Sebastian Dransfeld
38f1292466
Check for gnutls >= 2.6
...
SVN revision: 53578
2010-10-18 18:28:11 +00:00
Cedric BAIL
313e855af5
* ecore: proper protection of newer constant.
...
SVN revision: 53567
2010-10-18 13:11:25 +00:00
Mike Blumenkrantz
38c32c19a0
add info when generating dh params so people will know wtf is going on when their app hangs for an hour on startup
...
SVN revision: 53473
2010-10-15 21:31:25 +00:00
Mike Blumenkrantz
513bdc7da1
stop trying to use ssl for local connections
...
SVN revision: 53409
2010-10-14 16:19:17 +00:00
Vincent Torri
eeb330adc3
fix doxygen warnings
...
SVN revision: 53296
2010-10-12 06:34:31 +00:00
Mike Blumenkrantz
2f5589d890
add DBG for successfully completing SSL verification. with this commit, I believe that the ssl api should be 100% functional.
...
SVN revision: 52988
2010-10-02 22:27:30 +00:00
Mike Blumenkrantz
e8ee2a75f0
require peer verification when verify is called
...
SVN revision: 52987
2010-10-02 22:01:43 +00:00
Mike Blumenkrantz
abad9a5eb3
clear out the _try series of functions because they're useless
...
SVN revision: 52985
2010-10-02 21:13:56 +00:00
Mike Blumenkrantz
01c2990b47
openssl fixes:
...
only enable CRL checking when CRLs are loaded
output full ssl session info to DBG
SVN revision: 52982
2010-10-02 09:58:06 +00:00
Mike Blumenkrantz
03d5ae91ca
formatting, correctly set ->ssl_err when appropriate, add cert verification for openssl
...
SVN revision: 52979
2010-10-02 09:14:41 +00:00
Mike Blumenkrantz
2516eec5f8
fix openssl CRL loading
...
SVN revision: 52971
2010-10-02 01:32:05 +00:00
Mike Blumenkrantz
0aaad2d41e
add returns for later certificate checking
...
SVN revision: 52916
2010-09-30 01:53:23 +00:00
Mike Blumenkrantz
585fecac5b
add fd flags for openssl
...
SVN revision: 52915
2010-09-30 01:50:58 +00:00
Mike Blumenkrantz
ce529f9758
formatting
...
SVN revision: 52914
2010-09-30 01:01:41 +00:00
Mike Blumenkrantz
a5d9f332a0
wow. just...wow
...
SVN revision: 52913
2010-09-30 00:45:48 +00:00
Mike Blumenkrantz
e3ab6e3aeb
I tried the lfelipe method: "hey, if fixing it seems to not be working, shouldn't you try to screw it up?"
...
it didn't work.
SVN revision: 52912
2010-09-30 00:01:25 +00:00
Mike Blumenkrantz
6990394b46
wow mike, you need to take a vacation. immediately.
...
change fd handler flags to be set when the handshake ISN'T finished
SVN revision: 52911
2010-09-29 23:56:31 +00:00
Mike Blumenkrantz
7cb095cc24
set fd handler flags properly from gnutls, update dbg info accordingly
...
reminder: do this for openssl later
SVN revision: 52910
2010-09-29 23:53:00 +00:00
Mike Blumenkrantz
f799de1375
even more verbose debug output
...
SVN revision: 52906
2010-09-29 22:04:11 +00:00
Mike Blumenkrantz
c0593c571a
add more debug output, and even more with -DPRINT_LOTS_OF_DEBUG
...
SVN revision: 52891
2010-09-29 14:52:36 +00:00
Mike Blumenkrantz
f5f8a3c45d
DBG output
...
SVN revision: 52875
2010-09-29 03:52:32 +00:00
Mike Blumenkrantz
ac12734be2
switch to newer priority string stuff so gnutls devs stop being dicks to us
...
SVN revision: 52865
2010-09-28 21:59:13 +00:00
Mike Blumenkrantz
7b3b888471
whoops comparison typo
...
SVN revision: 52846
2010-09-28 09:28:04 +00:00
Mike Blumenkrantz
b64b0b3ac9
first part of ssl rerererewrite: split functions, move stuff out of prepare(), and add verification for gnutls clients
...
SVN revision: 52837
2010-09-28 03:16:08 +00:00
Mike Blumenkrantz
b04f0b0360
disable rehandshake support for now
...
SVN revision: 52792
2010-09-26 23:56:31 +00:00
Mike Blumenkrantz
ec372b3bd5
whoops typo
...
SVN revision: 52712
2010-09-25 04:21:03 +00:00
Mike Blumenkrantz
0d535058a9
implement ssl rehandshakes
...
convert bool variable to bool
fix bug where ssl read/write could improperly result in disconnect
SVN revision: 52710
2010-09-25 03:02:10 +00:00
Mike Blumenkrantz
8ea3bbdd2e
fix warning detection
...
SVN revision: 52708
2010-09-24 22:49:06 +00:00
Mike Blumenkrantz
ae6f569862
remove double check for ssl
...
SVN revision: 52705
2010-09-24 20:07:55 +00:00
Mike Blumenkrantz
2430457121
don't use ssl for local connections
...
SVN revision: 52703
2010-09-24 20:03:09 +00:00
Mike Blumenkrantz
4a09cb751c
send server name extension
...
SVN revision: 52701
2010-09-24 19:47:25 +00:00
Cedric BAIL
3b324c10ed
* ecore: check GNUTLS version before using new feature.
...
SVN revision: 52680
2010-09-24 11:25:40 +00:00
Boris Faure
9d95bf5a82
ecore: fix compilation when GNUTLS_HANDSHAKE_NEW_SESSION_TICKET is not defined
...
SVN revision: 52679
2010-09-24 09:42:16 +00:00
Mike Blumenkrantz
da50c7b57d
add session ticket support for gnutls, also add extremely detailed handshake error messages
...
SVN revision: 52675
2010-09-24 06:54:49 +00:00
Mike Blumenkrantz
1757239da5
fix kx priority
...
SVN revision: 52671
2010-09-24 05:56:45 +00:00
Mike Blumenkrantz
60b4269b5f
yet another ecore_con overhaul!
...
*internal function rename
*******finally fix ssl handshaking to be non-blocking
SVN revision: 52665
2010-09-24 04:15:42 +00:00
Mike Blumenkrantz
b306683fec
something for morlenxus maybe
...
SVN revision: 52639
2010-09-23 10:35:30 +00:00
Mike Blumenkrantz
f617346761
finally. fix. openssl. again.
...
SVN revision: 52613
2010-09-23 00:16:42 +00:00
Mike Blumenkrantz
a1009c7893
cosmetic fix to use mixed protocol
...
SVN revision: 52610
2010-09-22 22:44:54 +00:00
Mike Blumenkrantz
0666d57062
better openssl error handlers
...
SVN revision: 52607
2010-09-22 22:33:02 +00:00
Mike Blumenkrantz
74d035df0b
prefer stronger anonymous client encryption
...
also some progress on openssl that does nothing except make servers take forever to start
SVN revision: 52606
2010-09-22 22:06:49 +00:00
Mike Blumenkrantz
3150202755
clean up openssl handshake
...
SVN revision: 52597
2010-09-22 17:37:25 +00:00
Vincent Torri
3fd0a6fb08
remove whitespaces
...
SVN revision: 52569
2010-09-22 08:03:38 +00:00
Mike Blumenkrantz
172da9d9cf
finally. fix. ssl.
...
SVN revision: 52567
2010-09-22 07:27:07 +00:00
Mike Blumenkrantz
787b09464b
disable PSK ciphers for now since they aren't implemented
...
SVN revision: 52565
2010-09-22 06:13:29 +00:00
Mike Blumenkrantz
5420324fd6
add ECORE_CON_USE_MIXED, which is just an alias for SSL3+TLS
...
SVN revision: 52561
2010-09-22 01:26:23 +00:00
Mike Blumenkrantz
38188213cf
!@#$ it, just going to rewrite the whole damn thing:
...
*fix gnutls client/server implementations to use correct ciphers and free memory properly
*prevent lots of segvs
this message brought to you by gnu dicks
SVN revision: 52559
2010-09-22 00:10:10 +00:00
Mike Blumenkrantz
c2da918bd5
fix ecore con openssl clients (really ecore_con_server...) sigh
...
SVN revision: 52538
2010-09-21 07:04:10 +00:00
Mike Blumenkrantz
3b55af0102
fix doxy and EAPI for ssl function
...
SVN revision: 52532
2010-09-21 05:34:10 +00:00
Mike Blumenkrantz
8e3be2fef8
FINALLY FIX OPENSSL SERVER!!!!!!!!! YESSSSSSSSSSSSSSSSSSSSS
...
SVN revision: 52497
2010-09-20 18:25:21 +00:00
Mike Blumenkrantz
27e3324ad2
remove ssl2 support completely
...
SVN revision: 52469
2010-09-19 19:38:38 +00:00
Mike Blumenkrantz
d1db6f1cf4
gnutls cleanup: only create diffie hellman bits on server init instead of for each client
...
overhead/blocking--
speed++
SVN revision: 52468
2010-09-19 19:25:47 +00:00
Mike Blumenkrantz
0c4707dcbc
finally crush the last openssl segv
...
still broken though
SVN revision: 52467
2010-09-19 18:40:43 +00:00
Carsten Haitzler
624628e9d1
more warngins--
...
SVN revision: 52460
2010-09-19 03:55:06 +00:00
Mike Blumenkrantz
4239d5d67f
giant cleanups/rewrites which are unnoticeable to users:
...
*client->server renamed client->host_server to clarify ambiguity
*ecore_con_ssl_client_prepare.* killed off because it was useless and wrong
*openssl generates only one SSL_CTX per server now instead of a new one for each client, which is broken/unnecessary/wasteful
**as a result, certificate loading is now only done once
**additionally this will save a very large amount of memory and avoid unnecessary/broken refcounting
*ecore_con_ssl_server_prepare.* rewritten to actually be useful instead of just a lazy way to null pointers
**all SSL_CTX code now goes here^
*some formatting fixes
*internal function renames
SVN revision: 52422
2010-09-18 19:26:05 +00:00
Carsten Haitzler
fa5b80b879
dont use tls max if it doesnt exist eh?
...
SVN revision: 52413
2010-09-18 11:41:15 +00:00
Mike Blumenkrantz
36bd287841
add mixed protocol for gnutls as well
...
SVN revision: 52412
2010-09-18 08:46:17 +00:00
Mike Blumenkrantz
a8ef623de7
allow mixing sslv3+tlsv1 in openssl, FINALLY FIX INITIAL BUG FOR OPENSSL SERVERS!
...
note that openssl servers still do not work because there is more than one bug :/
SVN revision: 52411
2010-09-18 08:36:13 +00:00
Mike Blumenkrantz
e9361b4e1c
whoops forgot an UNUSED for openssl
...
SVN revision: 52396
2010-09-18 05:32:27 +00:00
Mike Blumenkrantz
ac86c1aaa4
more progress on fixing openssl servers, fix all warnings, add error checking for openssl code
...
SVN revision: 52395
2010-09-18 05:31:00 +00:00
Mike Blumenkrantz
d8afcde705
add rest of ssl algorithms and clean up
...
SVN revision: 52391
2010-09-18 01:27:38 +00:00
Mike Blumenkrantz
5e499b0c0e
fix gnutls ssl
...
SVN revision: 52385
2010-09-17 19:43:03 +00:00
Mike Blumenkrantz
6542578149
new ssl error output: now with detailed location info and 50% more fiber!
...
SVN revision: 52380
2010-09-17 17:39:32 +00:00
Mike Blumenkrantz
d74f46d5a5
simplify error conditions and output errrors on failure
...
SVN revision: 52378
2010-09-17 17:22:59 +00:00
Mike Blumenkrantz
c7608248dd
enable compression for gnutls, add error checks to client functions
...
SVN revision: 52377
2010-09-17 17:18:41 +00:00
Mike Blumenkrantz
cb0c97b6c3
add error checking for servers
...
SVN revision: 52376
2010-09-17 17:03:15 +00:00
Mike Blumenkrantz
3e98b064d3
use right pointer for ssl ctx to avoid segv
...
SVN revision: 52362
2010-09-17 08:58:23 +00:00
Mike Blumenkrantz
f3a9a92d36
fix ssl to work with cert loading flag
...
SVN revision: 52361
2010-09-17 08:00:42 +00:00
Lucas De Marchi
0a4617ae38
FORMATTING
...
* Remove vim modelines:
find . -name '*.[chx]' -exec sed -i '/\/\*$/ {N;N;/ \* vim:ts/d}' \{\} \;
find . -name '*.[chx]' -exec sed -i '/\/[\*\/] *vim:/d' \{\} \;
* Remove leading blank lines:
find . -name '*.[cxh]' -exec sed -i '/./,$!d'
If you use vim, use this in your .vimrc:
set ts=8 sw=3 sts=8 expandtab cino=>5n-3f0^-2{2(0W1st0
SVN revision: 50816
2010-08-04 16:57:32 +00:00
Mike Blumenkrantz
8c946dff90
grrrrr this enum is really starting to piss me off
...
SVN revision: 50688
2010-07-30 15:57:19 +00:00
Mike Blumenkrantz
bc39497059
ssl cert cleanups: round 3
...
fix bitmask detection and refcount more correctly
SVN revision: 50679
2010-07-30 06:47:59 +00:00
Mike Blumenkrantz
3515de0a22
typos are frustratinnnnnnnnnnggggggggggggggggggggggggggggggggggggggg
...
SVN revision: 50637
2010-07-29 08:13:58 +00:00
Mike Blumenkrantz
eb9de4e5f0
redo some comments
...
SVN revision: 50628
2010-07-29 01:28:03 +00:00
Mike Blumenkrantz
94baa35276
prevent crafty users from breaking build if they define USE_OPENSSL and USE_GNUTLS
...
SVN revision: 50626
2010-07-29 00:13:56 +00:00
Mike Blumenkrantz
34bc016890
ssl uh-oh
...
SVN revision: 50612
2010-07-28 20:03:28 +00:00
Mike Blumenkrantz
76f9c81589
fix for people who compile without ssl/tls support
...
SVN revision: 50611
2010-07-28 19:58:57 +00:00
Mike Blumenkrantz
6a8c01999f
remove unused and null init a pointer
...
SVN revision: 50604
2010-07-28 18:27:47 +00:00
Mike Blumenkrantz
0bbca7c75d
fix cert support, split functions for client/server
...
note: crl checking and cert verification do not currently function
SVN revision: 50603
2010-07-28 18:25:46 +00:00
Mike Blumenkrantz
f0053045e4
add full ssl certificate support to ecore_con: call ecore_con_ssl_cert_add("/path/to/cert.pem") and then create the server object with the ECORE_CON_LOAD_CERT flag
...
also may have accidentally ruined the formatting on a couple files and started an hour-long discussion over efl formatting scripts to conceal the fact that I used uncrustify to reformat everything
SVN revision: 50529
2010-07-27 06:30:27 +00:00
Mike Blumenkrantz
7f68aaa0c0
fix fixme: free error strings on ssl shutdown
...
SVN revision: 50516
2010-07-26 20:05:50 +00:00
Vincent Torri
4d11d31e3d
* instead of including headers wrt to the OS, include them if
...
they are available
* compilation on Windows XP minimum only
SVN revision: 46338
2010-02-20 19:12:52 +00:00
Vincent Torri
3499767ddb
First steps towards the Windows port of ecore_con.
...
ecore_con_dns will be hard to port (fork+exec).
SVN revision: 46337
2010-02-20 18:01:50 +00:00
Sebastian Dransfeld
0a9456ccf7
Remove duplication from ecore headers
...
Clean up Ecore.h and ecore_private.h
SVN revision: 44664
2009-12-22 21:15:12 +00:00
Vincent Torri
4072d0b23d
* check the returned value of the _init() functions
...
* simplify a bit the init/shutdown functions
SVN revision: 42995
2009-10-10 05:28:43 +00:00
Sebastian Dransfeld
2849d938ff
include Ecore.h for ecore_main_fd_handler_active_set
...
SVN revision: 39544
2009-03-18 08:38:43 +00:00
Vincent Torri
e18508b701
remove a bit the mess n ecore. It's just the first patch...
...
* add vim header
* include config.h when necessary
* fix the order of some include
* move the standard header in ecore_private.h to the source files
I have recompiled all the efl and e17, and e17 seems to work fine with these changes.
If you encounter problems with that commit, let me know.
SVN revision: 38864
2009-01-31 18:33:39 +00:00
Sebastian Dransfeld
48202c24bc
Misc cleanup.
...
- Don't use EAPI for internal functions.
- Add prototypes to header.
- Some compiler warnings.
SVN revision: 38150
2008-12-15 17:59:19 +00:00
Cedric BAIL
6d2ca9c036
Add support for GNU TLS in ecore_con.
...
SVN revision: 37329
2008-10-30 15:26:11 +00:00