Prepare for 2.4.1.0; add SSL_TLS_SNI_SERVERNAME

6 files changed, 38 insertions, 9 deletions

diff --git a/doc/index.html b/doc/index.html
index 904fc85..7d39b4e 100644
--- a/doc/index.html
+++ b/doc/index.html
@@ -44,15 +44,15 @@ compiled with IPv6 support, s6-networking is IPv6-ready.
  <li> A POSIX-compliant system with a standard C development environment </li>
  <li> GNU make, version 3.81 or later </li>
  <li> <a href="//skarnet.org/software/skalibs/">skalibs</a> version
-2.10.0.0 or later. It's a build-time requirement. It's also a run-time
+2.10.0.1 or later. It's a build-time requirement. It's also a run-time
 requirement if you link against the shared version of the skalibs
 library. </li>
  <li> (Optional, but recommended) <a href="//skarnet.org/software/execline/">execline</a> version
-2.7.0.0 or later. It's a build-time and run-time requirement. </li>
+2.7.0.1 or later. It's a build-time and run-time requirement. </li>
  <li> <a href="//skarnet.org/software/s6/">s6</a> version
-2.10.0.0 or later. It's a build-time and run-time requirement. </li>
+2.10.0.1 or later. It's a build-time and run-time requirement. </li>
  <li> <a href="//skarnet.org/software/s6-dns/">s6-dns</a> version
-2.3.3.0 or later. It's a build-time requirement. It's also a run-time
+2.3.5.0 or later. It's a build-time requirement. It's also a run-time
 requirement if you link against the shared version of the s6-dns
 libraries. </li>
  <li> If you want to build the secure communication tools:
@@ -80,7 +80,7 @@ run-time requirement if you link against its shared version. </li>
 
 <ul>
  <li> The current released version of s6-networking is
-<a href="s6-networking-2.4.0.0.tar.gz">2.4.0.0</a>. </li>
+<a href="s6-networking-2.4.1.0.tar.gz">2.4.1.0</a>. </li>
  <li> Alternatively, you can checkout a copy of the
 <a href="//git.skarnet.org/cgi-bin/cgit.cgi/s6-networking/">s6-networking
 git repository</a>:
diff --git a/doc/s6-tlsc-io.html b/doc/s6-tlsc-io.html
index b2e9ce1..9999d4f 100644
--- a/doc/s6-tlsc-io.html
+++ b/doc/s6-tlsc-io.html
@@ -205,8 +205,11 @@ TLS handshake has completed, some data (terminated by two null
 characters) will be sent to file descriptor <em>notif</em>. The
 data contains information about the TLS parameters of the connection;
 its exact contents are left unspecified, but there's at least
-a <tt>SSL_PROTOCOL=<em>protocol</em></tt> string
-and a <tt>SSL_CIPHER=<em>cipher</em></tt> string, both null-terminated.
+a <tt>SSL_PROTOCOL=<em>protocol</em></tt> string,
+a <tt>SSL_CIPHER=<em>cipher</em></tt> string,
+and a <tt>SSL_TLS_SNI_SERVERNAME=<em>servername</em></tt> string
+ all null-terminated. (<em>servername</em> is the empty string if
+no SNI has been required.)
 Sending this data serves a dual purpose: telling the <em>notif</em>
 reader that the handshake has completed, and providing it with some
 basic information about the connection. If this option is not given,
diff --git a/doc/s6-tlsc.html b/doc/s6-tlsc.html
index 5ff3431..32070c0 100644
--- a/doc/s6-tlsc.html
+++ b/doc/s6-tlsc.html
@@ -95,6 +95,8 @@ environment variables:
 TLSv1, TLSv1.1, TLSv1.2... </li>
  <li> <tt>SSL_CIPHER</tt> contains the name of the cipher
 used. </li>
+ <li> <tt>SSL_TLS_SNI_SERVERNAME</tt> contains the required SNI
+server name, if any, or is empty otherwise. </li>
  <li> More similar environment variables containing information
 about the connection may be added in the future. </li>
 </ul>
diff --git a/doc/s6-tlsd-io.html b/doc/s6-tlsd-io.html
index 8f84728..53b1282 100644
--- a/doc/s6-tlsd-io.html
+++ b/doc/s6-tlsd-io.html
@@ -200,8 +200,11 @@ TLS handshake has completed, some data (terminated by two null
 characters) will be sent to file descriptor <em>notif</em>. The
 data contains information about the TLS parameters of the connection;
 its exact contents are left unspecified, but there's at least
-a <tt>SSL_PROTOCOL=<em>protocol</em></tt> string
-and a <tt>SSL_CIPHER=<em>cipher</em></tt> string, both null-terminated.
+a <tt>SSL_PROTOCOL=<em>protocol</em></tt> string,
+a <tt>SSL_CIPHER=<em>cipher</em></tt> string,
+and a <tt>SSL_TLS_SNI_SERVERNAME=<em>servername</em></tt> string
+ all null-terminated. (<em>servername</em> is the empty string if
+no SNI has been required.)
 Sending this data serves a dual purpose: telling the <em>notif</em>
 reader that the handshake has completed, and providing it with some
 basic information about the connection. If this option is not given,
diff --git a/doc/s6-tlsd.html b/doc/s6-tlsd.html
index 579c63c..83b70c1 100644
--- a/doc/s6-tlsd.html
+++ b/doc/s6-tlsd.html
@@ -104,6 +104,8 @@ environment variables:
 TLSv1, TLSv1.1, TLSv1.2... </li>
  <li> <tt>SSL_CIPHER</tt> contains the name of the cipher
 used. </li>
+ <li> <tt>SSL_TLS_SNI_SERVERNAME</tt> contains the required SNI
+server name, if any, or is empty otherwise. </li>
  <li> More similar environment variables containing information
 about the connection may be added in the future. </li>
 </ul>
diff --git a/doc/upgrade.html b/doc/upgrade.html
index 4df1cb7..c285749 100644
--- a/doc/upgrade.html
+++ b/doc/upgrade.html
@@ -18,6 +18,25 @@
 
 <h1> What has changed in s6-networking </h1>
 
+<h2> in 2.4.1.0 </h2>
+
+<ul>
+ <li> <a href="//skarnet.org/software/skalibs/">skalibs</a>
+dependency bumped to 2.10.0.1 </li>
+ <li> <a href="//skarnet.org/software/execline/">execline</a>
+dependency bumped to 2.7.0.1 </li>
+ <li> <a href="//skarnet.org/software/s6/">s6</a>
+dependency bumped to 2.10.0.1 </li>
+ <li> <a href="//skarnet.org/software/s6-dns/">s6-dns</a>
+dependency bumped to 2.3.5.0. </li>
+ <li> Handshake timeout is now functional with the <em>libtls</em>
+backend (previously it only was with the <em>bearssl</em> backend). </li>
+ <li> <a href="s6-tlsc-io.html">s6-tlsc-io</a> and
+<a href="s6-tlsd-io.html">s6-tlsd-io</a> now send the SNI server name,
+if any, in their notification message (when the <tt>-d</tt> option is
+active), in the <tt>SSL_TLS_SNI_SERVERNAME</tt> variable. </li>
+</ul>
+
 <h2> in 2.4.0.0 </h2>
 
 <ul>