |
| req by deraadt | |||
| 2018-03-17 | Bump minors after symbol addition | Theo Buehler | |
| 2018-03-15 | Also bump libtls minor after the addition of SSL_CTX_get_min/max_proto_version | Jeremie Courreges-Anglas | |
| cluebat tb@ | |||
| 2018-03-08 | un-revert tls_init pthread_once change, now that stub is added so that ↵ | Bob Beck | |
| builds work | |||
| 2018-03-07 | backout. diff was not tested comprehensively, resulting in a broken tree. | Theo de Raadt | |
| 2018-03-07 | Make tls_init() concurrently callable using pthread_once(). | Bob Beck | |
| ok jsing@ This brings pthread_once usage into libressl, which will need to get dealt with correctly in portable. This sets us up to autoinit libtls, and we will also be using pthread_once to deal with autoinit stuff in libssl and libcrypto | |||
| 2018-02-22 | Bump lib{crypto,ssl,tls} minors due to symbol additions. | Joel Sing | |
| 2018-02-20 | Crank lib{crypto,ssl,tls} minors after symbol addition. | Theo Buehler | |
| 2018-02-18 | Bump minor due to symbol addition. | Theo Buehler | |
| 2018-02-18 | Bump libcrypto/libssl/libtls minors due to symbol additions. | Theo Buehler | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |