source: mod_gnutls/src/gnutls_ocsp.c

Revision Log Mode:


Legend:

Added
Modified
Copied or renamed
Diff Rev Age Author Log Message
(edit) @c39ae1a   3 years thomas2.klute Initialize OCSP timeouts with an "unset" value The configuration … debian/masterdebian/stretch-backportsupstream
(edit) @ef107fd   3 years thomas2.klute Remove TODO for OCSP requests without nonces Ideally all OCSP … debian/masterdebian/stretch-backportsupstream
(edit) @333bbc7   3 years thomas2.klute Configurable OCSP socket timeout Stalled OCSP requests must time out … debian/masterdebian/stretch-backportsupstream
(edit) @c6dda6d   3 years thomas2.klute Rate limit OCSP requests Retries after failed OCSP requests must be … debian/masterdebian/stretch-backportsupstream
(edit) @3f0b470   3 years thomas2.klute Macro for the OCSP socket timeout debian/masterdebian/stretch-backportsupstream
(edit) @8a0da86   3 years thomas2.klute Adjust log levels for OCSP cache updates debian/masterdebian/stretch-backportsupstream
(edit) @f1147b6   3 years thomas2.klute OCSP post config: Ensure OCSP URI or response file are set If the … debian/masterdebian/stretch-backportsupstream
(edit) @ef06c74   3 years thomas2.klute Compatibility code for GCC version < 5 The builtin_add_overflow() … debian/masterdebian/stretch-backportsupstream
(edit) @78b75b3   3 years thomas2.klute Restore GnuTLSOCSPResponseFile option Using an externally updated … debian/masterdebian/stretch-backportsupstream
(edit) @4d4a406   3 years thomas2.klute New config option: GnuTLSOCSPStapling This flag option … debian/masterdebian/stretch-backportsupstream
(edit) @894efd0   3 years thomas2.klute Check OCSP response nonce debian/masterdebian/stretch-backportsupstream
(edit) @82745d1   3 years thomas2.klute Fix memory usage issues * Use-after-free of the OCSP request in … debian/masterdebian/stretch-backportsupstream
(edit) @16ad0eb   3 years thomas2.klute Perform OCSP request over HTTP Finally the whole stack is there! … debian/masterdebian/stretch-backportsupstream
(edit) @47a909e   3 years thomas2.klute Create OCSP requests when updating the cached response Actually … debian/masterdebian/stretch-backportsupstream
(edit) @a372379   3 years thomas2.klute Store server certificate fingerprint in OCSP config It's not like … debian/masterdebian/stretch-backportsupstream
(edit) @cc74801   3 years thomas2.klute Move generated vhost-wide OCSP config into a private structure debian/masterdebian/stretch-backportsupstream
(edit) @5559aa6   3 years thomas2.klute Rely on cache for OCSP response expiration With fixed DBM cache … debian/masterdebian/stretch-backportsupstream
(edit) @d6834e0   3 years thomas2.klute OCSP refresh mutex: Prevent parallel requests Add a global mutex … debian/masterdebian/stretch-backportsupstream
(edit) @e809fb3   3 years thomas2.klute Use generic cache functions for OCSP response caching With this, OCSP … debian/masterdebian/stretch-backportsupstream
(edit) @70a1e5a   3 years thomas2.klute Introduce OCSP caching grace time A cached OCSP response must be … debian/masterdebian/stretch-backportsupstream
(edit) @d18afb8   3 years thomas2.klute Ensure that dbm_cache_fetch() does not return expired data The cache … debian/masterdebian/stretch-backportsupstream
(edit) @c6572ec   3 years thomas2.klute Apply default cache timeout to OCSP responses without nextUpdate debian/masterdebian/stretch-backportsupstream
(edit) @eb63377   4 years thomas2.klute Check only expiration time for OCSP responses from cache Responses … debian/masterdebian/stretch-backportsupstream
(edit) @366d1a1   4 years thomas2.klute Use nextUpdate field of OCSP response to set cache lifetime debian/masterdebian/stretch-backportsupstream
(edit) @08817d0   4 years thomas2.klute Check OCSP response before caching Only verified responses should be … debian/masterdebian/stretch-backportsupstream
(edit) @368e581   4 years thomas2.klute Update OCSP response cache only if response is missing or invalid … debian/masterdebian/stretch-backportsupstream
(edit) @4bf4ce2   4 years thomas2.klute Use GCC builtins to catch overflows with mixed integer types … debian/masterdebian/stretch-backportsupstream
(edit) @6b4136c   4 years thomas2.klute Store OCSP responses in DBM cache before use This is not proper … debian/masterdebian/stretch-backportsupstream
(edit) @fd6bb19   4 years thomas2.klute Extract OCSP access URI from the server certificate debian/masterdebian/stretch-backportsupstream
(edit) @4ae7810   4 years thomas2.klute Log port along with hostname if OCSP trust list initialization fails debian/masterdebian/stretch-backportsupstream
(edit) @68ce93c   4 years thomas2.klute Rearrange mgs_get_ocsp_response() for readability debian/masterdebian/stretch-backportsupstream
(edit) @fad7695   4 years thomas2.klute Store OCSP trust list in server config This avoids recreating the … debian/masterdebian/stretch-backportsupstream
(edit) @2a1ffd6   4 years thomas2.klute Move trust list generation for OCSP to a separate function The new … debian/masterdebian/stretch-backportsupstream
(edit) @d35b98e   4 years thomas2.klute Check OCSP response and staple it only if good debian/masterdebian/stretch-backportsupstream
(add) @94cb972   4 years thomas2.klute Minimal OCSP stapling implementation using externally provided … debian/masterdebian/stretch-backportsupstream
Note: See TracRevisionLog for help on using the revision log.