summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Felix Fietkau [Fri, 15 Jan 2016 23:04:12 +0000 (00:04 +0100)]
polarssl: fix memory leak
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 15 Jan 2016 19:42:25 +0000 (20:42 +0100)]
add mbedtls variant
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 15 Jan 2016 17:29:31 +0000 (18:29 +0100)]
polarssl: remove support for version 1.2
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 15 Jan 2016 17:09:42 +0000 (18:09 +0100)]
polarssl: disable RC4 support (for security reasons)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Alexander Couzens [Thu, 6 Aug 2015 11:01:34 +0000 (13:01 +0200)]
ustream-ssl: make ustream_ssl.server_name const
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Jo-Philipp Wich [Tue, 9 Jun 2015 16:50:08 +0000 (18:50 +0200)]
polarssl: add mising string include
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Luka Perkov [Sat, 11 Apr 2015 21:43:03 +0000 (23:43 +0200)]
polarssl: fix long writes
Enable to write more data then defined in SSL_MAX_CONTENT_LEN.
Signed-off-by: Luka Perkov <luka@openwrt.org>
Felix Fietkau [Mon, 30 Mar 2015 12:55:47 +0000 (14:55 +0200)]
polarssl: fix return code of entropy function
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Yousong Zhou [Tue, 11 Nov 2014 10:34:01 +0000 (18:34 +0800)]
cmake: Do not hardcode /opt/local/include for Apple.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Yousong Zhou [Tue, 11 Nov 2014 10:33:59 +0000 (18:33 +0800)]
examples: add .notify_write callback.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Christoph Ziebuhr [Mon, 1 Dec 2014 13:41:36 +0000 (14:41 +0100)]
Add support for Server Name Indication
Signed-off-by: Christoph Ziebuhr <chris@codefrickler.de>
Christoph Ziebuhr [Mon, 1 Dec 2014 13:41:35 +0000 (14:41 +0100)]
openssl: Fix host_pattern_match
Signed-off-by: Christoph Ziebuhr <chris@codefrickler.de>
Christoph Ziebuhr [Mon, 1 Dec 2014 13:41:34 +0000 (14:41 +0100)]
Fix ustream_ssl_poll
Signed-off-by: Christoph Ziebuhr <chris@codefrickler.de>
Felix Fietkau [Thu, 3 Apr 2014 21:15:04 +0000 (23:15 +0200)]
openssl: set quiet shutdown flag to ensure that shutdown always succeeds
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Thu, 3 Apr 2014 21:14:05 +0000 (23:14 +0200)]
openssl: un-inline ustream_ssl_session_free
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Thu, 3 Apr 2014 14:57:38 +0000 (16:57 +0200)]
openssl: fix subjectAltNames leak
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Thu, 3 Apr 2014 14:53:40 +0000 (16:53 +0200)]
openssl: free peer certificate after validating it
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Tue, 25 Mar 2014 15:03:44 +0000 (16:03 +0100)]
add missing include files
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Tue, 25 Mar 2014 15:03:27 +0000 (16:03 +0100)]
openssl: disable host CN checks for cyassl (TODO)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Tue, 25 Mar 2014 09:14:14 +0000 (10:14 +0100)]
polarssl: check us->notify_verify_error for NULL before calling it
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Tue, 25 Mar 2014 08:45:28 +0000 (09:45 +0100)]
ustream-example-client: fix usage information
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Tue, 25 Mar 2014 08:02:39 +0000 (09:02 +0100)]
implement certificate validation (including CN verification)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 21 Mar 2014 23:39:02 +0000 (00:39 +0100)]
fix CyaSSL build
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Mon, 17 Mar 2014 22:21:53 +0000 (23:21 +0100)]
Write pending data after connecting
fixes issues with incoming writes before the ssl negotiation is complete
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 15 Mar 2014 15:16:24 +0000 (16:16 +0100)]
add client example code
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 15 Mar 2014 15:01:06 +0000 (16:01 +0100)]
polarssl: enable client side ssl verification if a certificate was loaded
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 15 Mar 2014 13:23:49 +0000 (14:23 +0100)]
give the main context a type instead of making it void *
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 15 Mar 2014 12:59:07 +0000 (13:59 +0100)]
ustream-ssl: always check connection at the beginning of a session
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 15 Mar 2014 12:29:28 +0000 (13:29 +0100)]
ustream-server-example: close connection on error
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 15 Mar 2014 12:26:32 +0000 (13:26 +0100)]
example: rename to ustream-example-server
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 15 Mar 2014 12:19:01 +0000 (13:19 +0100)]
polarssl: fix error check on write
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 14 Mar 2014 13:20:59 +0000 (14:20 +0100)]
polarssl: add support for version 1.3
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Jo-Philipp Wich [Wed, 30 Oct 2013 12:53:45 +0000 (13:53 +0100)]
Add version detection of CyaSSL and make the cyassl backend compatible with both legacy and current CyaSSL versions
Felix Fietkau [Wed, 25 Sep 2013 07:06:36 +0000 (09:06 +0200)]
avoid installing internal header files
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Wed, 24 Jul 2013 16:36:11 +0000 (18:36 +0200)]
polarssl: disable perfect forward secrecy, it slows down each connection handshake by about 130 ms of cpu-bound activity
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Tue, 18 Jun 2013 10:47:18 +0000 (12:47 +0200)]
consume all data after a socket write error
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Mon, 4 Feb 2013 21:13:24 +0000 (22:13 +0100)]
add polarssl support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Mon, 4 Feb 2013 16:41:54 +0000 (17:41 +0100)]
split cyassl and openssl sources, add ssl library abstraction
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Mon, 4 Feb 2013 19:25:22 +0000 (20:25 +0100)]
example: ignore SIGPIPE
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Wed, 23 Jan 2013 14:24:08 +0000 (15:24 +0100)]
build: remove install prefix override
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Tue, 22 Jan 2013 14:24:28 +0000 (15:24 +0100)]
fix read polling by putting the buffer prepare in a loop
allow user to process more than a single buffer's worth of data in one call
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Tue, 22 Jan 2013 12:38:35 +0000 (13:38 +0100)]
add s->poll wrapper
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sun, 13 Jan 2013 08:59:58 +0000 (09:59 +0100)]
use libm with cyassl
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sun, 13 Jan 2013 08:52:34 +0000 (09:52 +0100)]
remove commented out include/link directories
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sun, 13 Jan 2013 08:41:55 +0000 (09:41 +0100)]
add copyright info and license
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 4 Jan 2013 22:17:35 +0000 (23:17 +0100)]
fix compile errors on linux
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 4 Jan 2013 17:27:05 +0000 (18:27 +0100)]
return -1/0 instead of ssl specific return codes when setting crt/key files
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 4 Jan 2013 16:37:49 +0000 (17:37 +0100)]
only export one symbol from the lib, containing a struct with all functions. useful for using ustream-ssl as a plugin
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Thu, 27 Dec 2012 18:09:41 +0000 (19:09 +0100)]
install headers and library
Felix Fietkau [Tue, 23 Oct 2012 15:59:52 +0000 (17:59 +0200)]
fix logic inversion
Felix Fietkau [Tue, 23 Oct 2012 02:01:09 +0000 (04:01 +0200)]
Initial import