1. 13 Jan, 2009 2 commits
  2. 08 Jan, 2009 1 commit
  3. 05 Jan, 2009 3 commits
  4. 16 Dec, 2008 2 commits
    • Jarod Neuner's avatar
      Early TLS Handshake and Verification · 4af68bbd
      Jarod Neuner authored
      tport_type_tls.c:
      * tport_tls_accept():
        - Replaces tport_accept for incoming TLS connections.
      * tport_tls_connect():
        - Replaces tport_base_connect() for outgoing TLS connections.
      
      tport_tls.c:
      * tls_t now use a memory home instead of malloc.
      * removed tls_check_hosts()
      * tls_connect():
        - Replaces tport_base_connect for TLS connection setup.
        - Completes TLS handshake and verifies peer certificates.
        - Destroys suspect TLS connections before sending/receiving payload.
        - Populates a su_strlst_t with subjects from the peer certificate.
      
      tport.c:
      * tport_is_verified()
        - true if peer certificate validated successfully
      * tport_delivered_from_subjects()
        - Certificate subjects listed in the peer certificate.
      
      darcs-hash:20081216221937-2152f-3d6b74d411b57c22230e4840fca133da48c86368.gz
      4af68bbd
    • Jarod Neuner's avatar
      Helper functions for vtp_connect and vtp_wakeup_pri. · f799e03c
      Jarod Neuner authored
      - Expose tport_setname() and tport_wakeup() via tport_internal.h
      - Add tport_register_secondary() for adding secondaries to a root, and
        to alleviate the need to export tprb_append.
      
      darcs-hash:20081216175826-2152f-1a5680d4ca61ba2405b497cfc12bde3a776bfd64.gz
      f799e03c
  5. 19 Dec, 2008 1 commit
  6. 28 Nov, 2008 2 commits
  7. 27 Nov, 2008 24 commits
  8. 26 Nov, 2008 3 commits
    • Paulo Pizarro paulo DOT pizarro AT gmail DOT com's avatar
      tport: new tag TPTAG_TLS_VERIFY_PEER · 0c8aac4a
      With this tag, the verification of certificates can be controlled:
      0: no verify certificates.
      1: on server mode, the certificate returned by client is checked and
         if fail the TLS/SSL handshake is immediately terminated.
      1: on client mode, the server certificate is verified and
         if fail the TLS/SSL handshake is immediately terminated.
      
      I added this tag, because I'd like that my application not connected to a
      server with a untrusted certificate.
      
      darcs-hash:20081126184231-daa5a-26fe2a4f958d2f931d3f7e9b31bc0426e7250a1f.gz
      0c8aac4a
    • Pekka Pessi's avatar
      tport.c: cleared whitespace · 08287d39
      Pekka Pessi authored
      darcs-hash:20081126183839-db55f-8bc76861b38b4cdd6423e5fcaf645bcad55f24b8.gz
      08287d39
    • Pekka Pessi's avatar
      tport.c: log real transport name by tport_vsend() · 7fe6cb69
      Pekka Pessi authored
      darcs-hash:20081126183803-db55f-727c15892f5adb0e8e4eab1adb6d8736aec37042.gz
      7fe6cb69
  9. 12 Jul, 2008 1 commit
  10. 05 Jun, 2008 1 commit