<feed xmlns='http://www.w3.org/2005/Atom'>
<title>s6-networking/src/sbearssl/deps-lib, branch 2.5.0.0</title>
<subtitle>UCSPI TCP implementation and other networking utilities</subtitle>
<id>https://git.skarnet.org/cgit/s6-networking/atom/src/sbearssl/deps-lib?h=2.5.0.0</id>
<link rel='self' href='https://git.skarnet.org/cgit/s6-networking/atom/src/sbearssl/deps-lib?h=2.5.0.0'/>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/'/>
<updated>2021-06-02T01:15:12Z</updated>
<entry>
<title> Debug session. Now works.</title>
<updated>2021-06-02T01:15:12Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2021-06-02T01:15:12Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=a6c4fb25b60cbc83a4b8bdb756fcf9c69310e6ae'/>
<id>urn:sha1:a6c4fb25b60cbc83a4b8bdb756fcf9c69310e6ae</id>
<content type='text'>
 The environment given to the application still needs to be
cleaned up of SNI variables.
</content>
</entry>
<entry>
<title> Add all the missing pieces for sni_policy</title>
<updated>2021-06-01T11:27:05Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2021-06-01T11:27:05Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=a84b9b4e5d985a5d8a37268a76e1d35210fd31c5'/>
<id>urn:sha1:a84b9b4e5d985a5d8a37268a76e1d35210fd31c5</id>
<content type='text'>
 sbearssl_server_init_and_run is yet unchanged, the next step
is to rewrite it using the new primitives.
</content>
</entry>
<entry>
<title> Start work on bearssl server-side sni</title>
<updated>2021-05-30T09:19:26Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2021-05-30T09:19:26Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=e763c3ef1485404585b923365f93314aab4e8dd6'/>
<id>urn:sha1:e763c3ef1485404585b923365f93314aab4e8dd6</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Add an x509 engine wrapping minimal. NOT FUNCTIONAL, FOR TESTING.</title>
<updated>2021-05-20T10:55:18Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2021-05-20T10:55:18Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=4aae040b1a8aecddcd0e1e959c77bb262fe6b850'/>
<id>urn:sha1:4aae040b1a8aecddcd0e1e959c77bb262fe6b850</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Prepare for 2.4.2.0; implement client certificates with bearssl</title>
<updated>2021-05-18T11:19:19Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2021-05-18T11:19:19Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=6780eee3e0dbe37640f72ed1e37a95c506e23f8c'/>
<id>urn:sha1:6780eee3e0dbe37640f72ed1e37a95c506e23f8c</id>
<content type='text'>
 Also send a bit more environment with libtls
</content>
</entry>
<entry>
<title> Add SSL_PROTOCOL and SSL_CIPHER support, fix some bugs</title>
<updated>2020-11-22T15:46:34Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2020-11-22T15:46:34Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=4fb917263ac30373cb3e5dfe3e207369eb238def'/>
<id>urn:sha1:4fb917263ac30373cb3e5dfe3e207369eb238def</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Privs can only be dropped after reading key files.</title>
<updated>2020-11-21T02:22:09Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2020-11-21T02:22:09Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=5c2880becc94141b8035b3488b6bd60696011308'/>
<id>urn:sha1:5c2880becc94141b8035b3488b6bd60696011308</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Refactor tls code to support ucspi-tls</title>
<updated>2020-11-20T23:24:29Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2020-11-20T23:24:29Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=5715c21a077ee1c2fe8957cb4adcea14fd2eda6b'/>
<id>urn:sha1:5715c21a077ee1c2fe8957cb4adcea14fd2eda6b</id>
<content type='text'>
 That includes:
 - new architecture: the tls binary is now a child of the app
instead of the other way around
 - the sbearssl_run engine now takes a post-handshake callback.
This allows s6-tlsc and s6-tlsd to only exec into the app when
the handshake succeeds (which was already the case with libressl).
 - new binaries s6-tlsc-io and s6-tlsd-io encapsulate the crypto
code; they init and run the engine, connecting to 4 already open
fds (stdin/stdout = network, argv[1] and argv[2] = local)
 - s6-tlsc is now a simple wrapper around s6-tlsc-io
 - s6-tlsd is now a simple wrapper around s6-tlsd-io
 - new binary: s6-ucspitlsd, which is also a wrapper around
s6-tlsd-io, but differently: the parent execs the app which should
be ucspi-tls-aware, the child waits for a command from the parent
and execs into s6-tlsd-io if it receives it.
</content>
</entry>
<entry>
<title> Fix case where s6-tls[cd] would sometimes not detect an application and remain there forever with its zombie, both condemned to err in limbo for all eternity, the living and the dead, hand in hand</title>
<updated>2017-03-22T21:37:30Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2017-03-22T21:37:30Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=dddbfab568d42e443f102d35c84432824cc59fee'/>
<id>urn:sha1:dddbfab568d42e443f102d35c84432824cc59fee</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Types fix, first pass</title>
<updated>2017-01-10T02:17:16Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2017-01-10T02:17:16Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=334d807b924427434b42d4fbae745d3d1b38a218'/>
<id>urn:sha1:334d807b924427434b42d4fbae745d3d1b38a218</id>
<content type='text'>
 XXX marks what must change when skalibs changes.
 Also started writing functions for client certificate support
in sbearssl, but it's not working yet (need more high-level
support from BearSSL before it can work)
</content>
</entry>
</feed>
