Age | Commit message (Collapse) | Author | |
---|---|---|---|
2023-09-20 | Remove extra warning when s6-tcpserver-access has no ruleset | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2023-09-11 | Remove s6-tcpserver?d dependency on libs6 | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2023-09-09 | Fix s6-tlsd fd fux | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2023-09-09 | Use cspawn (skalibs-2.14) | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2023-09-08 | Fully defork s6-tlsc and s6-tlsd | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2023-09-08 | Refactor s6-tls[cd] so they're ready to port to posix_spawn | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2023-09-08 | New versions of s6-tcpserver4d and s6-tcpserver6d | Laurent Bercot | |
- both now use posix_spawn when available - s6-tcpserver4d uses avltree for logarithmic lookups - s6-tcpserver6d still has the linear lookup - the point was to benchmark linear vs logarithmic, but the fork() overhead overshadowed everything - now with fork() out of the way, I'm going back to benchmarks Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2023-08-09 | Fix s6-tcpserver verbosity invocation | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2023-08-09 | Fix s6-tlsserver tcpaccess invocation condition | Laurent Bercot | |
Also fix s6-tlsclient storage reservation Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2023-08-08 | Prepare for 2.5.1.4; fix s6-tlsserver -Y|-y | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2023-02-15 | Autoset INTERNAL_LIBS | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2023-01-23 | bugfix: s6net_ident_reply_get uninitialized variable | Laurent Bercot | |
Thanks hurufu. Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2023-01-18 | QoL: more client warnings / earlier exit when taiclock or ntp exchange fails | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2022-11-29 | Prepare for 2.5.1.2 | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2022-10-14 | Bring libsbearssl doc up to date. | Laurent Bercot | |
Also fix a typo in sbearssl.h Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2022-10-07 | bugfix: sbearssl_run adapted to new allread() API | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2022-10-07 | Add workaround to bearssl regression with BR_FEATURE_X509_TIME_CALLBACK | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2022-08-30 | s6-tls[cd]: don't leak useless fd to the app | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2022-08-12 | sbearssl_sni_policy_vtable: use the COPY macro for ec as well | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2022-07-18 | Fix allread errno management | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2022-04-09 | Prepare for 2.5.1.1; adapt to skalibs-2.12.0.0 | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2021-11-19 | Add sbearssl_*_set_tain(n)_g convenience macros | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2021-11-18 | Allow SNI wildcarding for *.example.com | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2021-11-18 | SNI matches are case-insensitive | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2021-11-09 | Fix error path in add_keypair_file for sbearssl SNI policy | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2021-11-09 | Fix error message in sbearssl server init | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2021-11-08 | No need for twice the workaround ^^' | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2021-10-19 | Workaround for a bearssl bug in do_sign | Laurent Bercot | |
Credit to Erico Nogueira for reporting and helping find the bug. Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2021-10-18 | Fix error case in readbigpem | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2021-09-24 | Fix sbearssl send_environment protocol | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2021-09-24 | Log client decision on s6-ucspitls[cd] -v2 | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2021-08-10 | Adapt to skalibs-2.11.0.0 | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2021-07-23 | Prepare for 2.5.0.0; remove minidentd | Laurent Bercot | |
Signed-off-by: Laurent Bercot <ska@appnovation.com> | |||
2021-06-03 | Cosmetics | Laurent Bercot | |
2021-06-03 | Inline functions | Laurent Bercot | |
2021-06-03 | Don't hardcode ecdsa signature implementation in sni_policy | Laurent Bercot | |
2021-06-02 | Work around incredible libtls stupidity | Laurent Bercot | |
2021-06-02 | Correctly clean up the environment for -z | Laurent Bercot | |
2021-06-02 | Debug session. Now works. | Laurent Bercot | |
The environment given to the application still needs to be cleaned up of SNI variables. | |||
2021-06-01 | Merge branch 'dev' | Laurent Bercot | |
This add full client certificate support, as well as tentative SNI functionality | |||
2021-06-01 | Add servername to storagedev | Laurent Bercot | |
2021-06-01 | Make stuff build | Laurent Bercot | |
Still not working: we need to add servername to the storage | |||
2021-06-01 | Add all the missing pieces for sni_policy | Laurent Bercot | |
sbearssl_server_init_and_run is yet unchanged, the next step is to rewrite it using the new primitives. | |||
2021-05-30 | bugfix: -l option in s6-tlsserver takes an arg | Laurent Bercot | |
2021-05-30 | Start work on bearssl server-side sni | Laurent Bercot | |
2021-05-28 | Server-side SNI, libtls version | Laurent Bercot | |
Implementation for bearssl coming soon. | |||
2021-05-27 | All good, remove debug instructions | Laurent Bercot | |
2021-05-27 | Remove backtraces; add verification impls to server engines | Laurent Bercot | |
2021-05-27 | Add backtrace invocation to debug spurious get_pkey call | Laurent Bercot | |
2021-05-25 | More debug commands | Laurent Bercot | |