Age | Commit message (Expand) | Author |
2014-04-29 | Implement RSA privilege separation for OpenSMTPD, based on my previous | Reyk Floeter |
2014-04-29 | It is only required to load the keys and certs into the same SSL | Reyk Floeter |
2014-04-19 | (void) cast a snprintf() call that can't possibly truncate unless we | Gilles Chehade |
2014-02-17 | fix possible NULL-deref in error code path | Eric Faurot |
2014-02-04 | pki code cleanup | Eric Faurot |
2013-12-26 | bcopy -> memmove | Eric Faurot |
2013-11-28 | fix loading of passphrase-protected keys. | Eric Faurot |
2013-11-06 | Much much improved config parser and related changes. | Eric Faurot |
2013-10-26 | %i -> %d in format strings | Eric Faurot |
2013-07-19 | tls perfect forward secrecy with ecdhe | Eric Faurot |
2013-05-24 | sync with OpenSMTPD 5.3.2 | Eric Faurot |
2013-01-26 | Sync with our smtpd repo: | Gilles Chehade |
2012-11-23 | knf | Eric Faurot |
2012-11-12 | Cleanups and improvements: | Eric Faurot |
2012-10-14 | enforce different permissions on different files in ssl_load_file() | Alexander Hall |
2012-10-09 | Reject ssl key/certs/CA/DH files if their ownership/permissions are not | Eric Faurot |
2012-09-14 | Remove s_ssl from the smtp session since it is duplicated in the io struct. | Eric Faurot |
2012-08-19 | coding style: replace all occurences of u_int* with uint* | Charles Longeau |
2012-01-29 | Rewrite io code in smtp and mta using the iobuf/ioev interface to have | Eric Faurot |
2012-01-11 | enable back CA support, just don't verify client ... | Gilles Chehade |
2011-12-21 | disable temporarily CA support, it prevents some remote hosts from | Charles Longeau |
2011-12-14 | add missing prototype | Eric Faurot |
2011-12-13 | *finally* make use of certificate authority file if available ! | Gilles Chehade |
2011-10-27 | Don't offer or negotiate SSLv2 and, since we don't do SSL session | Philip Guenthe |
2011-10-23 | add a missing DH_free() after ssl_set_ephemeral_key_exchange(). | Charles Longeau |
2011-10-13 | Drop a reference to the client SSL_CTX after SSL_new(), so that it is | Eric Faurot |
2011-09-01 | Introduce a small set of functions to manage stat counters in a | Eric Faurot |
2011-05-21 | make the "no DH parameters" warning a log_info() | Gilles Chehade |
2011-05-17 | somehow a previous sync with relayd missed one line... | Gilles Chehade |
2011-05-14 | more clang warnings fixed | Gilles Chehade |
2011-05-01 | the smtpd env is meant to be global, so do not pass it all around. | Eric Faurot |
2011-03-15 | let smtpd use user-provided Diffie-Hellman parameters for ephemeral key | Gilles Chehade |
2010-11-28 | a bit of .h cleanups, no functionnal change | Gilles Chehade |
2010-11-24 | add *maxactive stats | Todd T. Fries |
2010-10-09 | backout the "new" queue code commited 4 months ago. it has many good ideas, | Gilles Chehade |
2010-06-01 | new queue, again; gcc2 compile tested by deraadt | Jacek Masiulaniec |
2010-06-01 | New queue doesn't compile on gcc2, back out. Spotted by deraadt@ | Jacek Masiulaniec |
2010-05-31 | Rewrite entire queue code. | Jacek Masiulaniec |
2010-05-26 | Rename some imsg bits to make namespace collisions less likely buf to | Nicholas Marriott |
2010-05-19 | cleanup-only commit, removes unrequired includes, no functionnal change | Gilles Chehade |
2009-11-11 | Check if the receive buffer has any unused space before reading from socket in | Jacek Masiulaniec |
2009-10-03 | dont dereference garbage pointer, from martynas@ | Jacek Masiulaniec |
2009-09-22 | fix handling of certificates to unbreak DSA; allows starttls(8) instructions ... | Janne Johansson |
2009-09-15 | Extend SMTP client_* API to support SSL+AUTH, and use it in the mta | Jacek Masiulaniec |
2009-06-02 | make env->sc_listeners and env->sc_ssl pointers, one step further toward | Gilles Chehade |
2009-06-01 | fix function name in log_debug | Jacek Masiulaniec |
2009-05-30 | It is now possible to specify a certificate to use when relaying to another | Gilles Chehade |
2009-05-24 | Instead of keeping stats private to each process, and querying every | Jacek Masiulaniec |
2009-05-19 | remove useless check on NULL ssl cert and key, the check cannot be reached | Gilles Chehade |
2009-05-18 | Complete rework of bufferevent event masking allowing for more | Jacek Masiulaniec |