- tls_gnutls.c, tls_openssl.c, tls_wolfssl.c: fixed ret vs. retlen vs. length inconsistency
- tls_openssl.c: clear OpenSSL's error queue before SSL_get_error() invocation
- Renamings:
tls_new_cred -> tls_new_credentials
tls_free_cred -> tls_free_credentials
tls_verify_cert -> tls_verify_certificate
- Stylistic changes
- tls_gnutls.c, tls_openssl.c: tls_get_cipher, tls_get_version: reduce buffer sizes
- tls_openssl.c:tls_new_cred(): (re)set default ciphers if there aren't any defined in the configuration
- tls_openssl.c:tls_new_cred(): stylistic changes
- tls_openssl.c:tls_new_cred(): despite being mentioned in the manual, feeding SSL_CTX_set_ciphersuites with an empty list doesn't work
- tls_openssl.c:tls_get_cipher(): drop the explicit bits used information as this is redundant
- In the serverinfo {} block, the following configuration directives have been renamed:
ssl_certificate_file -> tls_certificate_file
ssl_dh_param_file -> tls_dh_param_file
ssl_dh_elliptic_curve -> tls_supported_groups
ssl_cipher_list -> tls_cipher_list
ssl_message_digest_algorithm -> tls_message_digest_algorithm
- In the operator {} block, the following configuration directives have been renamed:
ssl_certificate_fingerprint -> tls_certificate_fingerprint
ssl_connection_required -> tls_connection_required
- In the connect {} block, the following configuration directives have been renamed:
ssl_cipher_list -> tls_cipher_list
ssl_certificate_fingerprint -> tls_certificate_fingerprint
- tls_openssl.c:tls_new_cred(): default to X25519:P-256 groups
- Supported TLSv1.3 cipher suites can now be configured explicitely via the new 'serverinfo::tls_cipher_suites' configuration directive
- tls_gnutls.c, tls_openssl.c: stylistic changes
- tls_openssl.c:tls_new_cred(): log a warning in case SSL_CTX_set_cipher_list failed
- tls_openssl.c: further modernization: replace SSL_CTX_set_tmp_ecdh with SSL_CTX_set1_groups_list
- Minimum supported version of OpenSSL is 1.1.1 now; modernize tls_openssl.c, drop/replace usage of obsolete functions
- tls_openssl.c:tls_new_cred(): fixed compile warning
- OpenSSL now runs with automatic curve selection if no curve is defined in serverinfo::ssl_dh_elliptic_curve
- Bump copyright years everywhere
- tls_gnutls.c, tls_openssl.c: stylistic changes
- Made read/write functions use ssize_t
- tls_gnutls.c, tls_openssl.c: disable TLSv1.1
- tls_gnutls.c, tls_openssl.c: disable TLSv1.0
- Update copyright years
- Make use of bool even more
- Make use of the bool data type in some more places
- Update copyright years
- Update copyright years
- Show GnuTLS/OpenSSL library/header versions in /INFO as suggested by Adam
- Fixed svn properties
- Remove artificial cap of minimum required size of the dh parameter file
- tls_openssl.c: removed logging to stderr which is closed at this point anyway
- Let's do this better
- Don't exit out with GnuTLS when there's no key and/or certificate
- tls_openssl.c: removed extraneous curly braces not needed with c99
- tls_openssl.c: removed test on OPENSSL_VERSION_NUMBER which is no longer needed
- tls_openssl.c:tls_new_cred(): set ciphers from serverinfo::ssl_cipher_list which somehow got lost in the rewrite
- tls*: more copyright fixups
- Move report_crypto_errors from rsa.c to tls_openssl.c - Move binary_to_hex from rsa.c to misc.c - Removed rsa.c & rsa.h
- More copyright -- from Adam
- Remove useless raw_result -- from Adam
- tls_openssl.c: style corrections
- propset
- Incorporate gnutls support by Adam & Attila
This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, enter a numeric revision.