Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-02-16 | Nix mysleep(). | Joshua Judson Rosen | |
Just use sleep() where only whole-second resolution is used to delay between reconnect-attempts; and nanosleep where sub-second resolution is used. sleep() should actually be OK, because we don't intermix those calls with alarm() or any other signals or itimer functions. nanosleep() should be OK because POSIX.1-2001 requires that it not have the crazy signal interactions that its predecessors are known for. | |||
2014-12-21 | VC: ignore backup-files. | Joshua Judson Rosen | |
2014-12-21 | VC: ignore files generated by configure/make. | Joshua Judson Rosen | |
2014-12-21 | VC: ignore specific built binares. | Joshua Judson Rosen | |
(on top of all of the extensions we're less likely to encounter...) | |||
2014-11-18 | afserver: support per-realm CA-certificate settings | Joshua Judson Rosen | |
This makes it possible to have different CA certificates for different realms, or certificate auth for only some realms and password auth for others. | |||
2014-11-18 | Add missing const qualifier on SSL_METHOD* vars. | Joshua Judson Rosen | |
2014-10-20 | afserver: log which protocol version was accepted by SSL_accept. | Joshua Judson Rosen | |
2014-10-20 | afclient: make "SERVER SSL" log show which protocol version is in use, if any | Joshua Judson Rosen | |
(rather than just "yes") | |||
2014-10-20 | afclient: use whatever version of TLS (or better) we can. | Joshua Judson Rosen | |
Refuse to use pre-TLS SSL, since now SSLv3 has been broken by POODLE attack. | |||
2014-10-20 | afserver: avoid requiring a specific SSL protocol version | Joshua Judson Rosen | |
Trust the clients to negotiate the latest/best protocol version they can. This should generally improve security over time (as OpenSSL improves and implements improved protocols) without having the APF codebase or server/client deployments need to chase latest OpenSSL API additions, causing portability problems, or breaking client deployments that are hard to upgrade. | |||
2014-07-18 | afclient: support loading complete cert-chains from cerfile. | Joshua Judson Rosen | |
This makes x.509 certification more usable/maintainable, because the intermediate CA keys don't all need to be maintained on the server (the certification tools just need to concatenate the CA chain onto the APF-client certificates as part of the certification-process). | |||
2014-07-10 | Regenerated configure scripts. | Jakub Slawinski | |
2014-07-10 | Removed unnecessary files. | Jakub Slawinski | |
2014-07-10 | Re-added COPYING file. | Jakub Slawinski | |
2014-07-10 | Revert "Used LICENSE file instead of COPYING." | Jakub Slawinski | |
This reverts commit 58f81d19ce809fac5d0a0fbe7b682243ada86aea. Conflicts: README.md | |||
2014-07-10 | Cosmetics in github readme. | Jakub Slawinski | |
2014-07-10 | Cosmetics in github readme. | Jakub Slawinski | |
2014-07-10 | Cosmetics in github readme. | Jakub Slawinski | |
2014-07-10 | Cosmetics in github readme. | Jakub Slawinski | |
2014-07-10 | Used LICENSE file instead of COPYING. | Jakub Slawinski | |
2014-07-10 | Restored the original README file. | Jakub Slawinski | |
2014-07-10 | Renamed readme file to be displayed on github. | Jakub Slawinski | |
2014-07-10 | Initial project structure based on Active Port Forwarder 0.8.4. | Jakub Slawinski | |
2014-07-10 | Initial commit | jslawinski | |