Commit Graph

68 Commits (062699334e8b50f6d8d9b2f5d06f44aba96c8408)

Author SHA1 Message Date
Koichiro IWAO 74497752dc
Add TLSv1.3 support
6 years ago
daixj 88b3c06311 fix issue #1112: set SSL object's read_ahead flag to be 0
7 years ago
Koichiro IWAO b2b42d28f3
xrdp: add OpenSSL version to --version
7 years ago
speidy a432969746 common: ssl_calls: add support for OpenSSL>=1.1.0 API for DH keys
7 years ago
speidy 8effc09ab7 common: ssl_calls: check if SSL object created right after its creation.
7 years ago
Koichiro IWAO e3d0fd6d46
common: temporarily disable DHE
7 years ago
Koichiro IWAO 1690950cc8
common: regenerate dhparam
7 years ago
Koichiro IWAO 578d23477c
common: obey coding style, remove trailing space
7 years ago
Enrico Tagliavini 70b5adb396 add support for DHE ciphers via compiled in dhparam
7 years ago
Enrico Tagliavini 6cdc0f31b0 enable automatic ECDH when possible (openssl 1.0.2)
7 years ago
Koichiro IWAO 793a418cfb
common: log what value is set to tls_ciphers
7 years ago
Jay Sorg a9eb21e6d7 common: avoid 100% cpu on ssl accept, can be fake client
7 years ago
Koichiro IWAO 04187945a8 move base64 functions to base64.c
7 years ago
Koichiro IWAO d57e02626d add base64_decode function
7 years ago
Koichiro IWAO aa4b90d250 Change log level DEBUG -> WARNING
7 years ago
Koichiro IWAO 455c341efc Reword log messages in ssl_get_protocols_from_string()
7 years ago
Jay Sorg 8d63c32899 move openssl calls to common/libssl.c, check for defines
8 years ago
Jay Sorg 2c96908ea5 common: if SSL_shutdown fails, only call one more time
8 years ago
Jay Sorg 75fd3fcf89 common: ssl_tls_write / read return 0 on socket close
8 years ago
Pavel Roskin 6ed4c969f4 Eliminate APP_CC and DEFAULT_CC
8 years ago
Pavel Roskin b2d3dcf169 Include config_ac.h from all source files
8 years ago
Koichiro IWAO e94ab10e14 TLS: new method to specify SSL/TLS version
8 years ago
Jay Sorg 657f6f3756 common: use select for SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE tls errors
8 years ago
Pavel Roskin dc1e341f5a Constify input arguments of ssl_mod_exp() and ssl_gen_key_xrdp1()
8 years ago
Pavel Roskin 6a3f0a75bd Remove support for OpenSSL older than 0.9.8
8 years ago
Idan Freiberg 19375dda7a Merge pull request #426 from metalefty/log-tls-version-and-cipher
8 years ago
Koichiro IWAO c89c1318f8 obey coding standard, no logic change
8 years ago
Pavel Roskin 6664aac00f Use "void" for empty argument list in declarations
8 years ago
Koichiro IWAO 40e8194122 TLS: log TLS version and cipher
8 years ago
Pavel Roskin 4324084d58 Use static inline functions for OpenSSL 1.0 backport
8 years ago
Dominik George e5cf45d1ac
Add backwards compatibility to OpenSSL < 1.1.0.
8 years ago
Dominik George 1b5fb8f1c8
Fix ssl_calls for OpenSSL 1.1.0, closes #458.
8 years ago
Jay Sorg 8f747e37ca always set SSL_OP_NO_SSLv2 in TLS options
8 years ago
Alex Illsley 47124df4ed new options for xrdp.ini disableSSlv3=yes and tls_ciphers=HIGH and code to implement
8 years ago
Pavel Roskin 5829323ad8 Use g_new or g_new0 when C++ compiler would complain about implicit cast
8 years ago
Pavel Roskin aeeb3d2c2e Fix warnings detected by -Wwrite-strings
8 years ago
Jay Sorg f100036cd9 common: minor fix for older openssl keygen
9 years ago
Jay Sorg 0d192aee62 common: fix for key generated smaller than asked for
9 years ago
Jay Sorg fd793bd213 rename g_tcp_can_recv to g_sck_can_recv
9 years ago
Koichiro IWAO cd6ab20e94 common: shut up some messages in ssl_tls_print_error
10 years ago
Koichiro IWAO 2a2b8bcd59 common: fix #248 TLS on FreeBSD
10 years ago
speidy 86005c5bcc ssl_calls: fix to read certificate chains
10 years ago
Jay Sorg d9d746ce5c common: avoid possible SSL_shutdown crash
10 years ago
Jay Sorg cc0406dddf common: move tls calls to ssl_calls
10 years ago
Jay Sorg 09de814ff0 common: allow RSA keys bigger than 512 bit
11 years ago
Jay Sorg 25ad4d8a36 common: add more fips ssl calls
11 years ago
Jay Sorg 2921400083 common: check for nil in fips cleanup
11 years ago
Jay Sorg 926cd095fc common: added des3 calls for fips
11 years ago
Laxmikant Rashinkar 1123323fda o moved from GNU General Public License to Apache License, Version 2.0
12 years ago
Jay Sorg 0da32da2d8 add ssl init to common
14 years ago