From 6780eee3e0dbe37640f72ed1e37a95c506e23f8c Mon Sep 17 00:00:00 2001 From: Laurent Bercot Date: Tue, 18 May 2021 11:19:19 +0000 Subject: Prepare for 2.4.2.0; implement client certificates with bearssl Also send a bit more environment with libtls --- NEWS | 6 ++ doc/index.html | 2 +- doc/s6-tlsd-io.html | 6 +- doc/upgrade.html | 9 ++- package/deps.mak | 9 ++- package/info | 2 +- src/include/s6-networking/sbearssl.h | 5 ++ src/sbearssl/deps-lib/sbearssl | 3 + src/sbearssl/sbearssl-internal.h | 3 + src/sbearssl/sbearssl_client_init_and_run.c | 82 +++++++++++++--------- src/sbearssl/sbearssl_get_keycert.c | 36 ++++++++++ src/sbearssl/sbearssl_get_tas.c | 33 +++++++++ src/sbearssl/sbearssl_server_init_and_run.c | 64 +++++++---------- .../sbearssl_x509_minimal_init_with_engine.c | 25 +++++++ src/stls/stls_send_environment.c | 31 +++++--- 15 files changed, 225 insertions(+), 91 deletions(-) create mode 100644 src/sbearssl/sbearssl_get_keycert.c create mode 100644 src/sbearssl/sbearssl_get_tas.c create mode 100644 src/sbearssl/sbearssl_x509_minimal_init_with_engine.c diff --git a/NEWS b/NEWS index bec55c2..0aa7b52 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,11 @@ Changelog for s6-networking. +In 2.4.2.0 +---------- + + - Actual server-side support for client certificates with BearSSL + + In 2.4.1.1 ---------- diff --git a/doc/index.html b/doc/index.html index 727b9e9..221a65b 100644 --- a/doc/index.html +++ b/doc/index.html @@ -91,7 +91,7 @@ run-time requirement if you link against its shared version.