# # ChangeLog for src in mod_gnutls # # Generated by Trac 1.2 # Mar 7, 2021, 12:25:30 PM Wed, 15 Jun 2016 17:32:14 GMT Thomas Klute [81433f1] * src/gnutls_config.c (modified) Reformat mgs_load_files() This commit changes only whitespace and ... Wed, 15 Jun 2016 17:32:14 GMT Thomas Klute [e2ba939] * src/gnutls_config.c (modified) Prevent memory leaks in post_conf hook Valgrind indicated memory ... Tue, 14 Jun 2016 20:57:36 GMT Thomas Klute [894efd0] * src/gnutls_ocsp.c (modified) Check OCSP response nonce Tue, 14 Jun 2016 19:38:18 GMT Thomas Klute [82745d1] * src/gnutls_ocsp.c (modified) Fix memory usage issues * Use-after-free of the OCSP request in ... Tue, 14 Jun 2016 18:40:13 GMT Thomas Klute [16ad0eb] * src/Makefile.am (modified) * src/gnutls_ocsp.c (modified) * src/gnutls_util.c (added) * src/gnutls_util.h (added) Perform OCSP request over HTTP Finally the whole stack is there! ... Sat, 11 Jun 2016 23:03:01 GMT Thomas Klute [0831437] * src/gnutls_cache.c (modified) * src/gnutls_cache.h (modified) Clarify the purpose of mgs_time2sz() I've renamed the CTIME macro ... Sat, 11 Jun 2016 20:44:52 GMT Thomas Klute [47a909e] * src/gnutls_ocsp.c (modified) Create OCSP requests when updating the cached response Actually ... Sat, 11 Jun 2016 00:26:50 GMT Thomas Klute [a372379] * src/gnutls_ocsp.c (modified) * src/gnutls_ocsp.h (modified) Store server certificate fingerprint in OCSP config It's not like ... Sat, 11 Jun 2016 00:19:20 GMT Thomas Klute [cc74801e] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_ocsp.c (modified) * src/gnutls_ocsp.h (modified) Move generated vhost-wide OCSP config into a private structure Fri, 10 Jun 2016 23:39:34 GMT Thomas Klute [5559aa6] * src/gnutls_ocsp.c (modified) Rely on cache for OCSP response expiration With fixed DBM cache ... Fri, 10 Jun 2016 23:30:12 GMT Thomas Klute [11e6205] * src/gnutls_cache.c (modified) dbm_cache_fetch(): Clear data size on allocation failure Memory ... Fri, 10 Jun 2016 19:14:51 GMT Thomas Klute [b2e6406] * src/gnutls_io.c (modified) Safe integer type conversion in mgs_filter_input() Read sizes ... Fri, 10 Jun 2016 16:46:02 GMT Thomas Klute [15b22cb] * src/mod_gnutls.c (modified) Allow compiling with clang Needs just a minimal workaround for an ... Fri, 10 Jun 2016 13:34:08 GMT Thomas Klute [d6834e0] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_ocsp.c (modified) * src/gnutls_ocsp.h (modified) OCSP refresh mutex: Prevent parallel requests Add a global mutex ... Fri, 10 Jun 2016 08:16:48 GMT Thomas Klute [aa68232] * include/mod_gnutls.h.in (modified) * src/gnutls_cache.c (modified) * src/gnutls_cache.h (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) Move global cache mutex into the private cache struct Thu, 09 Jun 2016 23:52:23 GMT Thomas Klute [e809fb3] * include/mod_gnutls.h.in (modified) * src/gnutls_cache.c (modified) * src/gnutls_cache.h (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_ocsp.c (modified) Use generic cache functions for OCSP response caching With this, ... Thu, 09 Jun 2016 23:09:22 GMT Thomas Klute [3e22b82] * src/gnutls_cache.c (modified) * src/gnutls_cache.h (modified) Add generic store/fetch support to the memcached cache Required to ... Thu, 09 Jun 2016 21:08:30 GMT Thomas Klute [70a1e5a] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_ocsp.c (modified) * src/mod_gnutls.c (modified) Introduce OCSP caching grace time A cached OCSP response must be ... Thu, 09 Jun 2016 18:50:43 GMT Thomas Klute [f450ac9] * src/gnutls_cache.c (modified) * src/gnutls_cache.h (modified) * src/gnutls_hooks.c (modified) Replace mgs_session_id2sz() with apr_(p?)escape_hex() There's no ... Thu, 09 Jun 2016 16:33:30 GMT Thomas Klute [d18afb8] * src/gnutls_cache.c (modified) * src/gnutls_ocsp.c (modified) Ensure that dbm_cache_fetch() does not return expired data The ... Wed, 08 Jun 2016 21:58:24 GMT Thomas Klute [c6572ec] * src/gnutls_ocsp.c (modified) Apply default cache timeout to OCSP responses without nextUpdate Wed, 08 Jun 2016 21:24:15 GMT Thomas Klute [c55902b] * src/gnutls_cache.c (modified) Trigger cache expiration on fetch, small restructuring In a ... Wed, 08 Jun 2016 19:31:29 GMT Thomas Klute [c005645] * doc/mod_gnutls_manual.mdwn (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_cache.c (modified) * src/gnutls_cache.h (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) Mutex for DBM cache access I noticed that with a DBM cache enabled ... Sun, 05 Jun 2016 19:42:32 GMT Thomas Klute [eb63377] * src/gnutls_ocsp.c (modified) Check only expiration time for OCSP responses from cache Responses ... Sun, 05 Jun 2016 19:42:32 GMT Thomas Klute [366d1a1] * src/gnutls_ocsp.c (modified) Use nextUpdate field of OCSP response to set cache lifetime Sun, 05 Jun 2016 19:42:32 GMT Thomas Klute [08817d0] * src/gnutls_ocsp.c (modified) Check OCSP response before caching Only verified responses should ... Sun, 05 Jun 2016 19:42:32 GMT Thomas Klute [368e581] * src/gnutls_ocsp.c (modified) Update OCSP response cache only if response is missing or invalid ... Sun, 05 Jun 2016 19:42:32 GMT Thomas Klute [4bf4ce2] * README (modified) * src/gnutls_ocsp.c (modified) Use GCC builtins to catch overflows with mixed integer types ... Sun, 05 Jun 2016 19:42:32 GMT Thomas Klute [6b4136c] * src/gnutls_cache.c (modified) * src/gnutls_cache.h (modified) * src/gnutls_ocsp.c (modified) Store OCSP responses in DBM cache before use This is not proper ... Sun, 05 Jun 2016 19:42:32 GMT Thomas Klute [2f932fa] * src/gnutls_cache.c (modified) Use gnutls_datum_t to pass DBM keys for GnuTLS sessions The APR ... Sun, 05 Jun 2016 19:42:32 GMT Thomas Klute [6814e48] * src/gnutls_cache.c (modified) Explain the different signatures of the dbm_cache functions Sun, 05 Jun 2016 19:42:31 GMT Thomas Klute [15245bf] * src/gnutls_cache.c (modified) Split dbm_cache_fetch() in generic and GnuTLS session specific parts ... Sun, 05 Jun 2016 19:42:31 GMT Thomas Klute [1d1361f] * src/gnutls_cache.c (modified) Make dbm_cache_store() work outside connection context Sun, 05 Jun 2016 19:42:31 GMT Thomas Klute [ae08186] * src/gnutls_cache.c (modified) DBM cache: Separate session caching and generic store operation Sun, 05 Jun 2016 19:42:31 GMT Thomas Klute [f785704] * src/gnutls_cache.c (modified) Make dbm_cache_expire() work outside connection context DBM cache ... Fri, 03 Jun 2016 22:49:21 GMT Thomas Klute [04e6e65] * include/mod_gnutls.h.in (modified) * src/Makefile.am (modified) * src/gnutls_cache.c (modified) * src/gnutls_cache.h (added) * src/gnutls_hooks.c (modified) Move declarations of cache-related functions to a dedicated header ... Fri, 03 Jun 2016 19:09:41 GMT Thomas Klute [7511bfa] * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) Use ap_log_cerror() instead of ap_log_error() where reasonable ... Fri, 03 Jun 2016 19:01:26 GMT Thomas Klute [8913410] * include/mod_gnutls.h.in (modified) * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) * src/gnutls_io.c (modified) * src/mod_gnutls.c (modified) Update copyright headers Fri, 03 Jun 2016 18:31:56 GMT Thomas Klute [c3ad933] * include/mod_gnutls.h.in (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) * src/mod_gnutls.c (modified) Remove stale support code for Apache versions before 2.2 Fri, 03 Jun 2016 14:08:29 GMT Thomas Klute [fd6bb19] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_ocsp.c (modified) * src/gnutls_ocsp.h (modified) Extract OCSP access URI from the server certificate Wed, 01 Jun 2016 17:01:20 GMT Thomas Klute [4ae7810] * src/gnutls_ocsp.c (modified) Log port along with hostname if OCSP trust list initialization fails Wed, 01 Jun 2016 16:41:29 GMT Thomas Klute [68ce93c] * src/gnutls_ocsp.c (modified) Rearrange mgs_get_ocsp_response() for readability Wed, 01 Jun 2016 16:20:12 GMT Thomas Klute [fad7695] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_ocsp.c (modified) * src/gnutls_ocsp.h (modified) Store OCSP trust list in server config This avoids recreating the ... Tue, 31 May 2016 22:00:31 GMT Thomas Klute [64856fd] * include/mod_gnutls.h.in (modified) * src/gnutls_hooks.c (modified) Get rid of exit(-1) calls in mgs_hook_post_config() This allows the ... Tue, 31 May 2016 17:12:53 GMT Thomas Klute [2a1ffd6] * src/gnutls_ocsp.c (modified) * src/gnutls_ocsp.h (modified) Move trust list generation for OCSP to a separate function The new ... Mon, 30 May 2016 21:21:21 GMT Thomas Klute [d35b98e] * src/gnutls_ocsp.c (modified) Check OCSP response and staple it only if good Sun, 29 May 2016 22:06:59 GMT Thomas Klute [94cb972] * include/mod_gnutls.h.in (modified) * src/Makefile.am (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_ocsp.c (added) * src/gnutls_ocsp.h (added) * src/mod_gnutls.c (modified) * test/runtests (modified) * test/test-27_OCSP_server.bash (modified) * test/tests/27_OCSP_server/apache.conf (modified) Minimal OCSP stapling implementation using externally provided ... Fri, 27 May 2016 20:07:24 GMT Thomas Klute [0bda20f] * Makefile.am (modified) * configure.ac (modified) * m4/apache.m4 (modified) * src/Makefile.am (modified) * test/Makefile.am (modified) Make "make distcheck" work This requires strict DIST/DISTCLEAN ... Fri, 27 May 2016 18:56:21 GMT Thomas Klute [eb34ac4] * src/Makefile.am (modified) * test/base_apache.conf (modified) Let Automake handle module installation Using a custom pkglib ... Fri, 27 May 2016 16:26:15 GMT Thomas Klute [19f2719] * src/gnutls_io.c (modified) Update comments and formating in push/pull functions Fri, 27 May 2016 16:11:32 GMT Thomas Klute [a9fa300] * src/gnutls_io.c (modified) Set GnuTLS session errno on all error paths in mgs_transport_read() Thu, 26 May 2016 22:00:16 GMT Thomas Klute [6868585] * src/gnutls_io.c (modified) Remove unnecessary session pointer check The transport functions ... Thu, 26 May 2016 21:09:31 GMT Thomas Klute [be41ee4] * src/gnutls_io.c (modified) Set GnuTLS session errno on errors in mgs_transport_write() Sunil ... Thu, 11 Feb 2016 19:48:07 GMT Thomas Klute [8ac7c0d] * configure.ac (modified) * src/mod_gnutls.c (modified) * test/Makefile.am (modified) * test/README (modified) * test/test-26_HTTPS_server_var.bash (added) * test/tests/26_HTTPS_server_var/apache.conf (added) * test/tests/Makefile.am (modified) Register "ssl_is_https" function for compatibility with mod_rewrite ... Wed, 27 Jan 2016 17:30:40 GMT Thomas Klute [bc539d5] * src/gnutls_hooks.c (modified) * test/tests/16_view-status/output (modified) Implement short message for mod_status reports Until now the flags ... Wed, 27 Jan 2016 06:35:28 GMT Thomas Klute [600cf16] * src/gnutls_hooks.c (modified) mgs_status_hook: Remove code for GnuTLS versions < 3 mod_gnutls ... Sat, 21 Nov 2015 14:16:00 GMT Thomas Klute [73b0bf0] * src/gnutls_io.c (modified) mgs_filter_input: Use APR_STATUS_IS macros instead of integer comparison Sat, 21 Nov 2015 00:44:24 GMT Thomas Klute [a2368a4] * src/gnutls_hooks.c (modified) Use TLS session cleanup hook for all connection pools If a TLS ... Sat, 21 Nov 2015 00:37:15 GMT Thomas Klute [2ceb836] * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) Update log messages on session termination (cleanup_gnutls_session, ... Wed, 18 Nov 2015 19:39:08 GMT Thomas Klute [401a0de] * src/gnutls_io.c (modified) Close TLS session on EOF in input filter If the input filter ... Thu, 12 Nov 2015 02:10:35 GMT Thomas Klute [f5a36ee] * src/gnutls_io.c (modified) Pass EAGAIN/EINTR from gnutls_io_input_read to input filter ... Thu, 12 Nov 2015 01:34:01 GMT Thomas Klute [02a6a18] * src/gnutls_io.c (modified) gnutls_io.c: Don't mix EAGAIN and EINTR in mgs_transport_read ... Fri, 18 Sep 2015 23:45:20 GMT Thomas Klute [dff03fa] * configure.ac (modified) * src/gnutls_hooks.c (modified) Configure C99 mode Variable declarations in for loops improve code ... Fri, 18 Sep 2015 23:12:16 GMT Thomas Klute [9ca1f21] * doc/mod_gnutls_manual.mdwn (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) Allow loading more than one PKCS #11 module using GnuTLSP11Module ... Thu, 17 Sep 2015 20:50:11 GMT Thomas Klute [88df24d] * src/mod_gnutls.c (modified) Replace "SSL" with "TLS" in config directive descriptions Thu, 17 Sep 2015 20:25:07 GMT Thomas Klute [176047e] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/mod_gnutls.c (modified) Use AP_INIT_FLAG for On/Off config directives Letting the Apache ... Thu, 17 Sep 2015 19:48:54 GMT Thomas Klute [7764015] * doc/mod_gnutls_manual.mdwn (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) Update GnuTLSP11Module documentation for stricter semantics Wed, 16 Sep 2015 18:39:51 GMT Thomas Klute [746e993] * src/gnutls_hooks.c (modified) Formatting fix for PKCS #11 module loading Wed, 16 Sep 2015 18:37:11 GMT Thomas Klute [f21d2a6] * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Changed the semantics of GnuTLSP11Module That setting instructs ... Sun, 09 Aug 2015 21:56:58 GMT Thomas Klute [efd3cfe] * src/gnutls_hooks.c (modified) Whitespace fix in gnutls_hooks.c Sun, 09 Aug 2015 21:49:12 GMT Thomas Klute [99f8375] * src/gnutls_hooks.c (modified) Ensure safe defaults during client verification Initialize the ... Sun, 12 Jul 2015 18:26:09 GMT Thomas Klute [dfd5837] * src/gnutls_io.c (modified) Log possible error messages from gnutls_bye Sat, 11 Jul 2015 11:52:04 GMT Thomas Klute [ee687ab] * README (modified) * src/Makefile.am (modified) Update README and post-install documentation hint Mon, 29 Jun 2015 16:12:11 GMT Thomas Klute [e021722] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Update copyright headers for Nikos Mavrogiannopoulos' PKCS #11 patch ... Sat, 27 Jun 2015 17:09:27 GMT Thomas Klute [e391197] * include/mod_gnutls.h.in (modified) * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) * src/mod_gnutls.c (modified) Update copyright headers for C source Wed, 03 Jun 2015 05:48:15 GMT Thomas Klute [a2e3c33] * doc/mod_gnutls_manual.mdwn (modified) * src/gnutls_config.c (modified) * src/mod_gnutls.c (modified) * test/tests/19_TLS_reverse_proxy/apache.conf (modified) * test/tests/20_TLS_reverse_proxy_client_auth/apache.conf (modified) * test/tests/21_TLS_reverse_proxy_wrong_cert/apache.conf (modified) * test/tests/22_TLS_reverse_proxy_crl_revoke/apache.conf (modified) * test/tests/23_TLS_reverse_proxy_mismatched_priorities/apache.conf (modified) Rename option SSLProxyEngine to GnuTLSProxyEngine This matches the ... Fri, 15 May 2015 07:01:35 GMT Thomas Klute [e765670] * src/gnutls_cache.c (modified) Fix signature of mgs_cache_child_init when building without ... Sat, 09 May 2015 00:40:02 GMT Thomas Klute [87f1ed2] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Allow loading of an additional PKCS #11 provider library When using ... Tue, 21 Apr 2015 13:08:00 GMT Thomas Klute [4133f2d] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) Unify argument handling in mgs_set_priorities Just store the ... Tue, 21 Apr 2015 12:09:54 GMT Thomas Klute [2cde026d] * README (modified) * docs/mod_gnutls_manual.mdwn (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Merge branch 'new-gnutls-api' Merge my TLS proxy implementation ... Thu, 16 Apr 2015 10:46:36 GMT Thomas Klute [73f6f12] * src/gnutls_io.c (modified) Check handshake result before logging "TLS connection opened" ... Thu, 09 Apr 2015 17:02:39 GMT Thomas Klute [f030883] * docs/mod_gnutls_manual.mdwn (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) * test/Makefile.am (modified) * test/test-23_TLS_reverse_proxy_mismatched_priorities.bash (added) * test/tests/19_TLS_reverse_proxy/apache.conf (modified) * test/tests/20_TLS_reverse_proxy_client_auth/apache.conf (modified) * test/tests/21_TLS_reverse_proxy_wrong_cert/apache.conf (modified) * test/tests/22_TLS_reverse_proxy_crl_revoke/apache.conf (modified) * test/tests/23_TLS_reverse_proxy_mismatched_priorities/apache.conf (added) * test/tests/23_TLS_reverse_proxy_mismatched_priorities/backend.conf (added) * test/tests/23_TLS_reverse_proxy_mismatched_priorities/gnutls-cli.args (added) * test/tests/23_TLS_reverse_proxy_mismatched_priorities/input (added) * test/tests/23_TLS_reverse_proxy_mismatched_priorities/output (added) Set GnuTLS priorities for proxy connections separately Until now, ... Tue, 07 Apr 2015 16:28:40 GMT Thomas Klute [d04f7da] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) Version guards for gnutls_privkey_import_openpgp_raw workaround The ... Tue, 07 Apr 2015 09:13:59 GMT Thomas Klute [8b472af] * src/gnutls_hooks.c (modified) * test/tests/19_TLS_reverse_proxy/apache.conf (modified) * test/tests/20_TLS_reverse_proxy_client_auth/apache.conf (modified) * test/tests/21_TLS_reverse_proxy_wrong_cert/apache.conf (modified) * test/tests/22_TLS_reverse_proxy_crl_revoke/apache.conf (modified) Use server root for file paths in TLS proxy config This is what ... Sun, 05 Apr 2015 22:20:59 GMT Thomas Klute [2cde8111] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) Workarounds for OpenPGP key handling Commit ... Sat, 04 Apr 2015 21:17:18 GMT Thomas Klute [01b5d85] * src/gnutls_hooks.c (modified) * test/Makefile.am (modified) * test/runtests (modified) * test/test-18_client_verification_wrong_cert.bash (added) * test/tests/18_client_verification_wrong_cert/apache.conf (added) * test/tests/18_client_verification_wrong_cert/gnutls-cli.args (added) * test/tests/18_client_verification_wrong_cert/input (added) * test/tests/18_client_verification_wrong_cert/output (added) Merge branch 'client-verify-fix' into new-gnutls-api Merge the fix ... Sat, 04 Apr 2015 21:03:43 GMT Thomas Klute [c4a015b] * Makefile.am (modified) * README (modified) * configure.ac (modified) * include/mod_gnutls.h.in (modified) * run_tests.sh (deleted) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) * t/newtest (deleted) * test/.gitignore (moved) * test/Makefile.am (added) * test/README (moved) * test/TestMakefile (moved) * test/authority.template.in (moved) * test/authority.uid (moved) * test/base_apache.conf (moved) * test/client.template.in (moved) * test/client.uid (moved) * test/data/dump.cgi (moved) * test/data/secret.txt (moved) * test/data/test.txt (moved) * test/imposter.template (moved) * test/imposter.uid (moved) * test/mime.types (moved) * test/newtest (added) * test/rogueca.template (moved) * test/rogueca.uid (moved) * test/runtests (moved) * test/server.template.in (moved) * test/server.uid.in (moved) * test/setup (moved) * test/test-00_basic.bash (added) * test/test-01_serverwide_priorities.bash (added) * test/test-02_cache_in_vhost.bash (added) * test/test-03_cachetimeout_in_vhost.bash (added) * test/test-04_basic_nosni.bash (added) * test/test-05_mismatched-priorities.bash (added) * test/test-06_verify_sni_a.bash (added) * test/test-07_verify_sni_b.bash (added) * test/test-08_verify_no_sni_fallback_to_first_vhost.bash (added) * test/test-09_verify_no_sni_fails_with_wrong_order.bash (added) * test/test-10_basic_client_verification.bash (added) * test/test-11_basic_client_verification_fail.bash (added) * test/test-12_cgi_variables.bash (added) * test/test-13_cgi_variables_no_client_cert.bash (added) * test/test-14_basic_openpgp.bash (added) * test/test-15_basic_msva.bash (added) * test/test-16_view-status.bash (added) * test/test-17_cgi_vars_large_cert.bash (added) * test/tests/00_basic/apache.conf (moved) * test/tests/00_basic/gnutls-cli.args (moved) * test/tests/00_basic/input (moved) * test/tests/00_basic/output (moved) * test/tests/01_serverwide_priorities/apache.conf (moved) * test/tests/01_serverwide_priorities/gnutls-cli.args (moved) * test/tests/01_serverwide_priorities/input (moved) * test/tests/01_serverwide_priorities/output (moved) * test/tests/02_cache_in_vhost/apache.conf (moved) * test/tests/02_cache_in_vhost/fail.server (moved) * test/tests/02_cache_in_vhost/gnutls-cli.args (moved) * test/tests/02_cache_in_vhost/input (moved) * test/tests/03_cachetimeout_in_vhost/apache.conf (moved) * test/tests/03_cachetimeout_in_vhost/fail.server (moved) * test/tests/03_cachetimeout_in_vhost/gnutls-cli.args (moved) * test/tests/03_cachetimeout_in_vhost/input (moved) * test/tests/04_basic_nosni/apache.conf (moved) * test/tests/04_basic_nosni/gnutls-cli.args (moved) * test/tests/04_basic_nosni/input (moved) * test/tests/04_basic_nosni/output (moved) * test/tests/05_mismatched-priorities/apache.conf (moved) * test/tests/05_mismatched-priorities/fail.client (moved) * test/tests/05_mismatched-priorities/gnutls-cli.args (moved) * test/tests/05_mismatched-priorities/input (moved) * test/tests/06_verify_sni_a/apache.conf (moved) * test/tests/06_verify_sni_a/gnutls-cli.args (moved) * test/tests/06_verify_sni_a/input (moved) * test/tests/06_verify_sni_a/output (moved) * test/tests/07_verify_sni_b/apache.conf (moved) * test/tests/07_verify_sni_b/gnutls-cli.args (moved) * test/tests/07_verify_sni_b/input (moved) * test/tests/07_verify_sni_b/output (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/apache.conf (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/gnutls-cli.args (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/input (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/output (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/apache.conf (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/fail.client (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/gnutls-cli.args (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/input (moved) * test/tests/10_basic_client_verification/apache.conf (moved) * test/tests/10_basic_client_verification/gnutls-cli.args (moved) * test/tests/10_basic_client_verification/input (moved) * test/tests/10_basic_client_verification/output (moved) * test/tests/11_basic_client_verification_fail/apache.conf (moved) * test/tests/11_basic_client_verification_fail/fail.client (moved) * test/tests/11_basic_client_verification_fail/gnutls-cli.args (moved) * test/tests/11_basic_client_verification_fail/input (moved) * test/tests/12_cgi_variables/apache.conf (moved) * test/tests/12_cgi_variables/gnutls-cli.args (moved) * test/tests/12_cgi_variables/input (moved) * test/tests/12_cgi_variables/output (moved) * test/tests/13_cgi_variables_no_client_cert/apache.conf (moved) * test/tests/13_cgi_variables_no_client_cert/gnutls-cli.args (moved) * test/tests/13_cgi_variables_no_client_cert/input (moved) * test/tests/13_cgi_variables_no_client_cert/output (moved) * test/tests/14_basic_openpgp/apache.conf (moved) * test/tests/14_basic_openpgp/gnutls-cli.args (moved) * test/tests/14_basic_openpgp/input (moved) * test/tests/14_basic_openpgp/output (moved) * test/tests/15_basic_msva/apache.conf (moved) * test/tests/15_basic_msva/gnutls-cli.args (moved) * test/tests/15_basic_msva/input (moved) * test/tests/15_basic_msva/output (moved) * test/tests/16_view-status/apache.conf (moved) * test/tests/16_view-status/gnutls-cli.args (moved) * test/tests/16_view-status/input (moved) * test/tests/16_view-status/output (moved) * test/tests/17_cgi_vars_large_cert/apache.conf (moved) * test/tests/17_cgi_vars_large_cert/gnutls-cli.args (moved) * test/tests/17_cgi_vars_large_cert/input (moved) * test/tests/17_cgi_vars_large_cert/output (moved) Merge branch 'split-testsuite' into new-gnutls-api OpenPGP support ... Sat, 04 Apr 2015 20:57:10 GMT Thomas Klute [259e835] * configure.ac (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) * src/mod_gnutls.c (modified) * t/Makefile (modified) * t/setup (modified) Merge branch 'master' into new-gnutls-api Branch 'master' at this ... Sat, 04 Apr 2015 20:44:24 GMT Thomas Klute [1d9cfaf] * src/gnutls_config.c (modified) gnutls_config.c: Backport function signature changes from master ... Fri, 03 Apr 2015 00:48:19 GMT Thomas Klute [809c422] * docs/mod_gnutls_manual.mdwn (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) TLS proxy: Add support for CRLs to back end server verification ... Thu, 02 Apr 2015 23:51:48 GMT Thomas Klute [bd24203] * include/mod_gnutls.h.in (modified) * src/gnutls_hooks.c (modified) Explicitly build trust list for proxy connections This change ... Tue, 31 Mar 2015 10:12:22 GMT Thomas Klute [7d2123d] * src/gnutls_hooks.c (modified) Log errors while loading proxy certificate trust list The way the ... Thu, 19 Mar 2015 15:40:40 GMT Thomas Klute [6bbc00a] * src/gnutls_hooks.c (modified) Check hostname of proxy back end server against certificate ... Thu, 19 Mar 2015 12:27:45 GMT Thomas Klute [0de1839] * README (modified) * configure.ac (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Support X.509 auth for TLS proxy connections This commit adds ... Wed, 18 Feb 2015 11:33:37 GMT Thomas Klute [7314438] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) Fix whitespace problems detected by git Mon, 16 Feb 2015 16:17:07 GMT Thomas Klute [b324906] * Makefile.am (modified) * configure.ac (modified) * run_tests.sh (deleted) * src/gnutls_hooks.c (modified) * t/newtest (deleted) * test/.gitignore (moved) * test/Makefile.am (added) * test/README (moved) * test/TestMakefile (moved) * test/authority.template.in (moved) * test/authority.uid (moved) * test/base_apache.conf (moved) * test/client.template.in (moved) * test/client.uid (moved) * test/data/dump.cgi (moved) * test/data/secret.txt (moved) * test/data/test.txt (moved) * test/imposter.template (moved) * test/imposter.uid (moved) * test/mime.types (moved) * test/newtest (added) * test/rogueca.template (moved) * test/rogueca.uid (moved) * test/runtests (moved) * test/server.template.in (moved) * test/server.uid.in (moved) * test/setup (moved) * test/test-00_basic.bash (added) * test/test-01_serverwide_priorities.bash (added) * test/test-02_cache_in_vhost.bash (added) * test/test-03_cachetimeout_in_vhost.bash (added) * test/test-04_basic_nosni.bash (added) * test/test-05_mismatched-priorities.bash (added) * test/test-06_verify_sni_a.bash (added) * test/test-07_verify_sni_b.bash (added) * test/test-08_verify_no_sni_fallback_to_first_vhost.bash (added) * test/test-09_verify_no_sni_fails_with_wrong_order.bash (added) * test/test-10_basic_client_verification.bash (added) * test/test-11_basic_client_verification_fail.bash (added) * test/test-12_cgi_variables.bash (added) * test/test-13_cgi_variables_no_client_cert.bash (added) * test/test-14_basic_openpgp.bash (added) * test/test-15_basic_msva.bash (added) * test/test-16_view-status.bash (added) * test/test-17_cgi_vars_large_cert.bash (added) * test/test-18_client_verification_wrong_cert.bash (added) * test/tests/00_basic/apache.conf (moved) * test/tests/00_basic/gnutls-cli.args (moved) * test/tests/00_basic/input (moved) * test/tests/00_basic/output (moved) * test/tests/01_serverwide_priorities/apache.conf (moved) * test/tests/01_serverwide_priorities/gnutls-cli.args (moved) * test/tests/01_serverwide_priorities/input (moved) * test/tests/01_serverwide_priorities/output (moved) * test/tests/02_cache_in_vhost/apache.conf (moved) * test/tests/02_cache_in_vhost/fail.server (moved) * test/tests/02_cache_in_vhost/gnutls-cli.args (moved) * test/tests/02_cache_in_vhost/input (moved) * test/tests/03_cachetimeout_in_vhost/apache.conf (moved) * test/tests/03_cachetimeout_in_vhost/fail.server (moved) * test/tests/03_cachetimeout_in_vhost/gnutls-cli.args (moved) * test/tests/03_cachetimeout_in_vhost/input (moved) * test/tests/04_basic_nosni/apache.conf (moved) * test/tests/04_basic_nosni/gnutls-cli.args (moved) * test/tests/04_basic_nosni/input (moved) * test/tests/04_basic_nosni/output (moved) * test/tests/05_mismatched-priorities/apache.conf (moved) * test/tests/05_mismatched-priorities/fail.client (moved) * test/tests/05_mismatched-priorities/gnutls-cli.args (moved) * test/tests/05_mismatched-priorities/input (moved) * test/tests/06_verify_sni_a/apache.conf (moved) * test/tests/06_verify_sni_a/gnutls-cli.args (moved) * test/tests/06_verify_sni_a/input (moved) * test/tests/06_verify_sni_a/output (moved) * test/tests/07_verify_sni_b/apache.conf (moved) * test/tests/07_verify_sni_b/gnutls-cli.args (moved) * test/tests/07_verify_sni_b/input (moved) * test/tests/07_verify_sni_b/output (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/apache.conf (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/gnutls-cli.args (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/input (moved) * test/tests/08_verify_no_sni_fallback_to_first_vhost/output (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/apache.conf (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/fail.client (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/gnutls-cli.args (moved) * test/tests/09_verify_no_sni_fails_with_wrong_order/input (moved) * test/tests/10_basic_client_verification/apache.conf (moved) * test/tests/10_basic_client_verification/gnutls-cli.args (moved) * test/tests/10_basic_client_verification/input (moved) * test/tests/10_basic_client_verification/output (moved) * test/tests/11_basic_client_verification_fail/apache.conf (moved) * test/tests/11_basic_client_verification_fail/fail.client (moved) * test/tests/11_basic_client_verification_fail/gnutls-cli.args (moved) * test/tests/11_basic_client_verification_fail/input (moved) * test/tests/12_cgi_variables/apache.conf (moved) * test/tests/12_cgi_variables/gnutls-cli.args (moved) * test/tests/12_cgi_variables/input (moved) * test/tests/12_cgi_variables/output (moved) * test/tests/13_cgi_variables_no_client_cert/apache.conf (moved) * test/tests/13_cgi_variables_no_client_cert/gnutls-cli.args (moved) * test/tests/13_cgi_variables_no_client_cert/input (moved) * test/tests/13_cgi_variables_no_client_cert/output (moved) * test/tests/14_basic_openpgp/apache.conf (moved) * test/tests/14_basic_openpgp/gnutls-cli.args (moved) * test/tests/14_basic_openpgp/input (moved) * test/tests/14_basic_openpgp/output (moved) * test/tests/15_basic_msva/apache.conf (moved) * test/tests/15_basic_msva/gnutls-cli.args (moved) * test/tests/15_basic_msva/input (moved) * test/tests/15_basic_msva/output (moved) * test/tests/16_view-status/apache.conf (moved) * test/tests/16_view-status/gnutls-cli.args (moved) * test/tests/16_view-status/input (moved) * test/tests/16_view-status/output (moved) * test/tests/17_cgi_vars_large_cert/apache.conf (moved) * test/tests/17_cgi_vars_large_cert/gnutls-cli.args (moved) * test/tests/17_cgi_vars_large_cert/input (moved) * test/tests/17_cgi_vars_large_cert/output (moved) * test/tests/18_client_verification_wrong_cert/apache.conf (added) * test/tests/18_client_verification_wrong_cert/gnutls-cli.args (added) * test/tests/18_client_verification_wrong_cert/input (added) * test/tests/18_client_verification_wrong_cert/output (added) Merge branch 'client-verify-fix' into tls-proxy Most importantly, ... Thu, 05 Feb 2015 13:48:45 GMT Thomas Klute [5a8a32b] * src/gnutls_hooks.c (modified) TLS Client auth: Check server verify mode if unset for dir The ... Tue, 03 Feb 2015 11:31:46 GMT Thomas Klute [b429e4c] * src/gnutls_hooks.c (modified) Cleanup handler for proxy TLS connections When handling client ... Tue, 03 Feb 2015 08:42:11 GMT Thomas Klute [d7a8286] * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Remove debug log messages for allocating connection config memory ... Tue, 03 Feb 2015 08:35:48 GMT Thomas Klute [265eafc] * src/gnutls_io.c (modified) gnutls_io.c: Log connection start/end and unusual input filter events ...