# # ChangeLog for src/gnutls_hooks.c in mod_gnutls # # Generated by Trac 1.2 # May 27, 2020, 9:58:21 PM Mon, 29 Jun 2015 16:12:11 GMT Thomas Klute [e021722] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Update copyright headers for Nikos Mavrogiannopoulos' PKCS #11 patch ... Sat, 27 Jun 2015 17:09:27 GMT Thomas Klute [e391197] * include/mod_gnutls.h.in (modified) * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) * src/mod_gnutls.c (modified) Update copyright headers for C source Sat, 09 May 2015 00:40:02 GMT Thomas Klute [87f1ed2] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Allow loading of an additional PKCS #11 provider library When using ... Tue, 21 Apr 2015 13:08:00 GMT Thomas Klute [4133f2d] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) Unify argument handling in mgs_set_priorities Just store the ... Tue, 21 Apr 2015 12:09:54 GMT Thomas Klute [2cde026d] * README (modified) * docs/mod_gnutls_manual.mdwn (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Merge branch 'new-gnutls-api' Merge my TLS proxy implementation ... Thu, 09 Apr 2015 17:02:39 GMT Thomas Klute [f030883] * docs/mod_gnutls_manual.mdwn (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) * test/Makefile.am (modified) * test/test-23_TLS_reverse_proxy_mismatched_priorities.bash (added) * test/tests/19_TLS_reverse_proxy/apache.conf (modified) * test/tests/20_TLS_reverse_proxy_client_auth/apache.conf (modified) * test/tests/21_TLS_reverse_proxy_wrong_cert/apache.conf (modified) * test/tests/22_TLS_reverse_proxy_crl_revoke/apache.conf (modified) * test/tests/23_TLS_reverse_proxy_mismatched_priorities/apache.conf (added) * test/tests/23_TLS_reverse_proxy_mismatched_priorities/backend.conf (added) * test/tests/23_TLS_reverse_proxy_mismatched_priorities/gnutls-cli.args (added) * test/tests/23_TLS_reverse_proxy_mismatched_priorities/input (added) * test/tests/23_TLS_reverse_proxy_mismatched_priorities/output (added) Set GnuTLS priorities for proxy connections separately Until now, ... Tue, 07 Apr 2015 16:28:40 GMT Thomas Klute [d04f7da] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) Version guards for gnutls_privkey_import_openpgp_raw workaround The ... Tue, 07 Apr 2015 09:13:59 GMT Thomas Klute [8b472af] * src/gnutls_hooks.c (modified) * test/tests/19_TLS_reverse_proxy/apache.conf (modified) * test/tests/20_TLS_reverse_proxy_client_auth/apache.conf (modified) * test/tests/21_TLS_reverse_proxy_wrong_cert/apache.conf (modified) * test/tests/22_TLS_reverse_proxy_crl_revoke/apache.conf (modified) Use server root for file paths in TLS proxy config This is what ... Sun, 05 Apr 2015 22:20:59 GMT Thomas Klute [2cde8111] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) Workarounds for OpenPGP key handling Commit ... Sat, 04 Apr 2015 21:17:18 GMT Thomas Klute [01b5d85] * src/gnutls_hooks.c (modified) * test/Makefile.am (modified) * test/runtests (modified) * test/test-18_client_verification_wrong_cert.bash (added) * test/tests/18_client_verification_wrong_cert/apache.conf (added) * test/tests/18_client_verification_wrong_cert/gnutls-cli.args (added) * test/tests/18_client_verification_wrong_cert/input (added) * test/tests/18_client_verification_wrong_cert/output (added) Merge branch 'client-verify-fix' into new-gnutls-api Merge the fix ... Sat, 04 Apr 2015 21:03:43 GMT Thomas Klute [c4a015b] * Makefile.am (modified) * README (modified) * configure.ac (modified) * include/mod_gnutls.h.in (modified) * run_tests.sh (deleted) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) * t/newtest (deleted) * test/.gitignore (moved) * test/Makefile.am (added) * test/README (moved) * test/TestMakefile (moved) * test/authority.template.in (moved) * test/authority.uid (moved) * test/base_apache.conf (moved) * test/client.template.in (moved) * test/client.uid (moved) * test/data/dump.cgi (moved) * test/data/secret.txt (moved) * test/data/test.txt (moved) * test/imposter.template (moved) * test/imposter.uid (moved) * test/mime.types (moved) * test/newtest (added) * test/rogueca.template (moved) * test/rogueca.uid (moved) * test/runtests (moved) * test/server.template.in (moved) * test/server.uid.in (moved) * test/setup (moved) * test/test-00_basic.bash (added) * test/test-01_serverwide_priorities.bash (added) * test/test-02_cache_in_vhost.bash (added) * test/test-03_cachetimeout_in_vhost.bash (added) * test/test-04_basic_nosni.bash (added) * test/test-05_mismatched-priorities.bash (added) * test/test-06_verify_sni_a.bash (added) * test/test-07_verify_sni_b.bash (added) * test/test-08_verify_no_sni_fallback_to_first_vhost.bash (added) * test/test-09_verify_no_sni_fails_with_wrong_order.bash (added) * test/test-10_basic_client_verification.bash (added) * test/test-11_basic_client_verification_fail.bash (added) * test/test-12_cgi_variables.bash (added) * test/test-13_cgi_variables_no_client_cert.bash (added) * test/test-14_basic_openpgp.bash (added) * test/test-15_basic_msva.bash (added) * test/test-16_view-status.bash (added) * test/test-17_cgi_vars_large_cert.bash (added) * test/tests/00_basic/apache.conf (moved) * test/tests/00_basic/gnutls-cli.args (moved) * test/tests/00_basic/input (moved) * test/tests/00_basic/output (moved) * test/tests/01_serverwide_priorities/apache.conf (moved) * test/tests/01_serverwide_priorities/gnutls-cli.args (moved) * test/tests/01_serverwide_priorities/input (moved) * test/tests/01_serverwide_priorities/output (moved) * test/tests/02_cache_in_vhost/apache.conf (moved) * test/tests/02_cache_in_vhost/fail.server (moved) * test/tests/02_cache_in_vhost/gnutls-cli.args (moved) * test/tests/02_cache_in_vhost/input (moved) * test/tests/03_cachetimeout_in_vhost/apache.conf (moved) * test/tests/03_cachetimeout_in_vhost/fail.server (moved) * test/tests/03_cachetimeout_in_vhost/gnutls-cli.args (moved) * test/tests/03_cachetimeout_in_vhost/input (moved) * test/tests/04_basic_nosni/apache.conf (moved) * test/tests/04_basic_nosni/gnutls-cli.args (moved) * test/tests/04_basic_nosni/input (moved) * test/tests/04_basic_nosni/output (moved) * test/tests/05_mismatched-priorities/apache.conf (moved) * test/tests/05_mismatched-priorities/fail.client (moved) * test/tests/05_mismatched-priorities/gnutls-cli.args (moved) * test/tests/05_mismatched-priorities/input (moved) * test/tests/06_verify_sni_a/apache.conf (moved) * test/tests/06_verify_sni_a/gnutls-cli.args (moved) * test/tests/06_verify_sni_a/input (moved) * test/tests/06_verify_sni_a/output (moved) * test/tests/07_verify_sni_b/apache.conf (moved) * test/tests/07_verify_sni_b/gnutls-cli.args (moved) * test/tests/07_verify_sni_b/input (moved) * test/tests/07_verify_sni_b/output (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/apache.conf (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/gnutls-cli.args (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/input (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/output (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/apache.conf (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/fail.client (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/gnutls-cli.args (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/input (moved) * test/tests/10_basic_client_verification/apache.conf (moved) * test/tests/10_basic_client_verification/gnutls-cli.args (moved) * test/tests/10_basic_client_verification/input (moved) * test/tests/10_basic_client_verification/output (moved) * test/tests/11_basic_client_verification_fail/apache.conf (moved) * test/tests/11_basic_client_verification_fail/fail.client (moved) * test/tests/11_basic_client_verification_fail/gnutls-cli.args (moved) * test/tests/11_basic_client_verification_fail/input (moved) * test/tests/12_cgi_variables/apache.conf (moved) * test/tests/12_cgi_variables/gnutls-cli.args (moved) * test/tests/12_cgi_variables/input (moved) * test/tests/12_cgi_variables/output (moved) * test/tests/13_cgi_variables_no_client_cert/apache.conf (moved) * test/tests/13_cgi_variables_no_client_cert/gnutls-cli.args (moved) * test/tests/13_cgi_variables_no_client_cert/input (moved) * test/tests/13_cgi_variables_no_client_cert/output (moved) * test/tests/14_basic_openpgp/apache.conf (moved) * test/tests/14_basic_openpgp/gnutls-cli.args (moved) * test/tests/14_basic_openpgp/input (moved) * test/tests/14_basic_openpgp/output (moved) * test/tests/15_basic_msva/apache.conf (moved) * test/tests/15_basic_msva/gnutls-cli.args (moved) * test/tests/15_basic_msva/input (moved) * test/tests/15_basic_msva/output (moved) * test/tests/16_view-status/apache.conf (moved) * test/tests/16_view-status/gnutls-cli.args (moved) * test/tests/16_view-status/input (moved) * test/tests/16_view-status/output (moved) * test/tests/17_cgi_vars_large_cert/apache.conf (moved) * test/tests/17_cgi_vars_large_cert/gnutls-cli.args (moved) * test/tests/17_cgi_vars_large_cert/input (moved) * test/tests/17_cgi_vars_large_cert/output (moved) Merge branch 'split-testsuite' into new-gnutls-api OpenPGP support ... Sat, 04 Apr 2015 20:57:10 GMT Thomas Klute [259e835] * configure.ac (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) * src/mod_gnutls.c (modified) * t/Makefile (modified) * t/setup (modified) Merge branch 'master' into new-gnutls-api Branch 'master' at this ... Fri, 03 Apr 2015 00:48:19 GMT Thomas Klute [809c422] * docs/mod_gnutls_manual.mdwn (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) TLS proxy: Add support for CRLs to back end server verification ... Thu, 02 Apr 2015 23:51:48 GMT Thomas Klute [bd24203] * include/mod_gnutls.h.in (modified) * src/gnutls_hooks.c (modified) Explicitly build trust list for proxy connections This change ... Tue, 31 Mar 2015 10:12:22 GMT Thomas Klute [7d2123d] * src/gnutls_hooks.c (modified) Log errors while loading proxy certificate trust list The way the ... Thu, 19 Mar 2015 15:40:40 GMT Thomas Klute [6bbc00a] * src/gnutls_hooks.c (modified) Check hostname of proxy back end server against certificate ... Thu, 19 Mar 2015 12:27:45 GMT Thomas Klute [0de1839] * README (modified) * configure.ac (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Support X.509 auth for TLS proxy connections This commit adds ... Mon, 16 Feb 2015 16:17:07 GMT Thomas Klute [b324906] * Makefile.am (modified) * configure.ac (modified) * run_tests.sh (deleted) * src/gnutls_hooks.c (modified) * t/newtest (deleted) * test/.gitignore (moved) * test/Makefile.am (added) * test/README (moved) * test/TestMakefile (moved) * test/authority.template.in (moved) * test/authority.uid (moved) * test/base_apache.conf (moved) * test/client.template.in (moved) * test/client.uid (moved) * test/data/dump.cgi (moved) * test/data/secret.txt (moved) * test/data/test.txt (moved) * test/imposter.template (moved) * test/imposter.uid (moved) * test/mime.types (moved) * test/newtest (added) * test/rogueca.template (moved) * test/rogueca.uid (moved) * test/runtests (moved) * test/server.template.in (moved) * test/server.uid.in (moved) * test/setup (moved) * test/test-00_basic.bash (added) * test/test-01_serverwide_priorities.bash (added) * test/test-02_cache_in_vhost.bash (added) * test/test-03_cachetimeout_in_vhost.bash (added) * test/test-04_basic_nosni.bash (added) * test/test-05_mismatched-priorities.bash (added) * test/test-06_verify_sni_a.bash (added) * test/test-07_verify_sni_b.bash (added) * test/test-08_verify_no_sni_fallback_to_first_vhost.bash (added) * test/test-09_verify_no_sni_fails_with_wrong_order.bash (added) * test/test-10_basic_client_verification.bash (added) * test/test-11_basic_client_verification_fail.bash (added) * test/test-12_cgi_variables.bash (added) * test/test-13_cgi_variables_no_client_cert.bash (added) * test/test-14_basic_openpgp.bash (added) * test/test-15_basic_msva.bash (added) * test/test-16_view-status.bash (added) * test/test-17_cgi_vars_large_cert.bash (added) * test/test-18_client_verification_wrong_cert.bash (added) * test/tests/00_basic/apache.conf (moved) * test/tests/00_basic/gnutls-cli.args (moved) * test/tests/00_basic/input (moved) * test/tests/00_basic/output (moved) * test/tests/01_serverwide_priorities/apache.conf (moved) * test/tests/01_serverwide_priorities/gnutls-cli.args (moved) * test/tests/01_serverwide_priorities/input (moved) * test/tests/01_serverwide_priorities/output (moved) * test/tests/02_cache_in_vhost/apache.conf (moved) * test/tests/02_cache_in_vhost/fail.server (moved) * test/tests/02_cache_in_vhost/gnutls-cli.args (moved) * test/tests/02_cache_in_vhost/input (moved) * test/tests/03_cachetimeout_in_vhost/apache.conf (moved) * test/tests/03_cachetimeout_in_vhost/fail.server (moved) * test/tests/03_cachetimeout_in_vhost/gnutls-cli.args (moved) * test/tests/03_cachetimeout_in_vhost/input (moved) * test/tests/04_basic_nosni/apache.conf (moved) * test/tests/04_basic_nosni/gnutls-cli.args (moved) * test/tests/04_basic_nosni/input (moved) * test/tests/04_basic_nosni/output (moved) * test/tests/05_mismatched-priorities/apache.conf (moved) * test/tests/05_mismatched-priorities/fail.client (moved) * test/tests/05_mismatched-priorities/gnutls-cli.args (moved) * test/tests/05_mismatched-priorities/input (moved) * test/tests/06_verify_sni_a/apache.conf (moved) * test/tests/06_verify_sni_a/gnutls-cli.args (moved) * test/tests/06_verify_sni_a/input (moved) * test/tests/06_verify_sni_a/output (moved) * test/tests/07_verify_sni_b/apache.conf (moved) * test/tests/07_verify_sni_b/gnutls-cli.args (moved) * test/tests/07_verify_sni_b/input (moved) * test/tests/07_verify_sni_b/output (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/apache.conf (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/gnutls-cli.args (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/input (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/output (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/apache.conf (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/fail.client (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/gnutls-cli.args (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/input (moved) * test/tests/10_basic_client_verification/apache.conf (moved) * test/tests/10_basic_client_verification/gnutls-cli.args (moved) * test/tests/10_basic_client_verification/input (moved) * test/tests/10_basic_client_verification/output (moved) * test/tests/11_basic_client_verification_fail/apache.conf (moved) * test/tests/11_basic_client_verification_fail/fail.client (moved) * test/tests/11_basic_client_verification_fail/gnutls-cli.args (moved) * test/tests/11_basic_client_verification_fail/input (moved) * test/tests/12_cgi_variables/apache.conf (moved) * test/tests/12_cgi_variables/gnutls-cli.args (moved) * test/tests/12_cgi_variables/input (moved) * test/tests/12_cgi_variables/output (moved) * test/tests/13_cgi_variables_no_client_cert/apache.conf (moved) * test/tests/13_cgi_variables_no_client_cert/gnutls-cli.args (moved) * test/tests/13_cgi_variables_no_client_cert/input (moved) * test/tests/13_cgi_variables_no_client_cert/output (moved) * test/tests/14_basic_openpgp/apache.conf (moved) * test/tests/14_basic_openpgp/gnutls-cli.args (moved) * test/tests/14_basic_openpgp/input (moved) * test/tests/14_basic_openpgp/output (moved) * test/tests/15_basic_msva/apache.conf (moved) * test/tests/15_basic_msva/gnutls-cli.args (moved) * test/tests/15_basic_msva/input (moved) * test/tests/15_basic_msva/output (moved) * test/tests/16_view-status/apache.conf (moved) * test/tests/16_view-status/gnutls-cli.args (moved) * test/tests/16_view-status/input (moved) * test/tests/16_view-status/output (moved) * test/tests/17_cgi_vars_large_cert/apache.conf (moved) * test/tests/17_cgi_vars_large_cert/gnutls-cli.args (moved) * test/tests/17_cgi_vars_large_cert/input (moved) * test/tests/17_cgi_vars_large_cert/output (moved) * test/tests/18_client_verification_wrong_cert/apache.conf (added) * test/tests/18_client_verification_wrong_cert/gnutls-cli.args (added) * test/tests/18_client_verification_wrong_cert/input (added) * test/tests/18_client_verification_wrong_cert/output (added) Merge branch 'client-verify-fix' into tls-proxy Most importantly, ... Thu, 05 Feb 2015 13:48:45 GMT Thomas Klute [5a8a32b] * src/gnutls_hooks.c (modified) TLS Client auth: Check server verify mode if unset for dir The ... Tue, 03 Feb 2015 11:31:46 GMT Thomas Klute [b429e4c] * src/gnutls_hooks.c (modified) Cleanup handler for proxy TLS connections When handling client ... Tue, 03 Feb 2015 08:42:11 GMT Thomas Klute [d7a8286] * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Remove debug log messages for allocating connection config memory ... Tue, 27 Jan 2015 12:20:27 GMT Thomas Klute [beb14d9] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) Proof of concept: Support for proxy back end connections using TLS ... Tue, 27 Jan 2015 10:48:53 GMT Thomas Klute [c1ef069] * include/mod_gnutls.h.in (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Record if a connection is a proxy connection When handling a proxy ... Tue, 27 Jan 2015 08:38:35 GMT Thomas Klute [5342265] * src/gnutls_hooks.c (modified) Close last for loop in mgs_find_sni_server The closing brace for ... Mon, 26 Jan 2015 16:41:05 GMT Thomas Klute [07d548d] * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Properly use SSLProxyEngine option ssl_proxy_enable now checks if ... Tue, 20 Jan 2015 15:45:39 GMT Thomas Klute [e8acf05] * include/mod_gnutls.h.in (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Enable/disable TLS per connection in ssl_engine_disable Previously, ... Tue, 20 Jan 2015 14:55:03 GMT Thomas Klute [e4b58b6] * src/gnutls_hooks.c (modified) Check error codes during GnuTLS connection init These calls ... Thu, 03 Jul 2014 17:00:29 GMT Nikos Mavrogiannopoulos [031acac] * README (modified) * configure.ac (modified) * docs/mod_gnutls_manual.mdwn (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Use the new (3.1.3+) GnuTLS APIs to obtain private keys. This ... Thu, 27 Feb 2014 07:26:26 GMT Daniel Kahn Gillmor [fd82e59] * configure.ac (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) * src/mod_gnutls.c (modified) use strict compiler arguments by default (-Wall -Werror -Wextra) ... Sun, 23 Feb 2014 18:45:01 GMT Daniel Kahn Gillmor [765cac2] * src/gnutls_hooks.c (modified) clean up MGS_SIDE abuse of apr_pstrcat We were allocating twice as ... Sun, 23 Feb 2014 18:05:31 GMT Daniel Kahn Gillmor [2aaf4f5] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) implement GnuTLSExportCertificates control over max exported cert ... Thu, 20 Feb 2014 16:16:22 GMT Daniel Kahn Gillmor [55dc3f0] * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) Make Apache 2.4 display the correct module in error logs Mon, 17 Feb 2014 21:32:08 GMT Daniel Kahn Gillmor [83eafed] * src/gnutls_hooks.c (modified) avoid a very unlikely NULL dereference Thu, 13 Feb 2014 20:40:44 GMT Daniel Kahn Gillmor [4ec9183] * src/gnutls_hooks.c (modified) Include GnuTLS version as additional version component in Server ... Sun, 08 Dec 2013 17:55:08 GMT Daniel Kahn Gillmor [46de753] * src/gnutls_hooks.c (modified) fix build against GnuTLS 2.12.x Tue, 03 Dec 2013 23:49:15 GMT Daniel Kahn Gillmor [671b64f] * include/mod_gnutls.h.in (modified) * src/Makefile.am (modified) * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) * src/mod_gnutls.c (modified) remove all trailing whitespace Tue, 03 Dec 2013 23:49:15 GMT Daniel Kahn Gillmor [9720026] * src/gnutls_hooks.c (modified) silly newline cleanup Tue, 03 Dec 2013 23:49:10 GMT Daniel Kahn Gillmor [5674676] * docs/manual.mdwn (modified) * docs/mod_gnutls_manual.mdwn (modified) * src/gnutls_hooks.c (modified) * t/data/dump.cgi (modified) * t/tests/12_cgi_variables/gnutls-cli.args (modified) * t/tests/12_cgi_variables/output (modified) * t/tests/13_cgi_variables_no_client_cert/output (modified) add SSL_DH_PRIME_BITS to expose the size of the DH modulus to CGI Tue, 03 Dec 2013 21:28:42 GMT Daniel Kahn Gillmor [b4739cd] * src/gnutls_hooks.c (modified) display some information in mod_status Sat, 16 Nov 2013 07:46:50 GMT Daniel Kahn Gillmor [b55bf71] * src/gnutls_hooks.c (modified) accept the e-mail address in the cert Subject if no sAN e-mail is present Sat, 16 Nov 2013 07:46:50 GMT Daniel Kahn Gillmor [a01f8ab] * src/gnutls_hooks.c (modified) upgrade to libmsv 0.1 API Sat, 16 Nov 2013 07:46:50 GMT Daniel Kahn Gillmor [832182b] * src/gnutls_hooks.c (modified) extracting the user ID from a certificate cleanly. Sat, 16 Nov 2013 07:46:50 GMT Daniel Kahn Gillmor [5c0d491] * src/gnutls_hooks.c (modified) MSVA: successful communication between apache and the agent This is ... Sat, 16 Nov 2013 07:46:50 GMT Daniel Kahn Gillmor [07889ab] * src/gnutls_hooks.c (modified) MSVA: some initial framework Sat, 16 Nov 2013 07:46:50 GMT Daniel Kahn Gillmor [cf2b905] * docs/manual.mdwn (added) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) MSVA: document and parse GnuTLSClientVerifyMethod directive The ... Mon, 15 Apr 2013 20:35:14 GMT Daniel Kahn Gillmor [6bb2474] * src/gnutls_hooks.c (modified) Changed Default Export Of Full PEM Certificates To FALSE This ... Wed, 30 Jan 2013 04:00:15 GMT Daniel Kahn Gillmor [b1c2b01] * src/gnutls_hooks.c (modified) avoid a segfault if no X.509 certificates are present during vhost_cb Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [7d1ab49] * docs/mod_gnutls_manual-0.1.html (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) restore GnuTLSExportCertificate directive It looks to me like this ... Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [c0dd3ab] * src/gnutls_hooks.c (modified) avoid invoking gnutls_transport_get_ptr on a NULL session Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [b668622] * src/gnutls_hooks.c (modified) Do not override the configured GnuTLS priority string. This fixes ... Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [8985a6b] * src/gnutls_hooks.c (modified) allow certificate use for clients without SNI The test removed here ... Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [9ecd212] * src/gnutls_hooks.c (modified) avoid embedding extra/unnecessary newlines in logs Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [932b68e] * src/gnutls_hooks.c (modified) Check for the version of GnuTLS we built against Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [cb5188f] * src/gnutls_hooks.c (modified) fatal library initialization error logs should be at APLOG_EMERG ... Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [421ef1c] * src/gnutls_hooks.c (modified) deal responsibly with grave failures in pre_config hook If a ... Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [040387c] * include/mod_gnutls.h.in (modified) * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) server-wide settings should be defaults unless overridden in a vhost ... Tue, 29 Jan 2013 20:41:38 GMT Daniel Kahn Gillmor [369f47a] * docs/mod_gnutls_manual-0.1.html (modified) * src/gnutls_hooks.c (modified) avoid calling gnutls_srp_server_get_username() unless SRP is configured Tue, 29 Jan 2013 20:41:38 GMT Daniel Kahn Gillmor [b8df283] * src/gnutls_hooks.c (modified) use gnutls_datum_t instead of the deprecated gnutls_datum Tue, 29 Jan 2013 20:41:38 GMT Daniel Kahn Gillmor [2b76a9c] * docs/mod_gnutls_manual-0.1.html (modified) * src/gnutls_hooks.c (modified) X.509 certificates are ordered EE first (see ... Tue, 29 Jan 2013 20:41:38 GMT Daniel Kahn Gillmor [6055aff] * src/gnutls_hooks.c (modified) warn if the server hostname cannot be found in the certificate Tue, 29 Jan 2013 20:41:38 GMT Daniel Kahn Gillmor [e2b936e] * src/gnutls_hooks.c (modified) no longer using first_run since 31645b2ad; remove it Fri, 21 Dec 2012 04:29:16 GMT Dash Shendy [3b4c0d0] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * Added Comments to Header Structures * Refactored the following: ... Thu, 22 Nov 2012 18:12:35 GMT Dash Shendy [cb60afc] * src/gnutls_hooks.c (modified) Bugfix: check_server_aliases() Signed-off-by: Dash Shendy ... Wed, 14 Nov 2012 22:24:57 GMT Dash Shendy [e3d36c7] * src/gnutls_hooks.c (modified) Fixed conditional ServerAlias names' & wildcards' matching ... Sun, 11 Nov 2012 21:04:15 GMT Dash Shendy [14d718f] * src/gnutls_hooks.c (modified) Added support for wildcards in ServerAlias configuration directive ... Sun, 11 Nov 2012 02:06:32 GMT Dash Shendy [9ee0464] * include/mod_gnutls.h.in (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) Compilation Errors Cleanup Signed-off-by: Dash Shendy ... Wed, 07 Dec 2011 05:22:48 GMT Dash Shendy [37f8282] * include/mod_gnutls.h.in (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) mod_proxy support continued Signed-off-by: Dash Shendy ... Tue, 04 Oct 2011 11:01:32 GMT Dash Shendy [33826c5] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) * src/mod_gnutls.c (modified) mod_proxy support Mon, 03 Oct 2011 13:15:50 GMT Dash Shendy [da8c2fe] * src/gnutls_hooks.c (modified) Debug logging fix up Mon, 03 Oct 2011 12:54:22 GMT Dash Shendy [74f798f] * src/gnutls_hooks.c (modified) Added Debug logging and user warning for not spec. DH Params Mon, 03 Oct 2011 12:08:37 GMT Dash Shendy [fe42bfb] * src/gnutls_hooks.c (modified) Compilation Warnings Fixup Mon, 03 Oct 2011 11:28:42 GMT Dash Shendy [410d216] * src/gnutls_cache.c (modified) * src/gnutls_hooks.c (modified) Generate DH params instead of using the static ones Mon, 26 Sep 2011 04:00:52 GMT Dash Shendy [b3eb741] * src/gnutls_hooks.c (modified) Removed Obselete static const int protocol_priority[] Mon, 26 Sep 2011 03:59:48 GMT Dash Shendy [0cfcbf3] * src/gnutls_hooks.c (modified) Removed DEBUGLOG Mon, 26 Sep 2011 03:57:38 GMT Dash Shendy [b7098b2] * src/gnutls_hooks.c (modified) ServerAlias Directive Fix (For Apache 2.0.x) Mon, 26 Sep 2011 03:48:04 GMT Dash Shendy [8581fac] * src/gnutls_hooks.c (modified) Compilation Errors Fixup Mon, 26 Sep 2011 03:41:30 GMT Dash Shendy [8764d0d] * src/gnutls_hooks.c (modified) ServerAlias Directive Fix Mon, 26 Sep 2011 01:39:45 GMT Dash Shendy [d2ee1a1] * src/gnutls_hooks.c (modified) Removed obselete function ... Mon, 26 Sep 2011 01:32:57 GMT Dash Shendy [cf10d49] * src/gnutls_hooks.c (modified) Added new definition for function cert_retrieve_fn() Mon, 26 Sep 2011 01:25:50 GMT Dash Shendy [d0be765] * src/gnutls_hooks.c (modified) Added some comments Mon, 26 Sep 2011 01:15:02 GMT Dash Shendy [9180a60] * src/gnutls_hooks.c (modified) Applied New Functions Patch from Nikos Tue, 20 Sep 2011 03:58:43 GMT Dash Shendy [e183628] * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) * src/mod_gnutls.c (modified) Updated Copyright Headers & Formatting Fri, 08 Jul 2011 21:04:16 GMT Dash Shendy [60cf11c] * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) Proxy (TLS termination) patch Signed-off-by: Dash Shendy ... Tue, 16 Nov 2010 14:05:30 GMT Nikos Mavrogiannopoulos [b59327c] * NEWS (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) GnuTLSCache can now take a single argument (none). Mon, 25 Oct 2010 19:21:04 GMT Nikos Mavrogiannopoulos [e02dd8c] * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) * src/gnutls_lua.c (modified) * src/mod_gnutls.c (modified) indented code Wed, 18 Aug 2010 18:41:36 GMT Nikos Mavrogiannopoulos [368b574] * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) Safer usage of session variable to prevent segmentation faults on ... Fri, 02 Jul 2010 13:15:52 GMT Nikos Mavrogiannopoulos [7fec961] * src/gnutls_hooks.c (modified) Depend on libgnutls for the activation and expiration time checks. Thu, 01 Jul 2010 01:09:56 GMT Nikos Mavrogiannopoulos [ae233c2] * NEWS (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Added option to turn on/off session tickets. Wed, 30 Jun 2010 20:18:48 GMT Nikos Mavrogiannopoulos [3928f79] * src/gnutls_hooks.c (modified) More libgcrypt fixes. Wed, 30 Jun 2010 18:16:35 GMT Nikos Mavrogiannopoulos [0499540] * include/mod_gnutls.h.in (modified) * src/gnutls_hooks.c (modified) Use libgcrypt calls only if gnutls is older than 2.11.0 Sun, 27 Jun 2010 18:10:12 GMT Nikos Mavrogiannopoulos [8e98518] * src/gnutls_hooks.c (modified) properly initialize variable. Sun, 27 Jun 2010 17:55:53 GMT Nikos Mavrogiannopoulos [ed07ddf] * src/gnutls_hooks.c (modified) Added support for session tickets. Mon, 20 Jul 2009 21:08:39 GMT Nokis Mavrogiannopoulos [67101aa] * src/gnutls_hooks.c (modified) Applied patch of jmdesp that allows certificate lists by client. Tue, 30 Jun 2009 18:42:11 GMT Nokis Mavrogiannopoulos [c38a4e9] * src/gnutls_hooks.c (modified) Avoid requesting certificate from client when we already have it. ... Tue, 30 Jun 2009 18:37:28 GMT Nokis Mavrogiannopoulos [1c90c18] * src/gnutls_hooks.c (modified) Applied patch by AlainKnaff to correctly verify certificates per ... Tue, 30 Jun 2009 18:14:23 GMT Nokis Mavrogiannopoulos [377a900] * src/gnutls_hooks.c (modified) set srp username to empty string. Solves ... Tue, 30 Jun 2009 18:02:38 GMT Nokis Mavrogiannopoulos [f7a7d66] * src/gnutls_hooks.c (modified) Allow openpgp certificates that have infinite expiration time. ... Sun, 04 Jan 2009 15:52:40 GMT Nokis Mavrogiannopoulos [56f3628] * src/gnutls_hooks.c (modified) Added patch to fix issue with mod_proxy. Investigation and patch by ... Sun, 02 Nov 2008 13:22:51 GMT Nokis Mavrogiannopoulos [1a53be1] * src/gnutls_hooks.c (modified) APLOG_EMERG was replaced with APLOG_STARTUP for startup messages. Wed, 01 Oct 2008 16:06:35 GMT Nokis Mavrogiannopoulos [52149ee] * src/gnutls_hooks.c (modified) Allow openpgp-only sites