Mike Blumenkrantz
7cc2aa0582
whoops, fix compile on unrelated change that snuck in
...
changelog tbd
SVN revision: 66004
2011-12-08 01:30:53 +00:00
Mike Blumenkrantz
e47742e142
damn you ctrl+d!
...
SVN revision: 66003
2011-12-08 01:23:10 +00:00
Mike Blumenkrantz
b40fa86b4a
+ecore_con_ssl_server_verify_name_set/get
...
SVN revision: 66002
2011-12-08 01:14:55 +00:00
Mike Blumenkrantz
f0e4cb8e79
allow certificates to be loaded for STARTTLS
...
SVN revision: 66000
2011-12-07 23:36:15 +00:00
Mike Blumenkrantz
d9587433b5
remove some unused functions pointed out by Joerg Sonnenberger <joerg@britannica.bec.de>
...
SVN revision: 65798
2011-12-02 03:27:04 +00:00
Mike Blumenkrantz
be730ca826
rewrite a few small things to make code more clear
...
SVN revision: 65360
2011-11-18 03:59:00 +00:00
Mike Blumenkrantz
491fe6b0d6
remove some unused vars
...
SVN revision: 64964
2011-11-09 01:19:14 +00:00
Cedric BAIL
1dc2512897
efl: remove mman as we Eina_File now.
...
Patch from Vincent Torri.
SVN revision: 62244
2011-08-09 09:19:25 +00:00
Mike Blumenkrantz
9d235b3fc7
switch over all buffers to use binbufs
...
SVN revision: 61423
2011-07-16 13:07:39 +00:00
Mike Blumenkrantz
3bde9147fb
apparently SSL_set_verify with SSL_VERIFY_PEER is NOT sufficient for validating a certificate as its man page implies. good thing the correct way is properly docu...right. openssl. riiiiiiiiiggghhht.
...
+ecore_con_ssl_server_verify_basic for checking a cert against its hostname
SVN revision: 60673
2011-06-25 08:39:07 +00:00
Mike Blumenkrantz
64731e1dc9
+ecore_con_ssl_server_upgrade
...
+ecore_con_ssl_client_upgrade
+ECORE_CON_EVENT_SERVER_UPGRADE
+ECORE_CON_EVENT_CLIENT_UPGRADE
new functions for upgrading an existing plaintext connection to SSL/TLS, as seen in STARTTLS and my nightmares
SVN revision: 60359
2011-06-15 18:58:34 +00:00
Cedric BAIL
a3957ae5df
ecore: fix ifdef order.
...
SVN revision: 59381
2011-05-14 12:53:00 +00:00
Cedric BAIL
541bc1158b
ecore: sync GNUTLS threads support with Eina threads support.
...
At least now, if you rebuild the efl in the right order, you
can't end with one library initializing GnuTLS without threads
support and another needing GnuTLS with threads support.
SVN revision: 59379
2011-05-14 09:22:15 +00:00
Daniel Juyung Seo
6ef3841a37
Ecore: Removed trailing whitespaces.
...
SVN revision: 58753
2011-04-20 14:15:33 +00:00
Mike Blumenkrantz
59cf6d359c
fix stupid 64bit compile warning from stupid gnutls api bug
...
SVN revision: 57901
2011-03-19 20:27:16 +00:00
Mike Blumenkrantz
6fe0efadd5
fix stupid openssl crash
...
SVN revision: 57878
2011-03-19 05:02:37 +00:00
Mike Blumenkrantz
84cd9199de
avoid double printing errors
...
SVN revision: 56934
2011-02-10 19:22:30 +00:00
Mike Blumenkrantz
daafddb571
implement full event-driven error messaging api for all non-curl ecore_con
...
docs are in the header, happy birthday cedric
SVN revision: 56894
2011-02-10 08:49:23 +00:00
Mike Blumenkrantz
5af9081342
finally fix stupid ssl read bug for long transfers! also added a couple more error checks and reordered things to read a little better
...
SVN revision: 55577
2010-12-16 07:43:48 +00:00
Mike Blumenkrantz
1d759c88d1
only enable extensive ssl logging with compile define set to avoid massive slowdown
...
SVN revision: 55106
2010-12-01 03:19:28 +00:00
Mike Blumenkrantz
f334d907ae
robustify ssl handshaking by catching extremely rare cases when the session has been deleted between handshake calls usually caused by thousands of concurrent sessions. yes, I'm benchmarking.
...
SVN revision: 54269
2010-11-07 05:36:40 +00:00
Mike Blumenkrantz
ddd151bf37
reformat using ecrustify because uncrustify dicked it up previously
...
SVN revision: 54128
2010-11-03 17:58:37 +00:00
Mike Blumenkrantz
ecd54f41fe
because SUCCESS is not an error.
...
SVN revision: 54078
2010-11-01 20:46:39 +00:00
Mike Blumenkrantz
e4439fb0c6
add a sweet DBG logging function for gnutls because logging info rules
...
SVN revision: 53980
2010-10-29 04:31:16 +00:00
Mike Blumenkrantz
c469c5bddf
comment out all psk code since I haven't implemented it yet, fix gnutls servers (how the hell did it break?????)
...
SVN revision: 53979
2010-10-28 23:51:08 +00:00
Mike Blumenkrantz
4ca9db7909
a little bit of reformatting, be explicit with dhp allocation, and add server verification for client certs (apparently I was off my cut and paste game that day)
...
SVN revision: 53974
2010-10-28 18:25:35 +00:00
Mike Blumenkrantz
a09f61a9f8
remove unnecessary ifdef
...
SVN revision: 53965
2010-10-28 16:07:47 +00:00
Mike Blumenkrantz
b40a8e7efe
wnen I said gnutls on my last commit, I really meant openssl. but when I say gnutls on this commit, I mean gnutls. really.
...
SVN revision: 53961
2010-10-28 14:48:25 +00:00
Mike Blumenkrantz
9e5e01219c
add more gnutls info for dhp generation so you can tell if it ever stops
...
SVN revision: 53959
2010-10-28 14:07:47 +00:00
Mike Blumenkrantz
3638b837cc
only set openssl verify when needed to avoid some handshake errors
...
SVN revision: 53955
2010-10-28 13:15:36 +00:00
Mike Blumenkrantz
de31d29f65
hmmm actually this is probably the better way to fix it with maximum laziness
...
SVN revision: 53937
2010-10-27 20:52:36 +00:00
Mike Blumenkrantz
d9d3d63f42
fix potential crash when someone specifies a weird/nonexistent ssl type
...
SVN revision: 53936
2010-10-27 20:51:09 +00:00
Sebastian Dransfeld
34cecc6810
We always require gnutls >= 2.10
...
SVN revision: 53911
2010-10-27 07:09:16 +00:00
Sebastian Dransfeld
38f1292466
Check for gnutls >= 2.6
...
SVN revision: 53578
2010-10-18 18:28:11 +00:00
Cedric BAIL
313e855af5
* ecore: proper protection of newer constant.
...
SVN revision: 53567
2010-10-18 13:11:25 +00:00
Mike Blumenkrantz
38c32c19a0
add info when generating dh params so people will know wtf is going on when their app hangs for an hour on startup
...
SVN revision: 53473
2010-10-15 21:31:25 +00:00
Mike Blumenkrantz
513bdc7da1
stop trying to use ssl for local connections
...
SVN revision: 53409
2010-10-14 16:19:17 +00:00
Vincent Torri
eeb330adc3
fix doxygen warnings
...
SVN revision: 53296
2010-10-12 06:34:31 +00:00
Mike Blumenkrantz
2f5589d890
add DBG for successfully completing SSL verification. with this commit, I believe that the ssl api should be 100% functional.
...
SVN revision: 52988
2010-10-02 22:27:30 +00:00
Mike Blumenkrantz
e8ee2a75f0
require peer verification when verify is called
...
SVN revision: 52987
2010-10-02 22:01:43 +00:00
Mike Blumenkrantz
abad9a5eb3
clear out the _try series of functions because they're useless
...
SVN revision: 52985
2010-10-02 21:13:56 +00:00
Mike Blumenkrantz
01c2990b47
openssl fixes:
...
only enable CRL checking when CRLs are loaded
output full ssl session info to DBG
SVN revision: 52982
2010-10-02 09:58:06 +00:00
Mike Blumenkrantz
03d5ae91ca
formatting, correctly set ->ssl_err when appropriate, add cert verification for openssl
...
SVN revision: 52979
2010-10-02 09:14:41 +00:00
Mike Blumenkrantz
2516eec5f8
fix openssl CRL loading
...
SVN revision: 52971
2010-10-02 01:32:05 +00:00
Mike Blumenkrantz
0aaad2d41e
add returns for later certificate checking
...
SVN revision: 52916
2010-09-30 01:53:23 +00:00
Mike Blumenkrantz
585fecac5b
add fd flags for openssl
...
SVN revision: 52915
2010-09-30 01:50:58 +00:00
Mike Blumenkrantz
ce529f9758
formatting
...
SVN revision: 52914
2010-09-30 01:01:41 +00:00
Mike Blumenkrantz
a5d9f332a0
wow. just...wow
...
SVN revision: 52913
2010-09-30 00:45:48 +00:00
Mike Blumenkrantz
e3ab6e3aeb
I tried the lfelipe method: "hey, if fixing it seems to not be working, shouldn't you try to screw it up?"
...
it didn't work.
SVN revision: 52912
2010-09-30 00:01:25 +00:00
Mike Blumenkrantz
6990394b46
wow mike, you need to take a vacation. immediately.
...
change fd handler flags to be set when the handshake ISN'T finished
SVN revision: 52911
2010-09-29 23:56:31 +00:00