|
|
@b4739cd
|
7 years |
dkg |
display some information in mod_status
asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
|
|
|
@b55bf71
|
7 years |
dkg |
accept the e-mail address in the cert Subject if no sAN e-mail is present
asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
|
|
|
@a01f8ab
|
7 years |
dkg |
upgrade to libmsv 0.1 API
asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
|
|
|
@832182b
|
7 years |
dkg |
extracting the user ID from a certificate cleanly.
asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
|
|
|
@5c0d491
|
7 years |
dkg |
MSVA: successful communication between apache and the agent
This is …
asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
|
|
|
@07889ab
|
7 years |
dkg |
MSVA: some initial framework
asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
|
|
|
@cf2b905
|
7 years |
dkg |
MSVA: document and parse GnuTLSClientVerifyMethod directive
The …
asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
|
|
|
@6bb2474
|
8 years |
dkg |
Changed Default Export Of Full PEM Certificates To FALSE
This matches …
asynciodebian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
|
|
|
@b1c2b01
|
8 years |
dkg |
avoid a segfault if no X.509 certificates are present during vhost_cb
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@7d1ab49
|
8 years |
dkg |
restore GnuTLSExportCertificate directive
It looks to me like this …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@c0dd3ab
|
8 years |
dkg |
avoid invoking gnutls_transport_get_ptr on a NULL session
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@b668622
|
8 years |
dkg |
Do not override the configured GnuTLS priority string.
This fixes …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@8985a6b
|
8 years |
dkg |
allow certificate use for clients without SNI
The test removed here …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@9ecd212
|
8 years |
dkg |
avoid embedding extra/unnecessary newlines in logs
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@932b68e
|
8 years |
dkg |
Check for the version of GnuTLS we built against
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@cb5188f
|
8 years |
dkg |
fatal library initialization error logs should be at APLOG_EMERG
…
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@421ef1c
|
8 years |
dkg |
deal responsibly with grave failures in pre_config hook
If a …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@040387c
|
8 years |
dkg |
server-wide settings should be defaults unless overridden in a vhost
…
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@369f47a
|
8 years |
dkg |
avoid calling gnutls_srp_server_get_username() unless SRP is configured
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@b8df283
|
8 years |
dkg |
use gnutls_datum_t instead of the deprecated gnutls_datum
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@2b76a9c
|
8 years |
dkg |
X.509 certificates are ordered EE first (see …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@6055aff
|
8 years |
dkg |
warn if the server hostname cannot be found in the certificate
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@e2b936e
|
8 years |
dkg |
no longer using first_run since 31645b2ad; remove it
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@3b4c0d0
|
8 years |
neuromancer |
* Added Comments to Header Structures
* Refactored the following: …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@cb60afc
|
8 years |
neuromancer |
Bugfix: check_server_aliases()
Signed-off-by: Dash Shendy …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@e3d36c7
|
8 years |
neuromancer |
Fixed conditional ServerAlias? names' & wildcards' matching
…
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@14d718f
|
8 years |
neuromancer |
Added support for wildcards in ServerAlias? configuration directive
…
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@9ee0464
|
8 years |
neuromancer |
Compilation Errors Cleanup
Signed-off-by: Dash Shendy …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@37f8282
|
9 years |
neuromancer |
mod_proxy support continued
Signed-off-by: Dash Shendy …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@33826c5
|
9 years |
neuromancer |
mod_proxy support
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@da8c2fe
|
9 years |
neuromancer |
Debug logging fix up
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@74f798f
|
9 years |
neuromancer |
Added Debug logging and user warning for not spec. DH Params
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@fe42bfb
|
9 years |
neuromancer |
Compilation Warnings Fixup
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@410d216
|
9 years |
neuromancer |
Generate DH params instead of using the static ones
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@b3eb741
|
9 years |
neuromancer |
Removed Obselete static const int protocol_priority[]
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@0cfcbf3
|
9 years |
neuromancer |
Removed DEBUGLOG
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@b7098b2
|
9 years |
neuromancer |
ServerAlias? Directive Fix (For Apache 2.0.x)
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@8581fac
|
9 years |
neuromancer |
Compilation Errors Fixup
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@8764d0d
|
9 years |
neuromancer |
ServerAlias? Directive Fix
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@d2ee1a1
|
9 years |
neuromancer |
Removed obselete function gnutls_certificate_server_set_retrieve_function()
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@cf10d49
|
9 years |
neuromancer |
Added new definition for function cert_retrieve_fn()
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@d0be765
|
9 years |
neuromancer |
Added some comments
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@9180a60
|
9 years |
neuromancer |
Applied New Functions Patch from Nikos
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@e183628
|
9 years |
neuromancer |
Updated Copyright Headers & Formatting
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@60cf11c
|
10 years |
neuromancer |
Proxy (TLS termination) patch
Signed-off-by: Dash Shendy …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@b59327c
|
10 years |
nmav |
GnuTLSCache can now take a single argument (none).
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@e02dd8c
|
10 years |
nmav |
indented code
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@368b574
|
10 years |
nmav |
Safer usage of session variable to prevent segmentation faults on …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@7fec961
|
11 years |
nmav |
Depend on libgnutls for the activation and expiration time checks.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@ae233c2
|
11 years |
nmav |
Added option to turn on/off session tickets.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@3928f79
|
11 years |
nmav |
More libgcrypt fixes.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@0499540
|
11 years |
nmav |
Use libgcrypt calls only if gnutls is older than 2.11.0
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@8e98518
|
11 years |
nmav |
properly initialize variable.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@ed07ddf
|
11 years |
nmav |
Added support for session tickets.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@67101aa
|
12 years |
nmav |
Applied patch of jmdesp that allows certificate lists by client.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@c38a4e9
|
12 years |
nmav |
Avoid requesting certificate from client when we already have it. …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@1c90c18
|
12 years |
nmav |
Applied patch by AlainKnaff? to correctly verify certificates per …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@377a900
|
12 years |
nmav |
set srp username to empty string. Solves …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@f7a7d66
|
12 years |
nmav |
Allow openpgp certificates that have infinite expiration time. …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@56f3628
|
12 years |
nmav |
Added patch to fix issue with mod_proxy. Investigation and patch by …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@1a53be1
|
12 years |
nmav |
APLOG_EMERG was replaced with APLOG_STARTUP for startup messages.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@52149ee
|
12 years |
nmav |
Allow openpgp-only sites
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@a208cd3
|
12 years |
nmav |
better logging
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@26b08fd
|
12 years |
nmav |
updated README file to account for openpgp keys --patch by Jack Bates
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@df34f08
|
12 years |
nmav |
added check for invalid context
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@1897a1c
|
13 years |
nmav |
depend on main libgnutls library (and gnutls 2.4.x)
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@787dab7
|
13 years |
nmav |
added option to disable srp (for distributions that disable it in gnutls)
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@f548f15
|
13 years |
nmav |
prepare for an alpha release
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@e6f648a
|
13 years |
nmav |
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@2b3a248b
|
13 years |
nmav |
more changes for openpgp support. Seems to be at a workable state.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@8bd529f
|
13 years |
nmav |
print error if preconfiguration fails
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@e5bbda4
|
13 years |
nmav |
Initial support for openpgp keys
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@619953c
|
13 years |
nmav |
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@25dad18
|
13 years |
nmav |
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@ae4a2b0
|
13 years |
nmav |
Corrected bug which did not allow the TLS session cache to be used.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@5e81262
|
13 years |
nmav |
Added support for sending more than one certificate.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@b077bdd
|
13 years |
nmav |
added more error checks.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@a3c97d1
|
13 years |
nmav |
better handling of RSAFile and DHFile
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@2226711
|
13 years |
nmav |
report the missing GnuTLSPriorities for the gnutls enabled hosts only.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@e239d1a
|
13 years |
nmav |
No more defaults for dhparams, rsaparams. Check for GnuTLSPriorities.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@ea470be
|
13 years |
nmav |
The compatibility mode can now be enabled only using the …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@af4998e
|
13 years |
nmav |
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@36736d4
|
13 years |
nmav |
added SSL_SERVER/CLIENT_S_TYPE
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@a5dc815
|
13 years |
nmav |
export the alternative names of the certificate
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@ee65fcb
|
13 years |
nmav |
added SSL_SERVER_M_SERIAL environment variable
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@717206c
|
13 years |
nmav |
more fixes for subject alternative name.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@41f7031
|
13 years |
nmav |
some fixes in alternative name support
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@fd73a08
|
13 years |
nmav |
Added support for subject alternative names. (untested)
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@7bebb42
|
13 years |
nmav |
upgraded to 0.4.0
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@836c2f9
|
16 years |
chip |
start the CA Certificate code.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@84cb5b2
|
16 years |
chip |
- add lua to do client verification
- only use gcrypt locking when …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@836417f
|
16 years |
chip |
Refactor finding the correct server record to fix resumed sessions.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@38435cc
|
16 years |
chip |
apr_table_setn doesn't copy the data. oops.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@2ad3683
|
16 years |
chip |
We already have a Certificate, use it directly. With SNI, GnuTLS …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@46e3920
|
16 years |
chip |
if there aren't any certs.. still set something.
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@7ba803b
|
16 years |
chip |
add SSL_SERVER_S_DN and SSL_SERVER_I_DN
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|
|
|
@c301152
|
16 years |
chip |
- move hooks to gnutls_hooks.c
- use 'mgs_' as the prefix for all …
asynciodebian/masterdebian/stretch-backportsjessie-backportsmsvaproxy-ticketupstream
|