aboutsummaryrefslogtreecommitdiff
path: root/ssl.c (unfollow)
AgeCommit message (Expand)AuthorFilesLines
2011-01-06Fix compiler warning when compiling against OpenSSL 1.0.0David Sommerseth1-1/+1
2010-12-17Make the --x509-username-field feature an opt-in featureDavid Sommerseth1-0/+4
2010-11-18Fixed potential misinterpretation of boolean logicDavid Sommerseth1-1/+1
2010-11-16In verify_callback, the subject var should be freed by OPENSSL_free,James Yonan1-2/+2
2010-11-14Clean-up: Remove more dead and inactive code pathsDavid Sommerseth1-4/+0
2010-11-14Clean-up: Remove pthread and mutex locking codeDavid Sommerseth1-1/+0
2010-10-24Implement challenge/response authentication support in client mode,James Yonan1-0/+27
2010-10-21Fixed compiler warning in ssl.cDavid Sommerseth1-2/+2
2010-10-21Solved hidden merge conflict between feat_misc and bugfix2.1David Sommerseth1-1/+1
2010-10-21Fixed static defined length check to use sizeof()Emilien Mantel1-1/+1
2010-10-21Choose a different field in X509 to be usernameEmilien Mantel1-12/+17
2010-10-21ssl.c: fix use of openvpn_run_script()'s return valueFabian Knittel1-13/+5
2010-10-21Revamped the script-security warning logging (version 2)David Sommerseth1-2/+2
2010-10-21enhance tls-verify possibilityMathieu GIANNECCHINI1-0/+61
2010-10-21Reworked the eurephia patch for inclusion to the openvpn-testing treeDavid Sommerseth1-0/+14
2010-10-21Fixes openssl-1.0.0 compilation warningchantra1-3/+3
2010-10-21Fix certificate serial number exportDavide Brini1-3/+24
2010-10-21Fixed potential NULL pointer issueDavid Sommerseth1-1/+1
2010-10-21Renamed all calls to create_temp_filename()David Sommerseth1-15/+21
2010-10-21Make use of counter_type instead of int when counting bytes and network packetsDavid Sommerseth1-1/+2
2010-08-29Allow PKCS12 file content to be included inline in configuration file,James Yonan1-10/+32
2010-07-27Fixed an issue where application payload transmissions on theJames Yonan1-0/+22
2010-06-26Fixed static defined length check to use sizeof()Emilien Mantel1-1/+1
2010-06-17Choose a different field in X509 to be usernameEmilien Mantel1-12/+17
2010-06-01Implemented a key/value auth channel from client to server.James Yonan1-2/+122
2010-05-04ssl.c: fix use of openvpn_run_script()'s return valueFabian Knittel1-13/+5
2010-04-29Revamped the script-security warning logging (version 2)David Sommerseth1-2/+2
2010-04-28Updated copyright date to 2010.James Yonan1-1/+1
2010-03-12Modified ">PASSWORD:Verification Failed" management interfaceJames Yonan1-1/+1
2010-03-06Fixed an issue where if reneg-sec was set to 0 on the client,James Yonan1-2/+5
2010-03-02enhance tls-verify possibilityMathieu GIANNECCHINI1-0/+61
2010-01-16Fixed an issue where AUTH_FAILED was not being properly deliveredjames1-0/+4
2009-11-13Increase MAX_CERT_DEPTH to 16 (from 8), and when exceeded,james1-1/+4
2009-10-25On server, lock client-provided certs against mid-session TLSjames1-3/+134
2009-10-24On server, lock session username against changes in mid-session TLSjames1-2/+29
2009-09-29Added the ability for the server to provide a custom reason stringjames1-1/+18
2009-09-27Eliminated the limitation on the number of options that can be pushedjames1-3/+3
2009-05-30Update copyright to 2009.james1-1/+1
2009-05-30Fixed issue of symbol conflicts interfering with Windows CryptoAPIjames1-4/+4
2009-01-27Fixed issue involving an #ifdef in a macro reference that breaks early gccjames1-2/+5
2008-11-18Added server-side --opt-verify option: clients that connectjames1-0/+5
2008-10-31Added --no-name-remapping option to allow Common Name, X509 Subject,james1-3/+12
2008-10-28Added server-side --auth-user-pass-optional directive, to allowjames1-9/+12
2008-10-28Save X509 Subject fields to environment, using the naming convention:james1-0/+54
2008-10-27Fixed informational message in ssl.c to properly indicatejames1-1/+5
2008-10-06Copyright notice changed to reflect change in name ofjames1-1/+1
2008-09-08Fixed bug in intra-session TLS key rollover that was introduced withjames1-18/+39
2008-09-062.1_rc8 and earlier did implicit shell expansion on scriptjames1-2/+2
2008-08-10Workaround bug in OpenSSL 0.9.6b ASN1_STRING_to_UTF8, whichjames1-2/+2
2008-07-26Completely revamped the system for calling external programs and scripts:james1-21/+19
2008-07-19Modified extract_x509_field_ssl to return a status value indicatingjames1-37/+41
2008-07-19Replace leading dash ('-') characters in an X509 name with underbars ('_')james1-0/+3
2008-07-17Removed old version of extract_x509_field.james1-40/+0
2008-07-14Copyright change OpenVPN Solutions LLC -> Telethra, Inc.james1-1/+1
2008-06-11Updated copyright notice to 2008.james1-1/+1
2008-06-11Updated version to 2.1_rc7e.james1-20/+154
2008-06-04Fixed an issue in extract_x509_field_ssl where the extractionjames1-1/+1
2008-06-04Incremented version to 2.1_rc7d.james1-32/+70
2008-05-24Support asynchronous/deferred authentication injames1-44/+157
2008-05-12Moved branch into official BETA21 position.james1-8/+2
2008-02-17The new function extract_x509_field_ssl tends to breakjames1-1/+11
2008-01-21Rewrote extract_x509_field and modified COMMON_NAME_CHAR_CLASSjames1-1/+47
2008-01-21Simple fix where options->ca_file was used withoutjames1-1/+1
2007-10-22Use pkcs11-helper as external library, can be downloadedjames1-3/+5
2007-08-17AUTO_USERID feature -- if the auth-user-pass option is usedjames1-1/+1
2006-11-13New try at AUTO_USERID.james1-1/+7
2006-06-30Fixed bug introduced with the --port-share directivejames1-1/+1
2006-06-29pkcs11 changes:james1-5/+8
2006-04-05I've recently worked on a better version of pkcs11-helper. I've also mergedjames1-1/+1
2006-02-16Added --port-share option for allowing OpenVPN and HTTPSjames1-2/+4
2005-12-28Added OPENVPN_PLUGIN_TLS_FINAL plugin callback.james1-1/+11
2005-12-14svn merge -r 845:854 $SO/trunk/openvpn .james1-2/+2
2005-11-12Merged --remote-cert-ku, --remote-cert-eku, andjames1-0/+117
2005-11-08Added ENABLE_INLINE_FILES feature.james1-22/+242
2005-11-01More PKCS#11 changes.james1-1/+1
2005-10-31Windows reliability changes:james1-2/+0
2005-10-24Removed #warn from ssl.cjames1-1/+0
2005-10-20Added actual remote address used to the ">STATE" alertjames1-0/+2
2005-10-20Merged with Alon's r688.james1-2/+2
2005-10-17Brought up-to-date with Alon's PKCS11 patch atjames1-10/+1
2005-10-16VERSION 2.1_beta4 (re-released)james1-1/+1
2005-10-15svn merge -r 618:619 $SO/patches/openvpn-2-0_rc16-mh/openvpnjames1-39/+53
2005-10-15Merged --capath patch (Thomas Noel).james1-4/+24
2005-10-15Enable the use of --ca together with --pkcs12. If --ca isjames1-8/+13
2005-10-13Merged PKCS#11 patch.james1-0/+21
2005-09-26version 2.1_beta1james1-2/+2