Anton Baklanov
c96ed22afd
add basic test for Ctx session cache timeout/size options
2015-05-13 12:25:03 +03:00
Anton Baklanov
8d2efad227
add a few session cache options getters and setters
2015-05-12 22:18:27 +03:00
Phus Lu
175e155dd4
make CertificateInfo Serial type to *big.Int
2015-04-04 20:22:19 +08:00
JT Olds
84b5df4774
Merge pull request #29 from gabrielrussell/openssl-1.0.2_check
...
Only compile X509_check_* functions when building against openssl < 1.0.2
2015-03-09 14:47:02 -06:00
Gabriel Russell
9814818d06
Only compile X509_check_* functions when building against openssl < 1.0.2
2015-03-09 15:12:11 -04:00
Jeff
8feeee5748
Merge pull request #26 from scottjg/openssl-1.0.0-fix
...
fix compilation for later openssl
2015-03-04 12:56:00 -07:00
Scott J. Goldman
dfb921e960
fix compilation for later openssl
...
in later openssl, the key param in EVP_PKEY_assign changed from char* to
void*. causes this error:
../github.com/spacemonkeygo/openssl/key.go:324: cannot use
(*C.char)(unsafe.Pointer(rsa)) (type *C.char) as type unsafe.Pointer in
argument to _Cfunc_EVP_PKEY_assign
2015-02-24 05:33:55 -05:00
JT Olds
2c9a3f31d1
Merge pull request #23 from carlosmn/osx
...
OSX fixes
2015-01-22 17:16:51 -07:00
paul cannon
d0177cb6a7
Fix init'ing non-authenticated decryption contexts
...
As pointed out by ishbir in issue 24, the applyKeyAndIV function was
incorrectly always using EVP_EncryptInit_ex(), even when the underlying
context being initialized was for a decryption.
This change causes it to select the right initializer based on the
"encrypt" field in the EVP_CIPHER_CTX. A test is also added which
verifies a fix.
Closes #24 .
2014-12-19 02:32:36 -06:00
Carlos Martín Nieto
20fdb1c664
Work with versions pickier about C types
...
Newer versions of Go (at least 1.4) do not like mixing C pointer
types. Cast an unsafe.Pointer to *C.char to make the compiler see
matching types.
2014-12-12 09:15:49 +01:00
Carlos Martín Nieto
2156e293c7
Hide deprecated declarations on OSX
...
We know that they've decided that OpenSSL is deprecated and the huge
list of warnings obscures any useful ones about the code we're actually
trying to build.
2014-12-12 09:05:38 +01:00
Carlos Martín Nieto
75f8149306
MacOSX does not have the TLSv1_X_method() functions
...
The header does define TLS1_X_VERSION, but the version-specific
functions are not available.
2014-12-12 08:55:33 +01:00
JT Olds
0e53dd5595
Merge pull request #22 from cfredmakecode/master
...
added diffie-hellman parameter functions. allows using DHE-* cipher suites
2014-12-11 17:38:54 -07:00
Christopher Fredericks
e370f5d276
added diffie-hellman parameter functions. allows using DHE-* cipher suites
2014-12-10 20:38:24 -05:00
JT Olds
ee399ccc2a
Merge pull request #21 from lunixbochs/store
...
Add support for loading chains from a single PEM
2014-11-19 00:50:28 -07:00
Ryan Hileman
579612b5c0
add NewCert..Store(), LoadCert..sFromPEM()
2014-11-18 23:25:48 -08:00
Ryan Hileman
111569c406
add support for chains in ListenAndServeTLS
2014-11-18 23:25:48 -08:00
Ryan Hileman
9bed092d70
add pem.go with SplitPEM function
2014-11-18 23:25:48 -08:00
JT Olds
a6e28b4958
Merge pull request #18 from lunixbochs/keygen
...
restructure certs/keys; add key/cert generation
2014-11-18 21:57:17 -07:00
Ryan Hileman
1a2646cde3
improve GC handling ( fixes #10 )
2014-11-18 17:47:46 -08:00
Ryan Hileman
3945574fd1
restructure certs/keys; add key/cert generation
...
NID is also now an exposed type
2014-11-18 17:47:07 -08:00
JT Olds
aaf49c2d58
openssl: grave admonitions
...
Change-Id: I03fa44c36300404c1efd636c6bb48d4a25be83e4
2014-10-19 23:25:04 -06:00
Jeff Wendling
67e06b66c4
fix darwin build
...
since apple packages a really old openssl version, some of the constants
introduced recently were not present. on darwin, don't compile them in unless
explicititly asked for with the 'brew' build tag.
fixes #14
2014-10-09 11:25:36 -06:00
JT Olds
62e1937684
Merge pull request #13 from bramp/verify-result
...
Added support for SSL_get_verify_result(..)
2014-10-08 11:04:20 -06:00
Andrew Brampton
948f122871
Correctly formated my changes.
2014-10-08 09:25:03 -07:00
JT Olds
db59c1a898
Merge pull request #12 from bramp/cipher-name
...
Add SSL_get_cipher_name(...)
2014-10-08 01:09:43 -06:00
JT Olds
4d527ee8a3
Merge pull request #11 from bramp/options
...
Added support for NoTLSv1_1 and NoTLSv1_2, and allowed options to be cleared
2014-10-08 01:08:50 -06:00
Andrew Brampton
45882fc7a6
Added support for NoTLSv1_1 and NoTLSv1_2, and allowed options to be cleared.
2014-10-07 20:42:41 -07:00
Andrew Brampton
87a7e0f1c3
Add SSL_get_cipher_name(...)
2014-10-07 20:41:21 -07:00
Andrew Brampton
f13a5e0288
Added support for SSL_get_verify_result(..)
2014-10-07 20:09:48 -07:00
Andrew Harding
10dbddf4e6
use pkgconfig on windows too
...
Change-Id: I6596c63c7c3b4509ac01c57a37ed1279991da8dc
2014-08-15 17:26:29 -06:00
Andrew Harding
199abcbc27
windows mingw support
...
Change-Id: I4d1c1f7f990dce2d3f4727af6eb3b43fd7d186ee
2014-06-30 17:21:08 -06:00
Andrew Harding
11f8f384f4
fix taking address of first element of empty byte slice
...
Change-Id: I57efec6116b688bf1aaa5da34280f76a0d9ec882
2014-06-30 17:21:08 -06:00
JT
4eb00a0087
Merge pull request #5 from 9uuso/patch-1
...
fix mingw-w64 url path
2014-06-23 02:10:54 -06:00
Juuso Haavisto
33ba9ec4fd
fix mingw-w64 url path
...
Currently the mingw path is relative and points to a directory in the Github repo. Adding http prefix makes the URL absolute, which I believe it's supposed to be.
2014-06-19 08:55:29 +03:00
Jeff
05477109fd
make cbioFree not a go callback
...
i have reason to believe this breaks things
2014-05-28 20:23:19 -04:00
JT
2bf5553cf8
Merge pull request #2 from zowens/add_ecdh
...
Adding EnableECDH to Context
2014-05-21 10:15:57 -06:00
Zack Owens
f35adbfa78
Adding explicit curves and corresponding SSL context function
2014-05-21 11:58:32 -04:00
JT
64a7adcc54
Merge pull request #3 from thepaul/master
...
use CString with SetTlsExtHostName
2014-05-19 15:27:42 -06:00
paul cannon
8db626a560
use CString with SetTlsExtHostName
...
i guess we can't rely on there being a null byte after the memory for a
byte array. in retrospect it seems really stupid to think there would
be.
go me
Change-Id: I35ab6704cefbfbde064906aa682985574cb7e034
2014-05-15 12:58:28 -06:00
Zack Owens
45c85576f8
Adding EnableECDH to Context
2014-05-15 13:11:05 -04:00
JT Olds
1738273569
close wrapping conn if handshake fails
2014-05-15 11:00:49 -06:00
JT
af8071e04e
Merge pull request #1 from zowens/add_chain
...
Adding AddChainCertificate func
2014-05-14 12:57:27 -06:00
Zack Owens
85a1dc3167
Adding AddChainCertificate func
2014-05-14 12:53:53 -04:00
JT Olds
0022daa4f4
case change
...
Change-Id: Ia5d0629bd2649f50b462994752029ac8a586a8da
2014-05-13 09:44:10 -06:00
JT Olds
cbf2fb6031
fix heading
...
Change-Id: I7588a4cb537f8963c0787a5bc02662fdfb5a9313
2014-05-12 11:49:29 -06:00
JT Olds
42391d89a5
add license
...
Change-Id: I4642fb9b97256ec6b3ffbe403272efc690bf1606
2014-05-09 15:38:13 -06:00
JT Olds
b364999a65
fix releasebuffers
...
Change-Id: I2aaeb8c5a411ef089b3a52a2ec7f0c8353d7dfd3
2014-04-30 14:47:50 -06:00
Jeff Wendling
1b3b1e773b
allow building on default os x
...
since it doesn't have gcm stuff put it in a conditionally built
file.
Change-Id: I8083ff9b86b6fe0723fd21ffc77038b7679c97c7
2014-04-29 19:26:12 +00:00
JT Olds
3c41e85fc4
openssl: add sni to dial helper
...
Change-Id: Ibfa19f720987a7ba39e3a02c47d8e9f3fff925be
2014-04-29 10:43:01 -06:00