Permalink
Switch branches/tags
Nothing to show
Commits on Jan 26, 2016
  1. tls: add deinit to no-tls compat

    markokr committed Jan 26, 2016
Commits on Jan 25, 2016
  1. tls: cleanup of win64 compat patch

    markokr committed Jan 25, 2016
    Cleanup for #12
  2. Merge pull request #12 from chenz/tls-mingw64-compile-fixes

    markokr committed Jan 25, 2016
    TLS mingw64 compile fixes
  3. Merge pull request #13 from phoefflin/master

    markokr committed Jan 25, 2016
    build problems on solaris 10
  4. tls: tls_deinit() to release all memory on program exit

    markokr committed Jan 25, 2016
    Useful for debugging memleaks.
  5. tls: use SSL_MODE_RELEASE_BUFFERS

    markokr committed Jan 25, 2016
    This should use less memory for idle connections.
  6. tls: clean conninfo before filling new data

    markokr committed Jan 25, 2016
    It can lead to memleak if tls_handshake called after
    it returns 0.  It's probably caller bug, but the
    conninfo filling uses rather fragile coding style,
    so it seems like good precaution.
Commits on Jan 21, 2016
  1. compat: check for imcomplete fnmatch implementation

    phoefflin committed Jan 21, 2016
    switch to compat fnmatch, if the system provided fnmatch doesn't
    support FNM_CASEFOLD (see also test/test_fnmatch.c).
  2. use compat timegm also for unix if needed

    phoefflin committed Jan 21, 2016
    there already was a compat timegm function which
    was only used in windows builds. This is now
    active for all systems lacking an own timegm
    function (like solaris 10).
  3. strnlen: compat fixes

    phoefflin committed Jan 21, 2016
    added compat version of strnlen function for systems
    lacking POSIX.1-2008 support (like solaris 10).
Commits on Jan 20, 2016
Commits on Nov 10, 2015
  1. time: timegm for win32

    markokr committed Nov 10, 2015
  2. time: fix timegm warnings

    markokr committed Nov 10, 2015
Commits on Nov 3, 2015
Commits on Nov 2, 2015
  1. tls: sync no-ssl build

    markokr committed Nov 2, 2015
  2. connect-tls: unused pfd

    markokr committed Nov 2, 2015
  3. tls: getaddrinfo refactor fix

    markokr committed Nov 2, 2015
    Author: deraadt <deraadt>
    Date:   Fri Oct 9 04:13:34 2015 +0000
    
        fix a gotcha in the connect refactoring, that could result in dropping
        through and trying to bind failed v6 connects.
        ok guenther
  4. tls: getaddrinfo() refactor

    markokr committed Nov 2, 2015
    Author: guenther <guenther>
    Date:   Thu Oct 8 20:13:45 2015 +0000
    
        If getaddrinfo() succeeds, then don't try look ups with other flags, even
        if the connect()s failed.  In concert with some resolver fixes in libc,
        this lets ntpd be tame()ed
    
        problem isolated by theo, who had fun untangling the libc and libtls
        behaviors to place blame for not being able to tame ntpd
    
        ok beck@ deraadt@ jsing@
Commits on Oct 8, 2015
  1. tls: compat asn1 time parsing

    markokr committed Oct 8, 2015
  2. tls: notbefore & notafter api

    markokr committed Oct 8, 2015
    Author: beck <beck>
    Date:   Wed Oct 7 23:33:38 2015 +0000
    
        Add tls_peer_cert_notbefore and tls_peer_cert_notafter to expose peer certificate
        validity times for tls connections.
        ok jsing@
  3. tls: always report protocol and suite

    markokr committed Oct 8, 2015
    Author: beck <beck>
    Date:   Wed Oct 7 23:25:45 2015 +0000
    
        Allow us to get cipher and version even if there is not a peer certificate.
        ok doug@
  4. tls; common ipv4/ipv6 union

    markokr committed Oct 8, 2015
    Author: jsing <jsing>
    Date:   Tue Sep 29 13:10:53 2015 +0000
    
        Instead of declaring a union in multiple places, move it to tls_internal.h.
    
        ok deraadt@
  5. tls: clean indentation warts

    markokr committed Oct 8, 2015
    Author: deraadt <deraadt>
    Date:   Tue Sep 29 10:17:04 2015 +0000
    
        clean some ugly intendation warts
  6. tls: conninfo null checks

    markokr committed Oct 8, 2015
    Author: jsing <jsing>
    Date:   Mon Sep 28 15:18:08 2015 +0000
    
        Explicit NULL checks and style(9) tweaks.
  7. string: strpcpy, strpcat

    markokr committed Oct 8, 2015
    alternatives for strlcpy, strlcat
  8. tls: compat fixes

    markokr committed Oct 8, 2015
  9. tls: test write flood

    markokr committed Oct 8, 2015
  10. m4: fix MKDIR_P path too

    markokr committed Oct 8, 2015
Commits on Sep 19, 2015
  1. tls: ocsp cleanup

    markokr committed Sep 18, 2015
    Separate network code from the rest.
    
    Simplify error handling.
Commits on Sep 15, 2015
  1. tls: connection info api

    markokr committed Sep 15, 2015
    Author: beck <beck>
    Date:   Sun Sep 13 10:32:46 2015 +0000
    
        add visibility of ciper and connection version strings
        ok jsing@
  2. tls-test: aggressive close

    markokr committed Sep 15, 2015
  3. tls: tls_config_insecure_noverifytime()

    markokr committed Sep 15, 2015
    Author: jsing <jsing>
    Date:   Mon Sep 14 16:16:38 2015 +0000
    
        Provide tls_config_insecure_noverifytime() in order to be able to disable
        certificate validity checking.
    
        ok beck@
  4. tls: Expose EOF without close-notify via tls_close().

    markokr committed Sep 15, 2015
    This makes tls_read() report unexpected EOF and normal EOF.
    
    Author: jsing <jsing>
    Date:   Mon Sep 14 12:29:16 2015 +0000
    
        Expose EOF without close-notify via tls_close().
    
        Make tls_read(3)/tls_write(3) follow read(2)/write(2) like semantics and
        return 0 on EOF with and without close-notify. However, if we saw an EOF
        from the underlying file descriptors without getting a close-notify, save
        this and make it visible when tls_close(3) is called. This keeps the
        semantics we want, but makes it possible to detect truncation at higher
        layers, if necessary.
    
        ok beck@ guenther@
  5. tls: check context type in tls_handshake and tls_close

    markokr committed Sep 15, 2015
    Author: jsing <jsing>
    Date:   Mon Sep 14 12:20:40 2015 +0000
    
        Return an error if tls_handshake() or tls_close() is called on a context
        for which they are not valid operations.
    
        ok beck@