Commit Graph

26 Commits

Author SHA1 Message Date
Ben Jencks
6f120920d3 ITS#7506 tls_o.c: Fix Diffie-Hellman parameter usage.
If a DHParamFile or olcDHParamFile is specified, then it will be used,
otherwise a hardcoded 1024 bit parameter will be used. This allows the use of
larger parameters; previously only 512 or 1024 bit parameters would ever be
used.
2013-09-07 06:33:39 -07:00
Howard Chu
ca310ebff4 Add channel binding support
Currently only implemented for OpenSSL.
Needs an option to set the criticality flag.
2013-08-26 23:31:48 -07:00
Philip Guenther
c6cf495247 ITS#7645 more OpenSSL TLS versions 2013-07-29 07:01:15 -07:00
Kurt Zeilenga
0fd1bf30b8 Happy New Year 2013-01-02 10:22:57 -08:00
Howard Chu
bb921063e0 ITS#7194 fix IPv6 URL detection 2012-03-08 19:35:44 -08:00
Hallvard Furuseth
1a931a86ee Silence 'assign away const' warning 2012-01-24 01:45:51 +01:00
Kurt Zeilenga
2bbf9804b9 Happy New Year! 2012-01-01 07:10:53 -08:00
Kurt Zeilenga
966cef8c9a Happy New Year 2011-01-05 00:42:37 +00:00
Hallvard Furuseth
16b7df8397 ITS#6625 Remove some LDAP_R_COMPILEs 2010-12-06 11:31:58 +00:00
Kurt Zeilenga
3dadeb3efe happy belated New Year 2010-04-13 22:17:29 +00:00
Howard Chu
86c361cdb8 In tmp_rsa_cb, new API is in 0.9.8 inclusive, not exclusive 2010-04-12 03:21:05 +00:00
Hallvard Furuseth
7b22b22202 ITS#6355: Fix uninitialiezed lso_tmp_rsa_cb() return value 2009-10-30 17:08:57 +00:00
Ralf Haferkamp
8fcdc29405 In case of certificate verification failures include failure reason
into the error message (openssl only)
2009-09-30 16:25:23 +00:00
Howard Chu
e0431681ad On OpenSSL 0.9.8 and newer, use RSA_generate_key_ex since
RSA_generate_key is deprecated
2009-09-25 23:31:24 +00:00
Pierangelo Masarati
9abaf38d1f silence warnings 2009-08-19 12:23:27 +00:00
Hallvard Furuseth
791035d93f Fix last commit: cast strcasecmp unsigned char* to char* 2009-08-07 21:46:25 +00:00
Howard Chu
e229b7c398 In session_chkhost get the last CN, not the first. 2009-08-07 11:59:42 +00:00
Howard Chu
d4f2a06887 Check for CN length match as well in chkhost 2009-07-30 21:52:09 +00:00
Howard Chu
de91bde800 ITS#6192 add all digests. Also stop using SSLeay-compatible function
names, we're only concerned with OpenSSL these days.
2009-07-01 23:46:36 +00:00
Howard Chu
a1861fd162 ITS#5849 patch was wrong, don't X509_free session cert 2009-03-02 17:43:38 +00:00
Howard Chu
b886c2ad8a ITS#5937 fix ancient IPv6 typo 2009-02-10 13:27:22 +00:00
Howard Chu
f9fd0f0cc4 ITS#5655 for new structure 2009-01-26 02:16:46 +00:00
Howard Chu
4dff3e6807 Switch to using modular TLS code, single-implementation version 2009-01-26 02:06:45 +00:00
Kurt Zeilenga
4af9eb9715 Update copyright notices 2009-01-22 00:40:04 +00:00
Howard Chu
187efdad6c ITS#5849 free peer cert after retrieving DN 2008-12-05 09:00:24 +00:00
Howard Chu
a225b02f17 Modular TLS support, proof of concept. tls2.c would replace tls.c,
but I'm leaving tls.c intact for now.
2008-08-13 16:18:51 +00:00