| #
3b4a007b |
| 01-Jan-2022 |
jsg <jsg@openbsd.org> |
contibutions -> contributions
|
| #
75ceac9c |
| 22-Jun-2021 |
jmc <jmc@openbsd.org> |
zap wonky commas;
|
| #
d0fc3bb6 |
| 22-Jun-2021 |
kn <kn@openbsd.org> |
Clarify tls_config_set_*_file() file I/O semantics
tls_config_set_*_file(3) do not just set the file paths like
tls_config_set_*_path(3) do, they do load the given file(s) into memory
directly using
Clarify tls_config_set_*_file() file I/O semantics
tls_config_set_*_file(3) do not just set the file paths like
tls_config_set_*_path(3) do, they do load the given file(s) into memory
directly using tls_config_load_file().
This distinction is important because it means a later tls_connect(3)
will not do any file I/O (at least wrt. those files), which is relevant when
for example pleding without "[rwc]path" after loading files into memory and
before doing tls_connect(3).
The manual's current wording made me use the following due to above way of
pledging a program:
tls_load_file()
tls_config_set_ca_mem()
tls_unload_file()
While in fact a single tls_config_set_ca_file() call does the same.
tls_config.c r1.26 (Aug 2016) change the code but forgot to amend the manual
as noted by tb, thanks.
Feedback OK tb
show more ...
|
| #
f6b75673 |
| 29-Nov-2018 |
tedu <tedu@openbsd.org> |
expose the default cert file as a function, not a define. it's really
an internal detail of the library, so the string should live inside it,
not in the application code.
ok jsing
|
| #
5a0149f0 |
| 21-Aug-2018 |
schwarze <schwarze@openbsd.org> |
typo in argument type, from Mario dot Andres dot Campos at gmail dot com
|
| #
74a357a3 |
| 08-Oct-2017 |
jmc <jmc@openbsd.org> |
hyphenate DER/PEM-encoded, for consistency;
|
| #
5b1edaac |
| 01-Aug-2017 |
jmc <jmc@openbsd.org> |
correct function name;
from carlos cardenas
|
| #
0d038da5 |
| 06-Jul-2017 |
jsing <jsing@openbsd.org> |
Document tls_config_set_crl_file() and tls_config_set_crl_mem().
Based on a diff from Jack Burton <jack at saosce dot com dot au>, thanks!
|
| #
71144978 |
| 06-May-2017 |
jsing <jsing@openbsd.org> |
Document tls_unload_file().
|
| #
ff8b022a |
| 31-Jan-2017 |
jmc <jmc@openbsd.org> |
tweak previous;
|
| #
ef012c23 |
| 31-Jan-2017 |
beck <beck@openbsd.org> |
Add tls_config_[add|set]keypair_ocsp functions so that ocsp staples may be
added associated to a keypair used for SNI, and are usable for more than
just the "main" certificate. Modify httpd to use th
Add tls_config_[add|set]keypair_ocsp functions so that ocsp staples may be
added associated to a keypair used for SNI, and are usable for more than
just the "main" certificate. Modify httpd to use this.
Bump libtls minor.
ok jsing@
show more ...
|
| #
8b02f64e |
| 28-Jan-2017 |
schwarze <schwarze@openbsd.org> |
add HISTORY and AUTHORS
|
| #
4801fc0b |
| 27-Jan-2017 |
schwarze <schwarze@openbsd.org> |
Fix Copyright notices; ok beck@ jsing@ tedu@
|
| #
e690d60f |
| 25-Jan-2017 |
schwarze <schwarze@openbsd.org> |
split the tls_init(3) that had grown fat to allow healthy future growth;
suggested by jsing@; "i would just chuck it in" jmc@
|