Commit History

Author SHA1 Message Date
  Dimitri Papadopoulos e59812c7ac Fix signedness of character buffers in HKDF/HPKE-related functions 2 years ago
  David Woodhouse 01b7e75034 Use OpenSSL_version() not deprecated SSLeay_version() 2 years ago
  David Woodhouse 62aa9c138a Always send STRAP pubkey even when we don't change it 2 years ago
  David Woodhouse 69a2ed3db2 Make all STRAP support conditional on HPKE 2 years ago
  David Woodhouse 8bacc334b9 Export STRAP private key with AnyConnect cookie 2 years ago
  David Woodhouse 222178086f Attempt to implement AnyConnect Session Token Re-use Anchor Protocol (STRAP) 2 years ago
  David Woodhouse 6bcf4c42f4 Merge branch 'errors' into 'master' 2 years ago
  David Woodhouse 3da5c7f554 Merge branch 'insecure-openssl' into 'master' 2 years ago
  Dimitri Papadopoulos a2a7f1adb0 Fix Linux kernel coding style error and warnings 2 years ago
  David Woodhouse 652fdace9a Merge branch 'multicert' of gitlab.com:openconnect/openconnect 2 years ago
  David Woodhouse 60c54dafbb Add OpenSSL crypto support for HKPE 2 years ago
  David Woodhouse cdc32a49a1 AnyConnect: Generate EC keys for X-AnyConnect-STRAP-{DH-,}Pubkey 2 years ago
  Mike Gilbert e2b38313bb openssl: allow ALL ciphers when allow-insecure-crypto is enabled 2 years ago
  Daniel Lenski 6d5b07dd37 Only remove ERR_GET_FUNC for OpenSSL v3.0 and newer 3 years ago
  Tom Carroll 7a4a14fc59 OpenSSL implementation of revised certificate API. 3 years ago
  David Woodhouse ab6b983d9a OpenSSL implementation of multicert challenge 3 years ago
  Tom Carroll f51ecb36be Converse the multiple certificate authentication (mulitcert) protocol. 3 years ago
  Dimitri Papadopoulos 1b3c4f2db4 Build with OpenSSL 3.0 beta 2 Release Candidate 3 years ago
  Dimitri Papadopoulos d152937516 Fix Linux kernel coding style warning 3 years ago
  Dimitri Papadopoulos 132bd39a15 Fix Linux kernel coding style warning 3 years ago
  David Woodhouse dc86e96ee2 Fix epoll support for connection pause/restart 3 years ago
  Dimitri Papadopoulos fe795bf5b3 Reorganize #include 3 years ago
  David Woodhouse 51615cbb10 Use epoll() instead of select() 3 years ago
  Dimitri Papadopoulos 0bef505c6f Fix bad function definition 3 years ago
  Dimitri Papadopoulos 0ae6852702 http:// -> https:// 3 years ago
  David Woodhouse ce7378bd00 Revert "with --allow-insecure-crypto, additionally attempt to disable insecure systemwide minimum crypto settings" 3 years ago
  David Woodhouse 0a23a88353 OpenSSL: Fix user-visible strings and dialog auth_id for multicert 3 years ago
  David Woodhouse bbfeac0d11 OpenSSL: Factor out load_certificate() from load_primary_certificate() 3 years ago
  David Woodhouse 13e08b4b00 OpenSSL: Pass certinfo through load_certificate() functions 3 years ago
  David Woodhouse 64a1109550 Move cert/sslkey/cert_password into a 'struct cert_info' 3 years ago