From c266796caaaf8a8c2a6c4a971a5fc18975b73f8e Mon Sep 17 00:00:00 2001 From: Holger Hans Peter Freyther Date: Thu, 25 Aug 2016 23:07:44 +0200 Subject: client: Initial support for TLS in the client Use GNUtls because it is GPL compatible and instead of mbedTLS seems to have a working non-blocking I/O integration. GNUtls has various issues that could not be resolved easily: * Pick spdy as sub protocol * gmt_time not randomized * private key loaded to RAM (but not verified) This is the beginning and not the end. Client support might need more work with actual tls verification. Maybe more manual x509 cert verification is needed and maybe client certs don't work at all. I try to ignore renegotiation as I threw away the key. Reload x509 creds and keys as they might have changed from one connection to another. Change-Id: I9128e14084da1fc2705f858393f98b8133996172 --- include/osmo-pcap/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/osmo-pcap/Makefile.am') diff --git a/include/osmo-pcap/Makefile.am b/include/osmo-pcap/Makefile.am index 1a446bc..b71e70c 100644 --- a/include/osmo-pcap/Makefile.am +++ b/include/osmo-pcap/Makefile.am @@ -1 +1 @@ -noinst_HEADERS = common.h osmo_pcap_client.h osmo_pcap_server.h wireformat.h +noinst_HEADERS = common.h osmo_pcap_client.h osmo_pcap_server.h wireformat.h osmo_tls.h -- cgit v1.2.3