index
:
wireguard-openbsd
jd/histogram
jd/queueboosts
jd/simplify-queueing
master
WireGuard implementation for the OpenBSD kernel
Matt Dunwoodie
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
usr.sbin
/
relayd
/
ca.c
(
follow
)
Commit message (
Expand
)
Author
Age
Files
Lines
*
Move the relay keys/certs into a separate global list and look them up by id.
reyk
2019-05-31
1
-45
/
+48
*
Do not abort when the ca privenc runs into a timeout.
reyk
2018-09-19
1
-3
/
+4
*
Log some more errors in the ca code, since there seems to be still a bug
claudio
2018-01-24
1
-5
/
+7
*
RSA_private_{en,de}crypt() can fail and will return -1 in that case.
claudio
2018-01-01
1
-6
/
+12
*
relay_load_fd() is no longer clobering errno in the error case so use
claudio
2017-11-28
1
-3
/
+3
*
Make ca_launch error messages unique.
bluhm
2017-11-27
1
-7
/
+7
*
Use file descriptor passing to load certificates into the relays. Especially
claudio
2017-11-27
1
-11
/
+21
*
Use X509_pubkey_digest() like libtls to hash the keys for the TLS privsep
claudio
2017-08-09
1
-3
/
+3
*
Always calculate the hash value of the x509 cert in ssl_load_pkey().
bluhm
2017-07-28
1
-20
/
+20
*
use __func__ in log messages. fix some whitespace while here.
benno
2017-05-28
1
-17
/
+14
*
Migrate relayd to use libtls for TLS. Still does the TLS privsep via the
claudio
2017-05-27
1
-19
/
+69
*
fix format string found by clang -Wformat-security
gsoares
2017-04-06
1
-2
/
+2
*
Add -Wcast-qual and cast away one false positive where we use a const
reyk
2016-09-28
1
-2
/
+2
*
Use the fork+exec privsep model in relayd; based on rzalamena@'s work
reyk
2016-09-03
1
-2
/
+2
*
Split "struct relayd" into two structs: "struct relayd" and "struct
reyk
2016-09-02
1
-2
/
+2
*
proc_id has been replaced by ps->ps_instance.
reyk
2016-09-02
1
-4
/
+4
*
As done in httpd, remove ps_ninstances and p_instance.
reyk
2016-09-02
1
-2
/
+1
*
Terminate relayd using the socket status instead of watching SIGCHLD
reyk
2016-09-02
1
-3
/
+3
*
Do not busy loop in the rsa engine callback waiting for the ca. Instead use
claudio
2016-09-01
1
-2
/
+16
*
EAGAIN handling for imsg_read. OK henning@ benno@
claudio
2015-12-05
1
-2
/
+2
*
In most cases we don't need all arguments of proc_compose*_imsg(),
reyk
2015-12-02
1
-2
/
+2
*
relayd's ca process pledges to only use stdio.
benno
2015-10-10
1
-1
/
+4
*
Fix obvious problems with relayd config reload.
claudio
2015-05-02
1
-2
/
+5
*
Clean up the relayd headers with help of include-what-you-use and some
reyk
2015-01-22
1
-9
/
+4
*
Adapt to <limits.h> universe.
deraadt
2015-01-16
1
-2
/
+1
*
Change the keyword "ssl" to "tls" to reflect reality since we
reyk
2014-12-12
1
-23
/
+23
*
no need to set the same field NULL twice ;-)
gilles
2014-10-02
1
-3
/
+1
*
Create a new default RSA engine instead of patching the existing one
reyk
2014-05-04
1
-10
/
+39
*
Support the CA key for SSL inspection in the ca process. Instead of
reyk
2014-04-22
1
-14
/
+32
*
Use RSA_set_ex_data()/RSA_get_ex_data() directly instead of
reyk
2014-04-21
1
-2
/
+2
*
The OpenSSL engine passes a "const u_char *" to the callback but
reyk
2014-04-21
1
-2
/
+2
*
spacing
reyk
2014-04-18
1
-24
/
+22
*
Fix SSL client-only mode when no RSA private key is needed.
reyk
2014-04-18
1
-12
/
+17
*
The RSA_FLAG_SIGN_VER is not yet supported and the current code uses
reyk
2014-04-18
1
-1
/
+4
*
Introduce privsep for private keys:
reyk
2014-04-18
1
-0
/
+431