Commit Graph

504 Commits

Author SHA1 Message Date
Daniel Roethlisberger
62af96e413 Clarify when it is preferred to use SNI proxyspecs 2012-05-13 22:33:31 +02:00
Daniel Roethlisberger
11fdf52553 Add NEWS file, documenting release history 2012-05-13 21:07:43 +02:00
Daniel Roethlisberger
f75d1bc01b Use some more markdown syntax 2012-05-13 18:22:23 +02:00
Daniel Roethlisberger
457c2621b8 Fix warning when SSLv2 session cache is enabled 2012-05-13 15:29:39 +02:00
Daniel Roethlisberger
8eb5165760 Optimize debug branching using __builtin_expect() 2012-05-13 15:24:50 +02:00
Daniel Roethlisberger
e270fb127b Unconditionally define _GNU_SOURCE
Get rid of the fragile glibc auto-detection mechanism and define
_GNU_SOURCE unconditionally in order to fix the build on recent GNU libc
systems such as Debian and Ubuntu.  On non-GNU libc implementations,
_GNU_SOURCE should not have any effect.

Issue:          #2
Reported by:    Vincent Bernat
2012-05-13 14:28:22 +02:00
Daniel Roethlisberger
3742404fe9 Update ECDH default curve name in manual page 2012-05-11 18:19:07 +02:00
Daniel Roethlisberger
7ad1deb680 Document intended use of SSLsplit 2012-05-11 18:12:22 +02:00
Daniel Roethlisberger
a3b6d58df4 State why ECDH is disabled with OpenSSL < 1.0.0e 2012-05-11 18:03:07 +02:00
Daniel Roethlisberger
38d22415af Generic EC loading, new default curve 'secp160r2' 2012-05-11 17:39:12 +02:00
Daniel Roethlisberger
6d58824de2 Fix typo in manual page 2012-05-03 01:01:57 +02:00
Daniel Roethlisberger
759ce87ff9 Add some basic unit tests for dynbuf 2012-05-03 00:54:10 +02:00
Daniel Roethlisberger
707480a1dd Add file comments 2012-05-02 16:24:33 +02:00
Daniel Roethlisberger
a592f7149c Improve error handling for no origcrt situations 2012-05-02 15:37:47 +02:00
Daniel Roethlisberger
605c1ab6e6 Improve error recovery under low memory conditions 2012-05-02 15:02:59 +02:00
Daniel Roethlisberger
2d1ad219b9 Change default cipher suite to "ALL:-aNULL" 2012-05-02 14:59:47 +02:00
Daniel Roethlisberger
1bd2872b20 DH group parameters are also loaded from -c 2012-05-02 13:46:18 +02:00
Daniel Roethlisberger
0e19243307 Reorder wildcard rules and improve error messages 2012-05-02 13:35:36 +02:00
Daniel Roethlisberger
43df203914 Handle empty strings correctly in URL routines 2012-05-01 02:01:31 +02:00
Daniel Roethlisberger
b6a0ff0c76 Free proxyspecs if they (unexpectedly) parse okay 2012-05-01 01:47:01 +02:00
Daniel Roethlisberger
ddbb945406 Rename unit test sources to fix language detection 2012-05-01 01:42:59 +02:00
Daniel Roethlisberger
90351cda7f Handle SSL_ERROR_SSL quietly when shutting down 2012-04-30 23:27:51 +02:00
Daniel Roethlisberger
5861d786f5 Update TODO 2012-04-30 23:27:41 +02:00
Daniel Roethlisberger
982ad89f2f Add generation of a password protected RSA key 2012-04-30 22:48:19 +02:00
Daniel Roethlisberger
e6c7b2e3ca Mention PKG_CONFIG_PATH 2012-04-23 01:03:38 +02:00
Daniel Roethlisberger
fa425e08d4 Fix PURIFY and warn when not seeding the RNG 2012-04-23 00:51:02 +02:00
Daniel Roethlisberger
439e8a8267 Use WUNRES and MALLOC attribs and fix sloppy code 2012-04-23 00:35:17 +02:00
Daniel Roethlisberger
64cf874925 Header self-sufficience cleanup round 2012-04-23 00:33:33 +02:00
Daniel Roethlisberger
7aca81a7b7 Improve CA cert/key config code and docs
Make -c and -k functional twins by also loading DH params in -c and by
fixing certificate loading in -k.  Improve the documentation for both
switches and simplify the SYNOPSIS in sslsplit(1).
2012-04-22 22:59:00 +02:00
Daniel Roethlisberger
c5335afc3b Handle empty strings correctly in Base64 routines 2012-04-22 22:30:32 +02:00
Daniel Roethlisberger
3fd9084fe1 Quickly decide on GET URIs obviously not OCSP 2012-04-22 21:55:19 +02:00
Daniel Roethlisberger
ee98c04b29 Add generic OCSP denial 2012-04-22 19:12:38 +02:00
Daniel Roethlisberger
bd86854be6 Add URL decoder 2012-04-22 18:39:15 +02:00
Daniel Roethlisberger
a224d1e7e8 Add facility to recognize OCSP requests 2012-04-22 18:02:58 +02:00
Daniel Roethlisberger
f354aecfd9 Add base64 encoder and decoder implementations 2012-04-22 17:59:49 +02:00
Daniel Roethlisberger
480dbca2bb Remove bogus test case numbers 2012-04-22 16:47:29 +02:00
Daniel Roethlisberger
9f40fbc473 Replace empty strings with dash when logging 2012-04-22 13:36:44 +02:00
Daniel Roethlisberger
07d591fccf Skip whitespace when parsing HTTP headers 2012-04-22 13:35:08 +02:00
Daniel Roethlisberger
f57062ccda Add __attribute__((pure)) 2012-04-22 13:25:57 +02:00
Daniel Roethlisberger
083b02d78d Minor reformatting 2012-04-22 12:43:23 +02:00
Daniel Roethlisberger
94b5e8ba7b Revert CDP syntax to be OpenSSL 0.9.x compatible 2012-04-18 00:05:15 +02:00
Daniel Roethlisberger
8474346ed9 Rebuild certs after config changes 2012-04-18 00:05:15 +02:00
Daniel Roethlisberger
8b520cf4de Redirect BSD make to GNU make 2012-04-18 00:02:14 +02:00
Daniel Roethlisberger
d4be8c3e38 Refactor ssl_x509_names_to_str() for maintainability 2012-04-17 23:35:43 +02:00
Daniel Roethlisberger
04c9112621 Add OCSP URL parsing 2012-04-17 23:03:59 +02:00
Daniel Roethlisberger
c75e0569b3 Fix ssl_x509_names() DNSName segfault 2012-04-17 22:59:15 +02:00
Daniel Roethlisberger
6a93c73164 Add test server cert with OCSP and CDP extensions 2012-04-17 22:44:06 +02:00
Daniel Roethlisberger
ae306f3b0b Fix ssl_x509_names() to NULL-terminate buffer 2012-04-17 21:55:47 +02:00
Daniel Roethlisberger
557537957f Use FORCE target to force rebuild of version.o 2012-04-13 22:55:48 +02:00
Daniel Roethlisberger
423c1b0a32 Move volatile build-time information into separate compilation unit 2012-04-13 22:40:36 +02:00