source: mod_gnutls/src/gnutls_config.c

Revision Log Mode:


Copied or renamed
Diff Rev Age Author Log Message
(edit) @4e388b0   3 years fiona.klute Consistently use strcasecmp() instead of mixing in apr_strnatcasecmp() asynciodebian/masterproxy-ticket
(edit) @6d8c00c   3 years fiona.klute Include apr_strings.h only where needed asynciodebian/masterproxy-ticket
(edit) @60868d2   3 years fiona.klute Default to NORMAL for the GnuTLS priority settings This simplifies … asynciodebian/masterproxy-ticket
(edit) @adceac0   3 years fiona.klute Remove unneeded server variables "cert_cn" and "cert_san" "cert_san" … asynciodebian/masterproxy-ticket
(edit) @eced11a   4 years fiona.klute Remove server variable ocsp_cache_enable There is no need to … asynciodebian/masterproxy-ticket
(edit) @babdb29   4 years fiona.klute Initialize and clean up the OCSP cache, following session cache patterns asynciodebian/masterproxy-ticket
(edit) @d036f96   4 years fiona.klute Add configuration directive GnuTLSOCSPCache (no-op for now) First … asynciodebian/masterproxy-ticket
(edit) @ce5f776   4 years fiona.klute Move config and post_config of a cache instance to separate functions … asynciodebian/masterproxy-ticket
(edit) @f52f1b4   4 years fiona.klute Allow GnuTLSCacheTimeout in virtual host config I'm not sure if … asynciodebian/masterproxy-ticket
(edit) @b94aee2   4 years fiona.klute Remove internal cache type enum The cache type is now transparently … asynciodebian/masterproxy-ticket
(edit) @6bbd378   4 years fiona.klute Remove special handling for APR memcache and leftover includes asynciodebian/masterproxy-ticket
(edit) @de1ceab   4 years fiona.klute Replace internal cache implementation with mod_socache Massively … asynciodebian/masterproxy-ticket
(edit) @0470e44   4 years fiona.klute Support common socache "type:config" style for GnuTLSCache directive asynciodebian/masterproxy-ticket
(edit) @7921dc7   4 years fiona.klute Remove OpenPGP authentication OpenPGP authentication was removed from … asynciodebian/masterproxy-ticket
(edit) @2246a84   4 years fiona.klute Make automatic OCSP cache updates and fuzz time configurable asynciodebian/masterproxy-ticket
(edit) @0e3f8c6   4 years fiona.klute Create module-wide singleton watchdog during post_config asynciodebian/masterproxy-ticket
(edit) @3c123cd   4 years fiona.klute Update my name, prepare changelog for the next release asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @a2b4ab6   5 years thomas2.klute Use GnuTLS known DH parameters If the user does not configure the DH … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @104e881   5 years thomas2.klute General comment updates for Doxygen compatibility Mostly /* */ vs. … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @e1c094c   5 years thomas2.klute Replace GnuTLSOCSPGraceTime with GnuTLSOCSPCacheTimeout Configuring a … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @b888e8b   5 years thomas2.klute New directive GnuTLSOCSPCheckNonce Some CAs refuse to send nonces in … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @c39ae1a   5 years thomas2.klute Initialize OCSP timeouts with an "unset" value The configuration … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @0a02378   5 years thomas2.klute Style fixes for OCSP related time differences * Consistently use … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @333bbc7   5 years thomas2.klute Configurable OCSP socket timeout Stalled OCSP requests must time out … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @c6dda6d   5 years thomas2.klute Rate limit OCSP requests Retries after failed OCSP requests must be … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @d26fa55   5 years thomas2.klute Allow GnuTLSOCSPGraceTime in virtual host context mgs_set_timeout … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @4d4a406   6 years thomas2.klute New config option: GnuTLSOCSPStapling This flag option … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @70d014b   6 years thomas2.klute Remove FIXME comment about releasing config structures: Done! asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @b8700b0   6 years thomas2.klute Deinit proxy credentials on config pool cleanup asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @7e7d328   6 years thomas2.klute Deinit PGP certificate on config pool cleanup asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @44e8944   6 years thomas2.klute Allocate memory for X.509 and PGP certificates only when needed asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @eee1432   6 years thomas2.klute Bind temporary pool in mgs_load_files() to ptemp scope Pool 'spool' … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @45b7b83   6 years thomas2.klute Deinit PGP private key and keyring on config pool cleanup asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @db9ef68   6 years thomas2.klute Deinit client CA list on config pool cleanup asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @81433f1   6 years thomas2.klute Reformat mgs_load_files() This commit changes only whitespace and … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @e2ba939   6 years thomas2.klute Prevent memory leaks in post_conf hook Valgrind indicated memory … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @cc74801e   6 years thomas2.klute Move generated vhost-wide OCSP config into a private structure asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @d6834e0   6 years thomas2.klute OCSP refresh mutex: Prevent parallel requests Add a global mutex … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @aa68232   6 years thomas2.klute Move global cache mutex into the private cache struct asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @e809fb30   6 years thomas2.klute Use generic cache functions for OCSP response caching With this, OCSP … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @70a1e5a   6 years thomas2.klute Introduce OCSP caching grace time A cached OCSP response must be … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @c005645   6 years thomas2.klute Mutex for DBM cache access I noticed that with a DBM cache enabled … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @8913410   6 years thomas2.klute Update copyright headers asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @fd6bb19   6 years thomas2.klute Extract OCSP access URI from the server certificate asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @fad7695   6 years thomas2.klute Store OCSP trust list in server config This avoids recreating the … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @94cb972   6 years thomas2.klute Minimal OCSP stapling implementation using externally provided … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @9ca1f21   6 years thomas2.klute Allow loading more than one PKCS #11 module using GnuTLSP11Module … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @176047e   6 years thomas2.klute Use AP_INIT_FLAG for On/Off? config directives Letting the Apache … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @7764015   6 years thomas2.klute Update GnuTLSP11Module documentation for stricter semantics asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @e021722   7 years thomas2.klute Update copyright headers for Nikos Mavrogiannopoulos' PKCS #11 patch … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @e391197   7 years thomas2.klute Update copyright headers for C source asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @a2e3c33   7 years thomas2.klute Rename option SSLProxyEngine to GnuTLSProxyEngine This matches the … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @87f1ed2   7 years thomas2.klute Allow loading of an additional PKCS #11 provider library When using … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @4133f2d   7 years thomas2.klute Unify argument handling in mgs_set_priorities Just store the argument … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @2cde026d   7 years thomas2.klute Merge branch 'new-gnutls-api' Merge my TLS proxy implementation with … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @f030883   7 years thomas2.klute Set GnuTLS priorities for proxy connections separately Until now, … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @d04f7da   7 years thomas2.klute Version guards for gnutls_privkey_import_openpgp_raw workaround The … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @2cde8111   7 years thomas2.klute Workarounds for OpenPGP key handling Commit … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @259e835   7 years thomas2.klute Merge branch 'master' into new-gnutls-api Branch 'master' at this … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @1d9cfaf   7 years thomas2.klute gnutls_config.c: Backport function signature changes from master … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @809c422   7 years thomas2.klute TLS proxy: Add support for CRLs to back end server verification When … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @0de1839   7 years thomas2.klute Support X.509 auth for TLS proxy connections This commit adds support … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @7314438   7 years thomas2.klute Fix whitespace problems detected by git asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @beb14d9   7 years thomas2.klute Proof of concept: Support for proxy back end connections using TLS … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @031acac   8 years nmav Use the new (3.1.3+) GnuTLS APIs to obtain private keys. This allows … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @fd82e59   8 years dkg use strict compiler arguments by default (-Wall -Werror -Wextra) … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @2aaf4f5   8 years dkg implement GnuTLSExportCertificates control over max exported cert size … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @55dc3f0   8 years dkg Make Apache 2.4 display the correct module in error logs asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @671b64f   8 years dkg remove all trailing whitespace asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @cf2b905   8 years dkg MSVA: document and parse GnuTLSClientVerifyMethod directive The … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @7d1ab49   9 years dkg restore GnuTLSExportCertificate directive It looks to me like this … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @929d313   9 years dkg avoid use-after-free in mgs_set_key_file() asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @480aba1   9 years dkg correct context terminology for GnuTLSCache configurations "global … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @040387c   9 years dkg server-wide settings should be defaults unless overridden in a vhost … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @8400c2e   9 years dkg properly document the GnuTLSCache directive asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @3b4c0d0   9 years neuromancer * Added Comments to Header Structures * Refactored the following: … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @33826c5   10 years neuromancer mod_proxy support asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @e183628   10 years neuromancer Updated Copyright Headers & Formatting asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @443b18e   10 years neuromancer Remove Legacy LUA Code asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @b59327c   11 years nmav GnuTLSCache can now take a single argument (none). asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @e02dd8c   11 years nmav indented code asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @d8c7cf4   11 years nmav Only allow two options for DB. Berkeley DB and gdbm. The other options … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @771ca63   11 years nmav The GnuTLSCache variable now can be given the specific option "sdbm" … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @bca274d   12 years nmav Session tickets are enabled by default. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @ae233c2   12 years nmav Added option to turn on/off session tickets. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @03a9a6b   12 years nmav Force SDBM. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @7ef38d4   13 years nmav if private key import fails try as pkcs8 key. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @8663ace   13 years nmav removed limit on ca certificates' number asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @787dab7   14 years nmav added option to disable srp (for distributions that disable it in gnutls) asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @2b3a248b   14 years nmav more changes for openpgp support. Seems to be at a workable state. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @e5bbda4   14 years nmav Initial support for openpgp keys asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @5e81262   14 years nmav Added support for sending more than one certificate. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @b077bdd   14 years nmav added more error checks. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @a3c97d1   14 years nmav better handling of RSAFile and DHFile asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @e239d1a   14 years nmav No more defaults for dhparams, rsaparams. Check for GnuTLSPriorities. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @fd73a08   14 years nmav Added support for subject alternative names. (untested) asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @7bebb42   14 years nmav upgraded to 0.4.0 asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @836c2f9   17 years chip start the CA Certificate code. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @84cb5b2   17 years chip - add lua to do client verification - only use gcrypt locking when … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @c301152   17 years chip - move hooks to gnutls_hooks.c - use 'mgs_' as the prefix for all … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
Note: See TracRevisionLog for help on using the revision log.