<feed xmlns='http://www.w3.org/2005/Atom'>
<title>s6-networking/src/sbearssl/sbearssl-internal.h, branch 2.5.0.0</title>
<subtitle>UCSPI TCP implementation and other networking utilities</subtitle>
<id>https://git.skarnet.org/cgit/s6-networking/atom/src/sbearssl/sbearssl-internal.h?h=2.5.0.0</id>
<link rel='self' href='https://git.skarnet.org/cgit/s6-networking/atom/src/sbearssl/sbearssl-internal.h?h=2.5.0.0'/>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/'/>
<updated>2021-06-01T21:28:12Z</updated>
<entry>
<title> Add servername to storage</title>
<updated>2021-06-01T21:28:12Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2021-06-01T21:28:12Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=1191557c30af6326fc5fae7f02167375043bb293'/>
<id>urn:sha1:1191557c30af6326fc5fae7f02167375043bb293</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Add all the missing pieces for sni_policy</title>
<updated>2021-06-01T11:27:05Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2021-06-01T11:27:05Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=a84b9b4e5d985a5d8a37268a76e1d35210fd31c5'/>
<id>urn:sha1:a84b9b4e5d985a5d8a37268a76e1d35210fd31c5</id>
<content type='text'>
 sbearssl_server_init_and_run is yet unchanged, the next step
is to rewrite it using the new primitives.
</content>
</entry>
<entry>
<title> Start work on bearssl server-side sni</title>
<updated>2021-05-30T09:19:26Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2021-05-30T09:19:26Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=e763c3ef1485404585b923365f93314aab4e8dd6'/>
<id>urn:sha1:e763c3ef1485404585b923365f93314aab4e8dd6</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Prepare for 2.4.2.0; implement client certificates with bearssl</title>
<updated>2021-05-18T11:19:19Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2021-05-18T11:19:19Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=6780eee3e0dbe37640f72ed1e37a95c506e23f8c'/>
<id>urn:sha1:6780eee3e0dbe37640f72ed1e37a95c506e23f8c</id>
<content type='text'>
 Also send a bit more environment with libtls
</content>
</entry>
<entry>
<title> Add SSL_PROTOCOL and SSL_CIPHER support, fix some bugs</title>
<updated>2020-11-22T15:46:34Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2020-11-22T15:46:34Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=4fb917263ac30373cb3e5dfe3e207369eb238def'/>
<id>urn:sha1:4fb917263ac30373cb3e5dfe3e207369eb238def</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Privs can only be dropped after reading key files.</title>
<updated>2020-11-21T02:22:09Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2020-11-21T02:22:09Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=5c2880becc94141b8035b3488b6bd60696011308'/>
<id>urn:sha1:5c2880becc94141b8035b3488b6bd60696011308</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Refactor tls code to support ucspi-tls</title>
<updated>2020-11-20T23:24:29Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2020-11-20T23:24:29Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=5715c21a077ee1c2fe8957cb4adcea14fd2eda6b'/>
<id>urn:sha1:5715c21a077ee1c2fe8957cb4adcea14fd2eda6b</id>
<content type='text'>
 That includes:
 - new architecture: the tls binary is now a child of the app
instead of the other way around
 - the sbearssl_run engine now takes a post-handshake callback.
This allows s6-tlsc and s6-tlsd to only exec into the app when
the handshake succeeds (which was already the case with libressl).
 - new binaries s6-tlsc-io and s6-tlsd-io encapsulate the crypto
code; they init and run the engine, connecting to 4 already open
fds (stdin/stdout = network, argv[1] and argv[2] = local)
 - s6-tlsc is now a simple wrapper around s6-tlsc-io
 - s6-tlsd is now a simple wrapper around s6-tlsd-io
 - new binary: s6-ucspitlsd, which is also a wrapper around
s6-tlsd-io, but differently: the parent execs the app which should
be ucspi-tls-aware, the child waits for a command from the parent
and execs into s6-tlsd-io if it receives it.
</content>
</entry>
<entry>
<title> Fix case where s6-tls[cd] would sometimes not detect an application and remain there forever with its zombie, both condemned to err in limbo for all eternity, the living and the dead, hand in hand</title>
<updated>2017-03-22T21:37:30Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2017-03-22T21:37:30Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=dddbfab568d42e443f102d35c84432824cc59fee'/>
<id>urn:sha1:dddbfab568d42e443f102d35c84432824cc59fee</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Types fix, first pass</title>
<updated>2017-01-10T02:17:16Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2017-01-10T02:17:16Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=334d807b924427434b42d4fbae745d3d1b38a218'/>
<id>urn:sha1:334d807b924427434b42d4fbae745d3d1b38a218</id>
<content type='text'>
 XXX marks what must change when skalibs changes.
 Also started writing functions for client certificate support
in sbearssl, but it's not working yet (need more high-level
support from BearSSL before it can work)
</content>
</entry>
<entry>
<title> Remove s6-tls* dependency to libs6net. Improve gen-deps to make dynlinking easier.</title>
<updated>2016-12-04T13:44:23Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2016-12-04T13:44:23Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=5d38ea056c82221a0ddc206cd57dd7c1852a3159'/>
<id>urn:sha1:5d38ea056c82221a0ddc206cd57dd7c1852a3159</id>
<content type='text'>
</content>
</entry>
</feed>
