summary refs log tree commit diff
Commit message (Collapse)AuthorAge
* build: Ignore generated filesJune McEnroe2020-08-02
|
* build: Add compat sourcesJune McEnroe2020-08-02
| | | | | Copied from crypto/Makefile.am for the ones that are actually used by libtls.
* build: Strip down buildJune McEnroe2020-08-02
|
* build: Add ax_check_opensslJune McEnroe2020-07-31
|
* tls: Call SSL_CTX_set_default_verify_paths by defaultJune McEnroe2020-07-31
| | | | | | | | | | | | | | | | | | | | | | | This removes the hard dependency on a CA bundle file existing in the default path (which seems to not be the case on Debian, for example), but results in a subtle behaviour change: if the CA bundle file does not exist, the CA directory will be used instead, rather than failing hard. I believe the only reason libtls insists on loading a CA bundle file itself is so that it can be sandboxed afterwards, given that a file is loaded all at once while a directory is only loaded as needed. If the default CA bundle file exists, SSL_CTX_set_default_verify_paths will still immediately load it, so sandboxing will still work. If it doesn't exist, then the CA directory will be used, which will work well for unsandboxed applications, but will likely fail during verification as it tries to search the directory. Either way, if the CA bundle file does not exist, a sandboxed application will not work. Enabling the use of the CA directory, however, will allow more unsandboxed applications to work. Finally, to restore the original behaviour, an application can call tls_config_set_ca_file(3) with the path returned by tls_default_ca_cert_file(3).
* tls_config: Replace constant with X509_get_default_cert_file()June McEnroe2020-07-31
|
* tls_internal: Replace default ciphers with compatJune McEnroe2020-07-31
|
* tls: Implement load_verify_memJune McEnroe2020-07-31
| | | | Based on crypto/x509/by_mem.c
* tls: Implement use_certificate_chain_memJune McEnroe2020-07-31
| | | | Based on ssl/ssl_rsa.c.
* tls: Use SSL_CTX_get0_param and X509_STORE_get0_paramJune McEnroe2020-07-31
|
* tls_server: Remove SSL_OP_NO_CLIENT_RENEGOTIATIONJune McEnroe2020-07-31
| | | | This is a LibreSSL-specific option.
* tls_ocsp: Use X509_STORE_CTX_new and X509_OBJECT_newJune McEnroe2020-07-31
|
* tls_ocsp: Use ASN1_TIME_to_tmJune McEnroe2020-07-31
|
* tls_conninfo: Implement time_tm_clamp_notafterJune McEnroe2020-07-31
| | | | From crypto/asn1/a_time_tm.c
* tls_conninfo: Use ASN1_TIME_to_tmJune McEnroe2020-07-31
|
* tls_verify: Use ASN1_STRING_get0_dataJune McEnroe2020-07-31
|
* tls_bio_cb: Use public BIO interfacesJune McEnroe2020-07-31
|
* tls_server: #include <string.h>June McEnroe2020-07-30
|
* tls_client: #include <string.h>June McEnroe2020-07-30
|
* tls_util: #include <string.h>June McEnroe2020-07-30
|
* tls_config: #include <string.h>June McEnroe2020-07-30
|
* tls: #include <string.h>June McEnroe2020-07-30
|
* Import LibreSSL 3.2.0June McEnroe2020-07-30
|
* import: Add script to extract libtls from libressl-portableJune McEnroe2020-07-30
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-22 22:08:25 +0000
='2022-02-19 18:28:45 -0500'>2022-02-19Factor out window management to window.cJune McEnroe 2022-02-19Enable -Wmissing-prototypesJune McEnroe In other words, warn when a function is missing static. I don't see why this isn't in -Wextra. 2022-02-19Fix edit.[ch] license notice additional permissionsJune McEnroe 2022-02-19Run line editing testsJune McEnroe I know, it feels wrong. 2022-02-18Implement new line editing "library"June McEnroe Losing tab complete and text macros, for now. This new implementation works on an instance of a struct and does not interact with the rest of catgirl, making it possible to copy into another project. Unlike existing line editing libraries, this one is entirely abstract and can be rendered externally. My goal with this library is to be able to implement vi mode. Since it operates on struct instances rather than globals, it might also be possible to give catgirl separate line editing buffers for each window, which would be a nice UX improvement. 2022-02-18Simplify cursor positioning in inputJune McEnroe Do some extra work by adding the portion before the cursor to the input window twice, but simplify the interaction with the split point. This fixes the awkward behaviour when moving the cursor across colour codes where the code would be partially interpreted up to the cursor. 2022-02-18Fix M-f orderingJune McEnroe 2022-02-12Move sandman build to scripts/MakefileJune McEnroe 2022-02-12Use compat_readpassphrase.c on LinuxJune McEnroe 2022-02-12Copy RPP defines from oconfigureJune McEnroe