1. 26 Sep, 2013 2 commits
    • Martin Storsjö's avatar
      http: Pass options through to the nested protocol · 5c53bf7a
      Martin Storsjö authored
      When passing a dict to the nested protocol, it will consume
      the used options from it, so a separate copy needs to be used
      when reopening the connection multiple times.
      Signed-off-by: 's avatarMartin Storsjö <martin@martin.st>
      5c53bf7a
    • Martin Storsjö's avatar
      tls: Add options for verifying the peer certificate · 8b09d917
      Martin Storsjö authored
      A file containing the trusted CA certificates needs to be
      supplied via the ca_file AVOption, unless the TLS library
      has got a system default file/database set up.
      
      This doesn't check the hostname of the peer certificate with
      openssl, which requires a non-trivial piece of code for
      manually matching the desired hostname to the string provided
      by the certificate, not provided as a library function.
      
      That is, with openssl, this only validates that the received
      certificate is signed with the right CA, but not that it is
      the actual server we think we're talking to.
      
      Verification is still disabled by default since we can't count
      on a proper CA database existing at all times.
      Signed-off-by: 's avatarMartin Storsjö <martin@martin.st>
      8b09d917
  2. 25 Sep, 2013 1 commit
  3. 24 Sep, 2013 13 commits
  4. 23 Sep, 2013 1 commit
  5. 22 Sep, 2013 14 commits
  6. 21 Sep, 2013 7 commits
  7. 20 Sep, 2013 2 commits