tls: JIT Trust

Add support for dynamically determining the CAs needed to validate server certificates. This allows you to avoid instantiating > 120 X.509 trusted CA certs and have them take up heap the whole time. Works for both openssl and mbedtls. See READMEs/README.jit-trust.md for the documentation You likely want the next patch for http redirect enhancements as well.
author: Andy Green <andy@warmcat.com> 2021-05-21 14:32:21 +0100
committer: Andy Green <andy@warmcat.com> 2021-06-22 15:55:29 +0100
commit: 2f9bb7a30afd505935959664bf90c13bcb569a45 (patch)
tree: 3d2cc0c795de2c7cf937d50b34e44c2ad4c563bd /LICENSE
parent: f8f1749be9c2bd36ee6aa33171b349a82d02b0a1 (diff)
download: libwebsockets-2f9bb7a30afd505935959664bf90c13bcb569a45.tar.gz
1 files changed, 5 insertions, 4 deletions
diff --git a/LICENSE b/LICENSE
index 13f3f7c2..2135e321 100644
--- a/LICENSE
+++ b/LICENSE
@@ -6,10 +6,11 @@ them.
 
 Original liberal license retained:
 
-  - lib/misc/sha-1.c          - 3-clause BSD license retained, link to original [BSD3]
-  - win32port/zlib            - ZLIB license (see zlib.h) [ZLIB]
-  - lib/tls/mbedtls/wrapper   - Apache 2.0 (only built if linked against mbedtls) {APACHE2]
-  - lib/misc/base64-decode.c  - already MIT
+  - lib/misc/sha-1.c                     - 3-clause BSD license retained, link to original [BSD3]
+  - win32port/zlib                       - ZLIB license (see zlib.h) [ZLIB]
+  - lib/tls/mbedtls/wrapper              - Apache 2.0 (only built if linked against mbedtls) {APACHE2]
+    lib/tls/mbedtls/mbedtls-extensions.c
+  - lib/misc/base64-decode.c             - already MIT
 
 Relicensed to MIT:
author	Andy Green <andy@warmcat.com>	2021-05-21 14:32:21 +0100
committer	Andy Green <andy@warmcat.com>	2021-06-22 15:55:29 +0100
commit	2f9bb7a30afd505935959664bf90c13bcb569a45 (patch)
tree	3d2cc0c795de2c7cf937d50b34e44c2ad4c563bd /LICENSE
parent	f8f1749be9c2bd36ee6aa33171b349a82d02b0a1 (diff)
download	libwebsockets-2f9bb7a30afd505935959664bf90c13bcb569a45.tar.gz