Daniel Roethlisberger
fc8c0110c5
Do not generate ECC keys for unit tests
2012-06-05 23:24:53 +02:00
Daniel Roethlisberger
5ed3e5172b
Make explanation of DEBUG_CFLAGS clearer
2012-06-05 23:12:08 +02:00
Daniel Roethlisberger
2266f07b4f
Update TODO
2012-06-05 22:59:53 +02:00
Daniel Roethlisberger
a4040d8372
Suppress warnings for system headers with -isystem
...
Use -isystem instead of -I in CPPFLAGS to suppress compiler warnings for
system and library headers.
2012-05-23 19:09:52 +02:00
Daniel Roethlisberger
911e15763d
Add opts->debug branch prediction test case
2012-05-14 22:50:20 +02:00
Daniel Roethlisberger
ef1330d69f
Remove const from util_skipws() and add tests
2012-05-14 21:44:38 +02:00
Daniel Roethlisberger
5c048e3990
Remove unneeded include statements
2012-05-14 21:43:24 +02:00
Daniel Roethlisberger
6fe4c5bf01
Sign release tarball using GnuPG
2012-05-14 21:07:53 +02:00
Daniel Roethlisberger
62af96e413
Clarify when it is preferred to use SNI proxyspecs
2012-05-13 22:33:31 +02:00
Daniel Roethlisberger
11fdf52553
Add NEWS file, documenting release history
2012-05-13 21:07:43 +02:00
Daniel Roethlisberger
f75d1bc01b
Use some more markdown syntax
2012-05-13 18:22:23 +02:00
Daniel Roethlisberger
457c2621b8
Fix warning when SSLv2 session cache is enabled
2012-05-13 15:29:39 +02:00
Daniel Roethlisberger
8eb5165760
Optimize debug branching using __builtin_expect()
2012-05-13 15:24:50 +02:00
Daniel Roethlisberger
e270fb127b
Unconditionally define _GNU_SOURCE
...
Get rid of the fragile glibc auto-detection mechanism and define
_GNU_SOURCE unconditionally in order to fix the build on recent GNU libc
systems such as Debian and Ubuntu. On non-GNU libc implementations,
_GNU_SOURCE should not have any effect.
Issue: #2
Reported by: Vincent Bernat
2012-05-13 14:28:22 +02:00
Daniel Roethlisberger
3742404fe9
Update ECDH default curve name in manual page
2012-05-11 18:19:07 +02:00
Daniel Roethlisberger
7ad1deb680
Document intended use of SSLsplit
2012-05-11 18:12:22 +02:00
Daniel Roethlisberger
a3b6d58df4
State why ECDH is disabled with OpenSSL < 1.0.0e
2012-05-11 18:03:07 +02:00
Daniel Roethlisberger
38d22415af
Generic EC loading, new default curve 'secp160r2'
2012-05-11 17:39:12 +02:00
Daniel Roethlisberger
6d58824de2
Fix typo in manual page
2012-05-03 01:01:57 +02:00
Daniel Roethlisberger
759ce87ff9
Add some basic unit tests for dynbuf
2012-05-03 00:54:10 +02:00
Daniel Roethlisberger
707480a1dd
Add file comments
2012-05-02 16:24:33 +02:00
Daniel Roethlisberger
a592f7149c
Improve error handling for no origcrt situations
2012-05-02 15:37:47 +02:00
Daniel Roethlisberger
605c1ab6e6
Improve error recovery under low memory conditions
2012-05-02 15:02:59 +02:00
Daniel Roethlisberger
2d1ad219b9
Change default cipher suite to "ALL:-aNULL"
2012-05-02 14:59:47 +02:00
Daniel Roethlisberger
1bd2872b20
DH group parameters are also loaded from -c
2012-05-02 13:46:18 +02:00
Daniel Roethlisberger
0e19243307
Reorder wildcard rules and improve error messages
2012-05-02 13:35:36 +02:00
Daniel Roethlisberger
43df203914
Handle empty strings correctly in URL routines
2012-05-01 02:01:31 +02:00
Daniel Roethlisberger
b6a0ff0c76
Free proxyspecs if they (unexpectedly) parse okay
2012-05-01 01:47:01 +02:00
Daniel Roethlisberger
ddbb945406
Rename unit test sources to fix language detection
2012-05-01 01:42:59 +02:00
Daniel Roethlisberger
90351cda7f
Handle SSL_ERROR_SSL quietly when shutting down
2012-04-30 23:27:51 +02:00
Daniel Roethlisberger
5861d786f5
Update TODO
2012-04-30 23:27:41 +02:00
Daniel Roethlisberger
982ad89f2f
Add generation of a password protected RSA key
2012-04-30 22:48:19 +02:00
Daniel Roethlisberger
e6c7b2e3ca
Mention PKG_CONFIG_PATH
2012-04-23 01:03:38 +02:00
Daniel Roethlisberger
fa425e08d4
Fix PURIFY and warn when not seeding the RNG
2012-04-23 00:51:02 +02:00
Daniel Roethlisberger
439e8a8267
Use WUNRES and MALLOC attribs and fix sloppy code
2012-04-23 00:35:17 +02:00
Daniel Roethlisberger
64cf874925
Header self-sufficience cleanup round
2012-04-23 00:33:33 +02:00
Daniel Roethlisberger
7aca81a7b7
Improve CA cert/key config code and docs
...
Make -c and -k functional twins by also loading DH params in -c and by
fixing certificate loading in -k. Improve the documentation for both
switches and simplify the SYNOPSIS in sslsplit(1).
2012-04-22 22:59:00 +02:00
Daniel Roethlisberger
c5335afc3b
Handle empty strings correctly in Base64 routines
2012-04-22 22:30:32 +02:00
Daniel Roethlisberger
3fd9084fe1
Quickly decide on GET URIs obviously not OCSP
2012-04-22 21:55:19 +02:00
Daniel Roethlisberger
ee98c04b29
Add generic OCSP denial
2012-04-22 19:12:38 +02:00
Daniel Roethlisberger
bd86854be6
Add URL decoder
2012-04-22 18:39:15 +02:00
Daniel Roethlisberger
a224d1e7e8
Add facility to recognize OCSP requests
2012-04-22 18:02:58 +02:00
Daniel Roethlisberger
f354aecfd9
Add base64 encoder and decoder implementations
2012-04-22 17:59:49 +02:00
Daniel Roethlisberger
480dbca2bb
Remove bogus test case numbers
2012-04-22 16:47:29 +02:00
Daniel Roethlisberger
9f40fbc473
Replace empty strings with dash when logging
2012-04-22 13:36:44 +02:00
Daniel Roethlisberger
07d591fccf
Skip whitespace when parsing HTTP headers
2012-04-22 13:35:08 +02:00
Daniel Roethlisberger
f57062ccda
Add __attribute__((pure))
2012-04-22 13:25:57 +02:00
Daniel Roethlisberger
083b02d78d
Minor reformatting
2012-04-22 12:43:23 +02:00
Daniel Roethlisberger
94b5e8ba7b
Revert CDP syntax to be OpenSSL 0.9.x compatible
2012-04-18 00:05:15 +02:00
Daniel Roethlisberger
8474346ed9
Rebuild certs after config changes
2012-04-18 00:05:15 +02:00