source: mod_gnutls

Revision Log Mode:


Legend:

Added
Modified
Copied or renamed
Graph Diff Rev Age Author Log Message
(edit) @45b7b83   18 months thomas2.klute Deinit PGP private key and keyring on config pool cleanup debianupstream
(edit) @db9ef68   18 months thomas2.klute Deinit client CA list on config pool cleanup debianupstream
(edit) @81433f1   18 months thomas2.klute Reformat mgs_load_files() This commit changes only whitespace and … debianupstream
(edit) @e2ba939   18 months thomas2.klute Prevent memory leaks in post_conf hook Valgrind indicated memory … debianupstream
(edit) @317b569   18 months thomas2.klute Make the response validity period of the test responder configurable debianupstream
(edit) @894efd0   18 months thomas2.klute Check OCSP response nonce debianupstream
(edit) @82745d1   18 months thomas2.klute Fix memory usage issues * Use-after-free of the OCSP request in … debianupstream
(edit) @16ad0eb   18 months thomas2.klute Perform OCSP request over HTTP Finally the whole stack is there! … debianupstream
(edit) @04addef   18 months thomas2.klute Test suite: Always lock authority PGP keyring I've occasionally … debianupstream
(edit) @0831437   18 months thomas2.klute Clarify the purpose of mgs_time2sz() I've renamed the CTIME macro to … debianupstream
(edit) @47a909e   18 months thomas2.klute Create OCSP requests when updating the cached response Actually … debianupstream
(edit) @6c44ed2   18 months thomas2.klute Test suite: Explicitly link gen_ocsp_index against libgnutls This is … debianupstream
(edit) @a372379   18 months thomas2.klute Store server certificate fingerprint in OCSP config It's not like … debianupstream
(edit) @cc74801   18 months thomas2.klute Move generated vhost-wide OCSP config into a private structure debianupstream
(edit) @6b89353   18 months thomas2.klute Remove Lua bytecode variables from directory config structure The … debianupstream
(edit) @5559aa6   18 months thomas2.klute Rely on cache for OCSP response expiration With fixed DBM cache … debianupstream
(edit) @11e6205   18 months thomas2.klute dbm_cache_fetch(): Clear data size on allocation failure Memory … debianupstream
(edit) @b2e6406   18 months thomas2.klute Safe integer type conversion in mgs_filter_input() Read sizes should … debianupstream
(edit) @15b22cb   18 months thomas2.klute Allow compiling with clang Needs just a minimal workaround for an … debianupstream
(edit) @d6834e0   18 months thomas2.klute OCSP refresh mutex: Prevent parallel requests Add a global mutex … debianupstream
(edit) @aa68232   18 months thomas2.klute Move global cache mutex into the private cache struct debianupstream
(edit) @e809fb3   18 months thomas2.klute Use generic cache functions for OCSP response caching With this, OCSP … debianupstream
(edit) @3e22b82   18 months thomas2.klute Add generic store/fetch support to the memcached cache Required to … debianupstream
(edit) @70a1e5a   18 months thomas2.klute Introduce OCSP caching grace time A cached OCSP response must be … debianupstream
(edit) @f450ac9   18 months thomas2.klute Replace mgs_session_id2sz() with apr_(p?)escape_hex() There's no need … debianupstream
(edit) @d18afb8   18 months thomas2.klute Ensure that dbm_cache_fetch() does not return expired data The cache … debianupstream
(edit) @c6572ec   18 months thomas2.klute Apply default cache timeout to OCSP responses without nextUpdate debianupstream
(edit) @c55902b   18 months thomas2.klute Trigger cache expiration on fetch, small restructuring In a situation … debianupstream
(edit) @c005645   18 months thomas2.klute Mutex for DBM cache access I noticed that with a DBM cache enabled … debianupstream
(edit) @eb63377   19 months thomas2.klute Check only expiration time for OCSP responses from cache Responses … debianupstream
(edit) @366d1a1   19 months thomas2.klute Use nextUpdate field of OCSP response to set cache lifetime debianupstream
(edit) @08817d0   19 months thomas2.klute Check OCSP response before caching Only verified responses should be … debianupstream
(edit) @368e581   19 months thomas2.klute Update OCSP response cache only if response is missing or invalid … debianupstream
(edit) @4bf4ce2   19 months thomas2.klute Use GCC builtins to catch overflows with mixed integer types … debianupstream
(edit) @6b4136c   19 months thomas2.klute Store OCSP responses in DBM cache before use This is not proper … debianupstream
(edit) @2f932fa   19 months thomas2.klute Use gnutls_datum_t to pass DBM keys for GnuTLS sessions The APR … debianupstream
(edit) @6814e48   19 months thomas2.klute Explain the different signatures of the dbm_cache functions debianupstream
(edit) @15245bf   19 months thomas2.klute Split dbm_cache_fetch() in generic and GnuTLS session specific parts … debianupstream
(edit) @1d1361f   19 months thomas2.klute Make dbm_cache_store() work outside connection context debianupstream
(edit) @ae08186   19 months thomas2.klute DBM cache: Separate session caching and generic store operation debianupstream
(edit) @f785704   19 months thomas2.klute Make dbm_cache_expire() work outside connection context DBM cache … debianupstream
(edit) @04e6e65   19 months thomas2.klute Move declarations of cache-related functions to a dedicated header … debianupstream
(edit) @379a297   19 months thomas2.klute Remove code used only with GnuTLS 2.x debianupstream
(edit) @7511bfa   19 months thomas2.klute Use ap_log_cerror() instead of ap_log_error() where reasonable … debianupstream
(edit) @8913410   19 months thomas2.klute Update copyright headers debianupstream
(edit) @c3ad933   19 months thomas2.klute Remove stale support code for Apache versions before 2.2 debianupstream
(edit) @fd6bb19   19 months thomas2.klute Extract OCSP access URI from the server certificate debianupstream
(edit) @4ae7810   19 months thomas2.klute Log port along with hostname if OCSP trust list initialization fails debianupstream
(edit) @68ce93c   19 months thomas2.klute Rearrange mgs_get_ocsp_response() for readability debianupstream
(edit) @fad7695   19 months thomas2.klute Store OCSP trust list in server config This avoids recreating the … debianupstream
(edit) @64856fd   19 months thomas2.klute Get rid of exit(-1) calls in mgs_hook_post_config() This allows the … debianupstream
(edit) @2a1ffd6   19 months thomas2.klute Move trust list generation for OCSP to a separate function The new … debianupstream
(edit) @d35b98e   19 months thomas2.klute Check OCSP response and staple it only if good debianupstream
(edit) @c05780e   19 months thomas2.klute Proper runtests integration Test fails if runtests failed, avoid … debianupstream
(edit) @4cc1edc   19 months thomas2.klute Remove pointless <If> from test server config Apparently <If> is … debianupstream
(edit) @20f8e99   19 months thomas2.klute Provide full certificate chain to the server The server will need CA … debianupstream
(edit) @94cb972   19 months thomas2.klute Minimal OCSP stapling implementation using externally provided … debianupstream
(edit) @b674e95   19 months thomas2.klute Merge version 0.7.5 into ocsp branch debianupstream
(edit) @086cea9   19 months thomas2.klute Release version 0.7.5 debianjessie-backportsupstream
(edit) @2b80754   19 months thomas2.klute Delete target files before exporting PGP certificates GnuPG promts or … debianjessie-backportsupstream
(edit) @9e56602   19 months thomas2.klute Check for write errors in pgpcrc.c to get rid of build warning debianjessie-backportsupstream
(edit) @42829ae   19 months thomas2.klute Build pgpcrc through Automake, clean new GnuPG privkey files & directories debianjessie-backportsupstream
(edit) @298dc66   19 months thomas2.klute use --outfile instead of stdio redirection This way, when a command … debianjessie-backportsupstream
(edit) @d70dd6e   19 months thomas2.klute ensure cleanup of gpg v2.1 keyrings as well depending on the version … debianjessie-backportsupstream
(edit) @0bda20f   19 months thomas2.klute Make "make distcheck" work This requires strict DIST/DISTCLEAN lists … debianjessie-backportsupstream
(edit) @eb34ac4   19 months thomas2.klute Let Automake handle module installation Using a custom pkglib … debianjessie-backportsupstream
(edit) @eda8686   19 months thomas2.klute Disable building static libraries Only the dynamic library is used by … debianjessie-backportsupstream
(edit) @19f2719   19 months thomas2.klute Update comments and formating in push/pull functions debianjessie-backportsupstream
(edit) @a9fa300   19 months thomas2.klute Set GnuTLS session errno on all error paths in mgs_transport_read() debianjessie-backportsupstream
(edit) @6868585   19 months thomas2.klute Remove unnecessary session pointer check The transport functions are … debianjessie-backportsupstream
(edit) @be41ee4   19 months thomas2.klute Set GnuTLS session errno on errors in mgs_transport_write() Sunil … debianjessie-backportsupstream
(edit) @efe884e   19 months thomas2.klute Skip OCSP test with incompatible GnuTLS versions Please see the … debianupstream
(edit) @c4d6e77   19 months thomas2.klute Test suite: New test case for simple HTTPS access with OCSP status check debianupstream
(edit) @9e309ae   19 months thomas2.klute Merge version 0.7.4 into ocsp debianupstream
(edit) @c6cfe6e   20 months thomas2.klute Release version 0.7.4 debianjessie-backportsupstream
(edit) @a0161fe   21 months thomas2.klute Test suite: Include OCSP URI in server & client certificates if enabled debianupstream
(edit) @21181b2   21 months thomas2.klute Test suite: Enable OCSP if OpenSSL is available, provide port for … debianupstream
(edit) @c0c4106   21 months thomas2.klute Test suite: Minimal OCSP responder (CGI script and Apache config snippet) debianupstream
(edit) @ea99ffe   21 months thomas2.klute Test suite: Build OCSP database debianupstream
(edit) @a03f94e   21 months thomas2.klute Test suite: Build OCSP responder certificate debianupstream
(edit) @42bee37   21 months thomas2.klute Test suite: OCSP index generation tool gen_ocsp_index creates an … debianupstream
(edit) @28fc74b   21 months thomas2.klute Capture full gnutls-cli output in test logs Copying instead of … debianjessie-backportsupstream
(edit) @5725dca   21 months thomas2.klute Test suite: Consistent use of @VAR@ vs. $(VAR) Makefile.am will … debianjessie-backportsupstream
(edit) @aeaf28b   21 months thomas2.klute Allow user to set SoftHSM PKCS #11 module Users may want to use a … debianjessie-backportsupstream
(edit) @b0e5dae   22 months thomas2.klute Test suite: Add support for SoftHSM 2 ./configure now detects SoftHSM … debianjessie-backportsupstream
(edit) @6f644fa   22 months thomas2.klute Test suite: Generate SoftHSM config for initialization as needed debianjessie-backportsupstream
(edit) @74772b2   22 months thomas2.klute Define autoconf/automake variables to handle different SoftHSM versions debianjessie-backportsupstream
(edit) @5eb4544   22 months thomas2.klute Test suite: Search SoftHSM during ./configure, detect module for v1 or … debianjessie-backportsupstream
(edit) @d84f0f7   22 months thomas2.klute Test 26_redirect_HTTP_to_HTTPS: Add --verbose option when using curl … debianjessie-backportsupstream
(edit) @f0923c4   22 months thomas2.klute Release version 0.7.3 debianjessie-backportsupstream
(edit) @67f2f58   22 months thomas2.klute Support curl or Wget for test case "26_redirect_HTTP_to_HTTPS" debianjessie-backportsupstream
(edit) @5aae10e   22 months thomas2.klute configure.ac: Better wording for network and user namespace creation check debianjessie-backportsupstream
(edit) @7c0ccaf   22 months thomas2.klute Rename test "26_HTTPS_server_var" to "redirect_HTTP_to_HTTPS" The new … debianjessie-backportsupstream
(edit) @a038290   22 months thomas2.klute Set the correct PID file in test-26_HTTPS_server_var.bash debianjessie-backportsupstream
(edit) @8ac7c0d   22 months thomas2.klute Register "ssl_is_https" function for compatibility with mod_rewrite … debianjessie-backportsupstream
(edit) @7aeabcb   22 months thomas2.klute Update documentation for test certificate generation Add hint about … debianjessie-backportsupstream
(edit) @06f8005   23 months thomas2.klute Test suite: Fix file lists for distribution archive creation debianjessie-backportsupstream
(edit) @db6bac4   23 months thomas2.klute PKCS #11 test case: Generate temporary SoftHSM config from … debianjessie-backportsupstream
(edit) @5d9f34e   23 months thomas2.klute configure: Check if flock supports --timeout This builds on the … debianjessie-backportsupstream
(edit) @1bb6b1c   23 months thomas2.klute configure: Fix "not available" case in check for unshare The changed … debianjessie-backportsupstream
Note: See TracRevisionLog for help on using the revision log.