summaryrefslogtreecommitdiffstats
path: root/tdeio/kssl
Commit message (Collapse)AuthorAgeFilesLines
* KSSL: Set hostname in TLSext to enable SNI supportSlávek Banko2017-04-091-0/+6
| | | | Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
* KSSL: Use TLS_client_method instead of TLSv1_client_methodSlávek Banko2017-04-091-7/+9
| | | | | | | This enables TLS protocols newer than v1.0 This resolves bug 2764 Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
* Added support for OpenSSL 1.1Slávek Banko2017-01-0112-362/+975
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some KOpenSSLProxy methods have been renamed to be consistent with OpenSSL 1.1 API names and to prevent hidden API changes. To ensure API / ABI compatibility, the original methods are still included but have been marked as deprecated. + SSLv23_client_method => TLS_client_method + X509_STORE_CTX_set_chain => X509_STORE_CTX_set0_untrusted + sk_dup => OPENSSL_sk_dup + sk_free => OPENSSL_sk_free + sk_new => OPENSSL_sk_new + sk_num => OPENSSL_sk_num + sk_pop => OPENSSL_sk_pop + sk_push => OPENSSL_sk_push + sk_value => OPENSSL_sk_value Additional methods have been added to KOpenSSLProxy to support the new OpenSSL 1.1 API functions that provide access to the (now) opaque SSL structures. Compatibility with OpenSSL < 1.1 is handled internally in KOpenSSLProxy. + BIO_get_data + DSA_get0_key + DSA_get0_pqg + EVP_PKEY_base_id + EVP_PKEY_get0_DSA + EVP_PKEY_get0_RSA + RSA_get0_key + X509_CRL_get0_lastUpdate + X509_CRL_get0_nextUpdate + X509_OBJECT_get0_X509 + X509_OBJECT_get_type + X509_STORE_CTX_get_current_cert + X509_STORE_CTX_get_error + X509_STORE_CTX_get_error_depth + X509_STORE_CTX_set_error + X509_STORE_get0_objects + X509_STORE_set_verify_cb + X509_get0_signature + X509_getm_notAfter + X509_getm_notBefore + X509_subject_name_cmp + _SSL_session_reused + _SSL_set_options Method "KSSL::setSession" has been renamed to "KSSL::takeSession" and its functionality has changed: the session is now transferred from the argument object to the invoked object. Since it is only used internally in TDE and the functionality is different, the method with the previous name has not been preserved. Signed-off-by: Slávek Banko <slavek.banko@axis.cz> Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
* Parse GENERALIZEDTIME ASN structuresTimothy Pearson2016-09-061-12/+21
| | | | This fixes certificate dates beyond year 2049.
* Fix crash on KSSLCertificate deallocation when a CRL is held in the ↵Timothy Pearson2015-10-231-0/+2
| | | | KSSLCertificate object
* Fix memory leak when deleting a KSSLCertificate that holds a CRLTimothy Pearson2015-10-233-1/+17
|
* Add initial CRL support to KSSLCertificateTimothy Pearson2015-09-034-4/+88
|
* Fix unused variable compiler warningsTimothy Pearson2015-09-031-5/+4
|
* Fix compiler warning regarding missing bracesTimothy Pearson2015-09-031-18/+22
|
* Check if SSL symbols exist before attempting to load themTimothy Pearson2013-11-101-171/+174
| | | | This relates to Bug 1655
* Rename KWallet to TDEWalletTimothy Pearson2013-08-271-2/+2
|
* Fix security issue when displaying certificate informations (CVE-2011-3365)Francois Andriot2013-06-011-6/+15
|
* Rename additional header files to avoid conflicts with KDE4Timothy Pearson2013-02-1510-18/+18
|
* Rename common header files for consistency with class renamingTimothy Pearson2013-02-143-3/+3
|
* Rename KLocale to enhance compatibility with KDE4Timothy Pearson2013-02-011-2/+2
|
* Rename KStandard for enhanced compatibility with KDE4Timothy Pearson2013-01-313-4/+4
|
* Rename a number of libraries and executables to avoid conflicts with KDE4Timothy Pearson2013-01-27126-0/+17878