source: mod_gnutls/src/gnutls_config.c

Revision Log Mode:


Copied or renamed
Diff Rev Age Author Log Message
(edit) @5c9ca6b   14 months fiona.klute Ensure sc->ocsp and sc->ocsp_num are always initialized They should … asyncioproxy-ticket
(edit) @a3e0f7b   14 months fiona.klute Support a list of files for the GnuTLSOCSPResponseFile option This … asyncioproxy-ticket
(edit) @4e388b0   2 years fiona.klute Consistently use strcasecmp() instead of mixing in apr_strnatcasecmp() asynciodebian/masterproxy-ticket
(edit) @6d8c00c   2 years fiona.klute Include apr_strings.h only where needed asynciodebian/masterproxy-ticket
(edit) @60868d2   2 years fiona.klute Default to NORMAL for the GnuTLS priority settings This simplifies … asynciodebian/masterproxy-ticket
(edit) @adceac0   2 years fiona.klute Remove unneeded server variables "cert_cn" and "cert_san" "cert_san" … asynciodebian/masterproxy-ticket
(edit) @eced11a   3 years fiona.klute Remove server variable ocsp_cache_enable There is no need to … asynciodebian/masterproxy-ticket
(edit) @babdb29   3 years fiona.klute Initialize and clean up the OCSP cache, following session cache patterns asynciodebian/masterproxy-ticket
(edit) @d036f96   3 years fiona.klute Add configuration directive GnuTLSOCSPCache (no-op for now) First … asynciodebian/masterproxy-ticket
(edit) @ce5f776   3 years fiona.klute Move config and post_config of a cache instance to separate functions … asynciodebian/masterproxy-ticket
(edit) @f52f1b4   3 years fiona.klute Allow GnuTLSCacheTimeout in virtual host config I'm not sure if … asynciodebian/masterproxy-ticket
(edit) @b94aee2   3 years fiona.klute Remove internal cache type enum The cache type is now transparently … asynciodebian/masterproxy-ticket
(edit) @6bbd378   3 years fiona.klute Remove special handling for APR memcache and leftover includes asynciodebian/masterproxy-ticket
(edit) @de1ceab   3 years fiona.klute Replace internal cache implementation with mod_socache Massively … asynciodebian/masterproxy-ticket
(edit) @0470e44   3 years fiona.klute Support common socache "type:config" style for GnuTLSCache directive asynciodebian/masterproxy-ticket
(edit) @7921dc7   3 years fiona.klute Remove OpenPGP authentication OpenPGP authentication was removed from … asynciodebian/masterproxy-ticket
(edit) @2246a84   3 years fiona.klute Make automatic OCSP cache updates and fuzz time configurable asynciodebian/masterproxy-ticket
(edit) @0e3f8c6   3 years fiona.klute Create module-wide singleton watchdog during post_config asynciodebian/masterproxy-ticket
(edit) @3c123cd   3 years fiona.klute Update my name, prepare changelog for the next release asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @a2b4ab6   4 years thomas2.klute Use GnuTLS known DH parameters If the user does not configure the DH … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @104e881   4 years thomas2.klute General comment updates for Doxygen compatibility Mostly /* */ vs. … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @e1c094c   4 years thomas2.klute Replace GnuTLSOCSPGraceTime with GnuTLSOCSPCacheTimeout Configuring a … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @b888e8b   4 years thomas2.klute New directive GnuTLSOCSPCheckNonce Some CAs refuse to send nonces in … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @c39ae1a   4 years thomas2.klute Initialize OCSP timeouts with an "unset" value The configuration … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @0a02378   4 years thomas2.klute Style fixes for OCSP related time differences * Consistently use … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @333bbc7   4 years thomas2.klute Configurable OCSP socket timeout Stalled OCSP requests must time out … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @c6dda6d   4 years thomas2.klute Rate limit OCSP requests Retries after failed OCSP requests must be … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @d26fa55   4 years thomas2.klute Allow GnuTLSOCSPGraceTime in virtual host context mgs_set_timeout … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @4d4a406   5 years thomas2.klute New config option: GnuTLSOCSPStapling This flag option … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @70d014b   5 years thomas2.klute Remove FIXME comment about releasing config structures: Done! asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @b8700b0   5 years thomas2.klute Deinit proxy credentials on config pool cleanup asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @7e7d328   5 years thomas2.klute Deinit PGP certificate on config pool cleanup asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @44e8944   5 years thomas2.klute Allocate memory for X.509 and PGP certificates only when needed asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @eee1432   5 years thomas2.klute Bind temporary pool in mgs_load_files() to ptemp scope Pool 'spool' … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @45b7b83   5 years thomas2.klute Deinit PGP private key and keyring on config pool cleanup asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @db9ef68   5 years thomas2.klute Deinit client CA list on config pool cleanup asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @81433f1   5 years thomas2.klute Reformat mgs_load_files() This commit changes only whitespace and … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @e2ba939   5 years thomas2.klute Prevent memory leaks in post_conf hook Valgrind indicated memory … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @cc74801e   5 years thomas2.klute Move generated vhost-wide OCSP config into a private structure asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @d6834e0   5 years thomas2.klute OCSP refresh mutex: Prevent parallel requests Add a global mutex … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @aa68232   5 years thomas2.klute Move global cache mutex into the private cache struct asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @e809fb3   5 years thomas2.klute Use generic cache functions for OCSP response caching With this, OCSP … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @70a1e5a   5 years thomas2.klute Introduce OCSP caching grace time A cached OCSP response must be … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @c005645   5 years thomas2.klute Mutex for DBM cache access I noticed that with a DBM cache enabled … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @8913410   5 years thomas2.klute Update copyright headers asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @fd6bb19   5 years thomas2.klute Extract OCSP access URI from the server certificate asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @fad7695   5 years thomas2.klute Store OCSP trust list in server config This avoids recreating the … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @94cb972   5 years thomas2.klute Minimal OCSP stapling implementation using externally provided … asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @9ca1f21   5 years thomas2.klute Allow loading more than one PKCS #11 module using GnuTLSP11Module … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @176047e   5 years thomas2.klute Use AP_INIT_FLAG for On/Off? config directives Letting the Apache … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @7764015   5 years thomas2.klute Update GnuTLSP11Module documentation for stricter semantics asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @e021722   6 years thomas2.klute Update copyright headers for Nikos Mavrogiannopoulos' PKCS #11 patch … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @e391197   6 years thomas2.klute Update copyright headers for C source asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @a2e3c33   6 years thomas2.klute Rename option SSLProxyEngine to GnuTLSProxyEngine This matches the … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @87f1ed2   6 years thomas2.klute Allow loading of an additional PKCS #11 provider library When using … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @4133f2d   6 years thomas2.klute Unify argument handling in mgs_set_priorities Just store the argument … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @2cde026d   6 years thomas2.klute Merge branch 'new-gnutls-api' Merge my TLS proxy implementation with … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @f030883   6 years thomas2.klute Set GnuTLS priorities for proxy connections separately Until now, … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @d04f7da   6 years thomas2.klute Version guards for gnutls_privkey_import_openpgp_raw workaround The … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @2cde8111   6 years thomas2.klute Workarounds for OpenPGP key handling Commit … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @259e835   6 years thomas2.klute Merge branch 'master' into new-gnutls-api Branch 'master' at this … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @1d9cfaf   6 years thomas2.klute gnutls_config.c: Backport function signature changes from master … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @809c422   6 years thomas2.klute TLS proxy: Add support for CRLs to back end server verification When … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @0de1839   6 years thomas2.klute Support X.509 auth for TLS proxy connections This commit adds support … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @7314438   6 years thomas2.klute Fix whitespace problems detected by git asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @beb14d9   6 years thomas2.klute Proof of concept: Support for proxy back end connections using TLS … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @031acac   7 years nmav Use the new (3.1.3+) GnuTLS APIs to obtain private keys. This allows … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @fd82e59   7 years dkg use strict compiler arguments by default (-Wall -Werror -Wextra) … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @2aaf4f5   7 years dkg implement GnuTLSExportCertificates control over max exported cert size … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @55dc3f0   7 years dkg Make Apache 2.4 display the correct module in error logs asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @671b64f   7 years dkg remove all trailing whitespace asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @cf2b905   7 years dkg MSVA: document and parse GnuTLSClientVerifyMethod directive The … asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
(edit) @7d1ab49   8 years dkg restore GnuTLSExportCertificate directive It looks to me like this … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @929d313   8 years dkg avoid use-after-free in mgs_set_key_file() asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @480aba1   8 years dkg correct context terminology for GnuTLSCache configurations "global … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @040387c   8 years dkg server-wide settings should be defaults unless overridden in a vhost … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @8400c2e   8 years dkg properly document the GnuTLSCache directive asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @3b4c0d0   8 years neuromancer * Added Comments to Header Structures * Refactored the following: … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @33826c5   9 years neuromancer mod_proxy support asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @e183628   9 years neuromancer Updated Copyright Headers & Formatting asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @443b18e   9 years neuromancer Remove Legacy LUA Code asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @b59327c   10 years nmav GnuTLSCache can now take a single argument (none). asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @e02dd8c   10 years nmav indented code asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @d8c7cf4   10 years nmav Only allow two options for DB. Berkeley DB and gdbm. The other options … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @771ca63   10 years nmav The GnuTLSCache variable now can be given the specific option "sdbm" … asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @bca274d   11 years nmav Session tickets are enabled by default. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @ae233c2   11 years nmav Added option to turn on/off session tickets. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @03a9a6b   11 years nmav Force SDBM. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @7ef38d4   12 years nmav if private key import fails try as pkcs8 key. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @8663ace   12 years nmav removed limit on ca certificates' number asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @787dab7   13 years nmav added option to disable srp (for distributions that disable it in gnutls) asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @2b3a248b   13 years nmav more changes for openpgp support. Seems to be at a workable state. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @e5bbda4   13 years nmav Initial support for openpgp keys asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @5e81262   13 years nmav Added support for sending more than one certificate. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @b077bdd   13 years nmav added more error checks. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @a3c97d1   13 years nmav better handling of RSAFile and DHFile asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @e239d1a   13 years nmav No more defaults for dhparams, rsaparams. Check for GnuTLSPriorities. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @fd73a08   13 years nmav Added support for subject alternative names. (untested) asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @7bebb42   13 years nmav upgraded to 0.4.0 asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
(edit) @836c2f9   16 years chip start the CA Certificate code. asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
Note: See TracRevisionLog for help on using the revision log.