2015-01-21 |
Jeremy Harris | DANE: if all TLSA records are unusable, retry verificat... |
blob | commitdiff | raw |
2015-01-12 |
Jeremy Harris | Make smtp transport try server cert verify by default |
blob | commitdiff | raw | diff to current |
2015-01-12 |
Jeremy Harris | Support use of system default CA bundle |
blob | commitdiff | raw | diff to current |
2015-01-12 |
Jeremy Harris | Move certificate name checking to mainline, default... |
blob | commitdiff | raw | diff to current |
2015-01-12 |
Jeremy Harris | Refactor common uses of list-checking |
blob | commitdiff | raw | diff to current |
2014-12-04 |
Jeremy Harris | Fail a DANE-mode verify on totally missing certificate |
blob | commitdiff | raw | diff to current |
2014-11-23 |
Jeremy Harris | Make smtp transport try server cert verify by default |
blob | commitdiff | raw | diff to current |
2014-11-23 |
Jeremy Harris | Support use of system default CA bundle |
blob | commitdiff | raw | diff to current |
2014-11-23 |
Jeremy Harris | Move certificate name checking to mainline, default... |
blob | commitdiff | raw | diff to current |
2014-11-20 |
Jeremy Harris | Refactor common uses of list-checking |
blob | commitdiff | raw | diff to current |
2014-11-20 |
Jeremy Harris | Const-ification |
blob | commitdiff | raw | diff to current |
2014-11-08 |
Jeremy Harris | Fix smtp transport certificate-verification option... |
blob | commitdiff | raw | diff to current |
2014-11-06 |
Jeremy Harris | EXPERIMENTAL_CERTNAMES: Hostlist for cert name checks... |
blob | commitdiff | raw | diff to current |
2014-11-05 |
Jeremy Harris | Do not permit multi-component wildcards on certificate... |
blob | commitdiff | raw | diff to current |
2014-11-05 |
Jeremy Harris | Do not permit multi-component wildcards on certificate... |
blob | commitdiff | raw | diff to current |
2014-10-30 |
Jeremy Harris | Fix cert-try-verify when denied by event action |
blob | commitdiff | raw | diff to current |
2014-10-30 |
Jeremy Harris | For connects and certificate-verifies denied by event... |
blob | commitdiff | raw | diff to current |
2014-10-26 |
Jeremy Harris | Fix cert-try-verify when denied by event action |
blob | commitdiff | raw | diff to current |
2014-10-26 |
Jeremy Harris | Fix feature-ifdef for OpenSSL builtin certname checking |
blob | commitdiff | raw | diff to current |
2014-10-25 |
Jeremy Harris | Add event for inbound cert visibility |
blob | commitdiff | raw | diff to current |
2014-10-25 |
Jeremy Harris | Rename facility to Event Actions, ifdeffed on EXPERIMEN... |
blob | commitdiff | raw | diff to current |
2014-10-22 |
Todd Lyons | Merge branch 'master' of ssh://git.exim.org/home/git... |
blob | commitdiff | raw | diff to current |
2014-10-22 |
Jeremy Harris | More regular logging use of H=<name> [<ip>] |
blob | commitdiff | raw | diff to current |
2014-09-25 |
Jeremy Harris | Amplify comment on server requests for client certificates |
blob | commitdiff | raw | diff to current |
2014-09-23 |
Todd Lyons | Merge remote-tracking branch 'exim_github/pr/18' |
blob | commitdiff | raw | diff to current |
2014-09-13 |
Jeremy Harris | Restrict dane to DANE-TA(2) and DANE-EE(3) usage TLSA... |
blob | commitdiff | raw | diff to current |
2014-09-12 |
Jeremy Harris | Fix needless OCSP request under DANE |
blob | commitdiff | raw | diff to current |
2014-09-11 |
Jeremy Harris | Add debug for number of CA certs, for OpenSSL/file... |
blob | commitdiff | raw | diff to current |
2014-09-10 |
Jeremy Harris | TPDA tidying |
blob | commitdiff | raw | diff to current |
2014-09-06 |
Todd Lyons | Merge branch 'master_condition_description' |
blob | commitdiff | raw | diff to current |
2014-09-04 |
Jeremy Harris | Enforce TLS under DANE when host has TLSA records |
blob | commitdiff | raw | diff to current |
2014-09-02 |
Jeremy Harris | Introduce EXPERIMENTAL_DANE feature |
blob | commitdiff | raw | diff to current |
2014-08-20 |
Jeremy Harris | Merge branch dane-tpda into dane |
blob | commitdiff | raw | diff to current |
2014-08-20 |
Jeremy Harris | Merge branch 'master' into dane |
blob | commitdiff | raw | diff to current |
2014-08-20 |
Jeremy Harris | Expanded EXPERIMENTAL_TPDA feature |
blob | commitdiff | raw | diff to current |
2014-08-17 |
Jeremy Harris | Override an unchanged default hosts_request_ocsp when... |
blob | commitdiff | raw | diff to current |
2014-08-17 |
Jeremy Harris | Feature compile-guard |
blob | commitdiff | raw | diff to current |
2014-08-16 |
Jeremy Harris | Add observability variables and provision for avoiding... |
blob | commitdiff | raw | diff to current |
2014-08-16 |
Jeremy Harris | Break out dane code to separate functions |
blob | commitdiff | raw | diff to current |
2014-08-15 |
Jeremy Harris | Compiler quietening |
blob | commitdiff | raw | diff to current |
2014-08-14 |
Jeremy Harris | Fix fakens TLSA generation and DANE TLSA lookup |
blob | commitdiff | raw | diff to current |
2014-08-11 |
Jeremy Harris | Do not sleep for tiny periods, or hang trying to sleep... |
blob | commitdiff | raw | diff to current |
2014-08-11 |
Jeremy Harris | Better logging of OCSP fails |
blob | commitdiff | raw | diff to current |
2014-08-10 |
Jeremy Harris | Enable OCSP |
blob | commitdiff | raw | diff to current |
2014-08-10 |
Jeremy Harris | Change CV= log line element for dane-verified cert |
blob | commitdiff | raw | diff to current |
2014-08-10 |
Jeremy Harris | Capture the knowlege that verification succeeded |
blob | commitdiff | raw | diff to current |
2014-08-10 |
Jeremy Harris | Verifiable conn with DANE-EE(3) / SPKI(1) / SHA2-512(2) |
blob | commitdiff | raw | diff to current |
2014-08-10 |
Jeremy Harris | Add support in the fakens utility for TLSA records |
blob | commitdiff | raw | diff to current |
2014-08-10 |
Jeremy Harris | On a host lookup name->MX->A->ip sequence, require... |
blob | commitdiff | raw | diff to current |
2014-08-08 |
Jeremy Harris | Test development |
blob | commitdiff | raw | diff to current |
2014-08-08 |
Jeremy Harris | Testsuite basics. |
blob | commitdiff | raw | diff to current |
2014-08-07 |
Jeremy Harris | Sketch in library interface |
blob | commitdiff | raw | diff to current |
2014-08-04 |
Jeremy Harris | Better logging of OCSP fails |
blob | commitdiff | raw | diff to current |
2014-08-01 |
Jeremy Harris | Fix development-testing induced crash on second use |
blob | commitdiff | raw | diff to current |
2014-08-01 |
Jeremy Harris | Basic DANE entry points |
blob | commitdiff | raw | diff to current |
2014-07-31 |
Jeremy Harris | Add interface documentation for the DANE library |
blob | commitdiff | raw | diff to current |
2014-07-13 |
Jeremy Harris | Fix TLS SNI, and add regression test cases |
blob | commitdiff | raw | diff to current |
2014-05-28 |
Todd Lyons | Merge tag 'exim-4_82_1' exim-4_83_RC1 |
blob | commitdiff | raw | diff to current |
2014-05-26 |
Jeremy Harris | Restrict certificate name checkin for wildcards. |
blob | commitdiff | raw | diff to current |
2014-05-23 |
Jeremy Harris | Add OpenSSL version check |
blob | commitdiff | raw | diff to current |
2014-05-23 |
Jeremy Harris | Move OCSP out of EXPERIMENTAL |
blob | commitdiff | raw | diff to current |
2014-05-20 |
Jeremy Harris | Support optional server certificate name checking.... |
blob | commitdiff | raw | diff to current |
2014-05-17 |
Jeremy Harris | Use accessor functions for OpenSSL internal data |
blob | commitdiff | raw | diff to current |
2014-05-16 |
Jeremy Harris | General tidying |
blob | commitdiff | raw | diff to current |
2014-05-16 |
Jeremy Harris | Tidy certificate verification logic under OpenSSL |
blob | commitdiff | raw | diff to current |
2014-05-12 |
Todd Lyons | Merge branch 'master' of ssh://git.exim.org/home/git... |
blob | commitdiff | raw | diff to current |
2014-05-11 |
Jeremy Harris | Compiler quietening and testcase consistency |
blob | commitdiff | raw | diff to current |
2014-05-09 |
Jeremy Harris | Make $tls_out_ocsp visible to TPDA (mostly testsuite) |
blob | commitdiff | raw | diff to current |
2014-05-06 |
Jeremy Harris | OCSP observability: variables $tls_{in,out}_ocsp |
blob | commitdiff | raw | diff to current |
2014-05-06 |
Jeremy Harris | Refactor tls_client_init interface |
blob | commitdiff | raw | diff to current |
2014-05-02 |
Jeremy Harris | Certificate variables and field-extractor expansions... |
blob | commitdiff | raw | diff to current |
2014-04-23 |
Todd Lyons | Merge branch 'master' of git://git.exim.org/exim |
blob | commitdiff | raw | diff to current |
2014-04-19 |
Todd Lyons | Copyright year updates: |
blob | commitdiff | raw | diff to current |
2014-04-16 |
Phil Pennock | Report OpenSSL build date too. |
blob | commitdiff | raw | diff to current |
2014-03-20 |
Jeremy Harris | Future-proof OpenSSL version string. Bug 1421 |
blob | commitdiff | raw | diff to current |
2014-03-15 |
Wolfgang Breyha | Add tls_verify_hosts and tls_try_verify_hosts to smtp... |
blob | commitdiff | raw | diff to current |
2014-02-26 |
Wolfgang Breyha | Add tls_verify_hosts and tls_try_verify_hosts to smtp... |
blob | commitdiff | raw | diff to current |
2014-01-07 |
Phil Pennock | Copyright year updates: |
blob | commitdiff | raw | diff to current |
2013-06-17 |
Phil Pennock | Support safari_ecdhe_ecdsa_bug for openssl_options |
blob | commitdiff | raw | diff to current |
2013-04-07 |
Jeremy Harris | Merge branch 'ocsp_staple_rollup' |
blob | commitdiff | raw | diff to current |
2013-04-02 |
Phil Pennock | Ensure OpenSSL entropy state reset across forks. |
blob | commitdiff | raw | diff to current |
2013-04-01 |
Jeremy Harris | tidying ocsp_staple_rollup github/ocsp_staple_rollup |
blob | commitdiff | raw | diff to current |
2013-03-25 |
Jeremy Harris | OCSP-stapling enhancement and testing. |
blob | commitdiff | raw | diff to current |
2013-03-13 |
Phil Pennock | OpenSSL fix empty tls_verify_certificates. |
blob | commitdiff | raw | diff to current |
2013-02-03 |
Phil Pennock | tls_out.sni fix for ancient-OpenSSL #ifdef branch |
blob | commitdiff | raw | diff to current |
2012-12-18 |
Jeremy Harris | Initialise OCSP-related pointers before use. |
blob | commitdiff | raw | diff to current |
2012-12-10 |
Phil Pennock | OCSP/SNI: set correct callback. |
blob | commitdiff | raw | diff to current |
2012-12-02 |
Phil Pennock | Explain the 3 SSL_CTX we have |
blob | commitdiff | raw | diff to current |
2012-10-27 |
Phil Pennock | Merge 4.80.1 security fix in. |
blob | commitdiff | raw | diff to current |
2012-06-07 |
Phil Pennock | Unbreak EXPERIMENTAL_OCSP after TLS cutthrough |
blob | commitdiff | raw | diff to current |
2012-06-06 |
Phil Pennock | BUGFIX: forced-fail smtp option tls_sni would dereferen... |
blob | commitdiff | raw | diff to current |
2012-06-06 |
Phil Pennock | BUGFIX: forced-fail smtp option tls_sni would dereferen... tls_fix github/tls_fix |
blob | commitdiff | raw | diff to current |
2012-06-04 |
Jeremy Harris | Add $tls_in_* variables; note the old names as deprecated. |
blob | commitdiff | raw | diff to current |
2012-06-04 |
Jeremy Harris | Fix post-rebase merge issues. |
blob | commitdiff | raw | diff to current |
2012-06-04 |
Jeremy Harris | Fix bug verifying certs on dual-tls. |
blob | commitdiff | raw | diff to current |
2012-06-04 |
Jeremy Harris | Dual-tls - split management of TLS into in- and out... |
blob | commitdiff | raw | diff to current |
2012-06-01 |
Phil Pennock | tls_dh_min_bits smtp transport option |
blob | commitdiff | raw | diff to current |
2012-05-28 |
Phil Pennock | Merge openssl_disable_ssl2 branch exim-4_80_RC7 |
blob | commitdiff | raw | diff to current |
2012-05-27 |
Phil Pennock | For DH, use standard primes from RFCs |
blob | commitdiff | raw | diff to current |
2012-05-22 |
Phil Pennock | Guard SNI usage better (client-side) |
blob | commitdiff | raw | diff to current |
next |