summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-02-17Prepare for v0.8.5 releaseHEADmasterJoshua Judson Rosen
Update version-strings and summarise the changes since v0.8.4 in ChangeLog.
2015-02-17Update autotools-generated filesJoshua Judson Rosen
via autoreconf.
2015-02-17Remove HTTP proxy support.Joshua Judson Rosen
There are plenty of popular, readily-available external tools that, frankly, provide better options for going through proxies-- both of the HTTP variety and others (corkscrew, httptunnel, socat...); and dropping our internal implementation results in a significant reduction in code complexity--including the complete elimination of multithreading and all of the worries that go along with it.
2015-02-16Nix mysleep().Joshua Judson Rosen
Just use sleep() where only whole-second resolution is used to delay between reconnect-attempts; and nanosleep where sub-second resolution is used. sleep() should actually be OK, because we don't intermix those calls with alarm() or any other signals or itimer functions. nanosleep() should be OK because POSIX.1-2001 requires that it not have the crazy signal interactions that its predecessors are known for.
2014-12-21VC: ignore backup-files.Joshua Judson Rosen
2014-12-21VC: ignore files generated by configure/make.Joshua Judson Rosen
2014-12-21VC: ignore specific built binares.Joshua Judson Rosen
(on top of all of the extensions we're less likely to encounter...)
2014-11-18afserver: support per-realm CA-certificate settingsJoshua Judson Rosen
This makes it possible to have different CA certificates for different realms, or certificate auth for only some realms and password auth for others.
2014-11-18Add missing const qualifier on SSL_METHOD* vars.Joshua Judson Rosen
2014-10-20afserver: log which protocol version was accepted by SSL_accept.Joshua Judson Rosen
2014-10-20afclient: make "SERVER SSL" log show which protocol version is in use, if anyJoshua Judson Rosen
(rather than just "yes")
2014-10-20afclient: use whatever version of TLS (or better) we can.Joshua Judson Rosen
Refuse to use pre-TLS SSL, since now SSLv3 has been broken by POODLE attack.
2014-10-20afserver: avoid requiring a specific SSL protocol versionJoshua Judson Rosen
Trust the clients to negotiate the latest/best protocol version they can. This should generally improve security over time (as OpenSSL improves and implements improved protocols) without having the APF codebase or server/client deployments need to chase latest OpenSSL API additions, causing portability problems, or breaking client deployments that are hard to upgrade.
2014-07-18afclient: support loading complete cert-chains from cerfile.Joshua Judson Rosen
This makes x.509 certification more usable/maintainable, because the intermediate CA keys don't all need to be maintained on the server (the certification tools just need to concatenate the CA chain onto the APF-client certificates as part of the certification-process).
2014-07-10Regenerated configure scripts.Jakub Slawinski
2014-07-10Removed unnecessary files.Jakub Slawinski
2014-07-10Re-added COPYING file.Jakub Slawinski
2014-07-10Revert "Used LICENSE file instead of COPYING."Jakub Slawinski
This reverts commit 58f81d19ce809fac5d0a0fbe7b682243ada86aea. Conflicts: README.md
2014-07-10Cosmetics in github readme.Jakub Slawinski
2014-07-10Cosmetics in github readme.Jakub Slawinski
2014-07-10Cosmetics in github readme.Jakub Slawinski
2014-07-10Cosmetics in github readme.Jakub Slawinski
2014-07-10Used LICENSE file instead of COPYING.Jakub Slawinski
2014-07-10Restored the original README file.Jakub Slawinski
2014-07-10Renamed readme file to be displayed on github.Jakub Slawinski
2014-07-10Initial project structure based on Active Port Forwarder 0.8.4.Jakub Slawinski
2014-07-10Initial commitjslawinski