# # ChangeLog for src in mod_gnutls # # Generated by Trac 1.2 # Apr 17, 2021, 11:28:53 PM Sat, 16 Nov 2013 07:46:50 GMT Daniel Kahn Gillmor [832182b] * src/gnutls_hooks.c (modified) extracting the user ID from a certificate cleanly. Sat, 16 Nov 2013 07:46:50 GMT Daniel Kahn Gillmor [5c0d491] * src/gnutls_hooks.c (modified) MSVA: successful communication between apache and the agent This is ... Sat, 16 Nov 2013 07:46:50 GMT Daniel Kahn Gillmor [07889ab] * src/gnutls_hooks.c (modified) MSVA: some initial framework Sat, 16 Nov 2013 07:46:50 GMT Daniel Kahn Gillmor [cf2b905] * docs/manual.mdwn (added) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) MSVA: document and parse GnuTLSClientVerifyMethod directive The ... Mon, 15 Apr 2013 20:35:14 GMT Daniel Kahn Gillmor [6bb2474] * src/gnutls_hooks.c (modified) Changed Default Export Of Full PEM Certificates To FALSE This ... Wed, 30 Jan 2013 04:00:15 GMT Daniel Kahn Gillmor [b1c2b01] * src/gnutls_hooks.c (modified) avoid a segfault if no X.509 certificates are present during vhost_cb Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [7d1ab49] * docs/mod_gnutls_manual-0.1.html (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) restore GnuTLSExportCertificate directive It looks to me like this ... Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [c0dd3ab] * src/gnutls_hooks.c (modified) avoid invoking gnutls_transport_get_ptr on a NULL session Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [b668622] * src/gnutls_hooks.c (modified) Do not override the configured GnuTLS priority string. This fixes ... Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [8985a6b] * src/gnutls_hooks.c (modified) allow certificate use for clients without SNI The test removed here ... Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [9ecd212] * src/gnutls_hooks.c (modified) avoid embedding extra/unnecessary newlines in logs Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [932b68e] * src/gnutls_hooks.c (modified) Check for the version of GnuTLS we built against Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [cb5188f] * src/gnutls_hooks.c (modified) fatal library initialization error logs should be at APLOG_EMERG ... Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [421ef1c] * src/gnutls_hooks.c (modified) deal responsibly with grave failures in pre_config hook If a ... Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [929d313] * src/gnutls_config.c (modified) avoid use-after-free in mgs_set_key_file() Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [480aba1] * docs/mod_gnutls_manual-0.1.html (modified) * src/gnutls_config.c (modified) correct context terminology for GnuTLSCache configurations "global ... Wed, 30 Jan 2013 01:05:42 GMT Daniel Kahn Gillmor [040387c] * include/mod_gnutls.h.in (modified) * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) server-wide settings should be defaults unless overridden in a vhost ... Tue, 29 Jan 2013 20:41:38 GMT Daniel Kahn Gillmor [2d0f6cf] * src/mod_gnutls.c (modified) initialize members by name, for better clarity Tue, 29 Jan 2013 20:41:38 GMT Daniel Kahn Gillmor [8400c2e] * docs/mod_gnutls_manual-0.1.html (modified) * src/gnutls_config.c (modified) properly document the GnuTLSCache directive Tue, 29 Jan 2013 20:41:38 GMT Daniel Kahn Gillmor [369f47a] * docs/mod_gnutls_manual-0.1.html (modified) * src/gnutls_hooks.c (modified) avoid calling gnutls_srp_server_get_username() unless SRP is configured Tue, 29 Jan 2013 20:41:38 GMT Daniel Kahn Gillmor [b8df283] * src/gnutls_hooks.c (modified) use gnutls_datum_t instead of the deprecated gnutls_datum Tue, 29 Jan 2013 20:41:38 GMT Daniel Kahn Gillmor [2b76a9c] * docs/mod_gnutls_manual-0.1.html (modified) * src/gnutls_hooks.c (modified) X.509 certificates are ordered EE first (see ... Tue, 29 Jan 2013 20:41:38 GMT Daniel Kahn Gillmor [6055aff] * src/gnutls_hooks.c (modified) warn if the server hostname cannot be found in the certificate Tue, 29 Jan 2013 20:41:38 GMT Daniel Kahn Gillmor [e2b936e] * src/gnutls_hooks.c (modified) no longer using first_run since 31645b2ad; remove it Tue, 29 Jan 2013 20:41:38 GMT Daniel Kahn Gillmor [422f5b7] * src/gnutls_cache.c (modified) report an error if the attempt to chown the dbm session cache fails Fri, 21 Dec 2012 04:29:16 GMT Dash Shendy [3b4c0d0] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * Added Comments to Header Structures * Refactored the following: ... Fri, 21 Dec 2012 04:18:47 GMT Dash Shendy [8c03808] * src/mod_gnutls.c (modified) Removed Obselete Configuration Directives: - GnuTLSRSAFile - ... Thu, 22 Nov 2012 18:12:35 GMT Dash Shendy [cb60afc] * src/gnutls_hooks.c (modified) Bugfix: check_server_aliases() Signed-off-by: Dash Shendy ... Wed, 14 Nov 2012 22:24:57 GMT Dash Shendy [e3d36c7] * src/gnutls_hooks.c (modified) Fixed conditional ServerAlias names' & wildcards' matching ... Sun, 11 Nov 2012 21:04:15 GMT Dash Shendy [14d718f] * src/gnutls_hooks.c (modified) Added support for wildcards in ServerAlias configuration directive ... Sun, 11 Nov 2012 02:06:32 GMT Dash Shendy [9ee0464] * include/mod_gnutls.h.in (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) Compilation Errors Cleanup Signed-off-by: Dash Shendy ... Wed, 07 Dec 2011 05:22:48 GMT Dash Shendy [37f8282] * include/mod_gnutls.h.in (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) mod_proxy support continued Signed-off-by: Dash Shendy ... Tue, 04 Oct 2011 11:01:32 GMT Dash Shendy [33826c5] * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) * src/mod_gnutls.c (modified) mod_proxy support Mon, 03 Oct 2011 13:15:50 GMT Dash Shendy [da8c2fe] * src/gnutls_hooks.c (modified) Debug logging fix up Mon, 03 Oct 2011 12:54:22 GMT Dash Shendy [74f798f] * src/gnutls_hooks.c (modified) Added Debug logging and user warning for not spec. DH Params Mon, 03 Oct 2011 12:08:37 GMT Dash Shendy [fe42bfb] * src/gnutls_hooks.c (modified) Compilation Warnings Fixup Mon, 03 Oct 2011 11:28:42 GMT Dash Shendy [410d216] * src/gnutls_cache.c (modified) * src/gnutls_hooks.c (modified) Generate DH params instead of using the static ones Mon, 26 Sep 2011 04:00:52 GMT Dash Shendy [b3eb741] * src/gnutls_hooks.c (modified) Removed Obselete static const int protocol_priority[] Mon, 26 Sep 2011 03:59:48 GMT Dash Shendy [0cfcbf3] * src/gnutls_hooks.c (modified) Removed DEBUGLOG Mon, 26 Sep 2011 03:57:38 GMT Dash Shendy [b7098b2] * src/gnutls_hooks.c (modified) ServerAlias Directive Fix (For Apache 2.0.x) Mon, 26 Sep 2011 03:48:04 GMT Dash Shendy [8581fac] * src/gnutls_hooks.c (modified) Compilation Errors Fixup Mon, 26 Sep 2011 03:41:30 GMT Dash Shendy [8764d0d] * src/gnutls_hooks.c (modified) ServerAlias Directive Fix Mon, 26 Sep 2011 01:39:45 GMT Dash Shendy [d2ee1a1] * src/gnutls_hooks.c (modified) Removed obselete function ... Mon, 26 Sep 2011 01:32:57 GMT Dash Shendy [cf10d49] * src/gnutls_hooks.c (modified) Added new definition for function cert_retrieve_fn() Mon, 26 Sep 2011 01:25:50 GMT Dash Shendy [d0be765] * src/gnutls_hooks.c (modified) Added some comments Mon, 26 Sep 2011 01:15:02 GMT Dash Shendy [9180a60] * src/gnutls_hooks.c (modified) Applied New Functions Patch from Nikos Mon, 26 Sep 2011 00:13:55 GMT Dash Shendy [9a9bc1e] * src/gnutls_io.c (modified) Added fix for unclean shutdowns, we're now ignoring SIGPIPE Signals Tue, 20 Sep 2011 05:28:25 GMT Dash Shendy [7c05ed1] * include/mod_gnutls.h.in (modified) * src/mod_gnutls.c (modified) Fix Compilation Warnings Tue, 20 Sep 2011 05:02:54 GMT Dash Shendy [7f1b026] * src/Makefile.am (modified) Remove Lua Source file Tue, 20 Sep 2011 03:58:43 GMT Dash Shendy [e183628] * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) * src/mod_gnutls.c (modified) Updated Copyright Headers & Formatting Tue, 20 Sep 2011 03:39:58 GMT Dash Shendy [6223319] * src/mod_gnutls.c (modified) Remove More Legacy LUA Code Tue, 20 Sep 2011 03:38:39 GMT Dash Shendy [443b18e] * src/gnutls_config.c (modified) Remove Legacy LUA Code Tue, 20 Sep 2011 02:25:46 GMT Dash Shendy [485d28e] * Makefile.am (modified) * include/mod_gnutls.h.in (modified) * src/Makefile.am (modified) * src/gnutls_cache.c (modified) * src/gnutls_io.c (modified) * src/gnutls_lua.c (deleted) Major Legacy Code Cleanup Fri, 08 Jul 2011 21:30:33 GMT Dash Shendy [8fffed1] * include/mod_gnutls.h.in (modified) * src/gnutls_io.c (modified) Compilation Fixups Signed-off-by: Dash Shendy Fri, 08 Jul 2011 21:04:16 GMT Dash Shendy [60cf11c] * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) Proxy (TLS termination) patch Signed-off-by: Dash Shendy ... Fri, 08 Jul 2011 20:55:17 GMT Dash Shendy [b4a875b] * src/gnutls_io.c (modified) EOC Bucket Infinite Loop Bugfix Signed-off-by: Dash Shendy ... Tue, 16 Nov 2010 14:05:30 GMT Nikos Mavrogiannopoulos [b59327c] * NEWS (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) GnuTLSCache can now take a single argument (none). Mon, 25 Oct 2010 19:21:04 GMT Nikos Mavrogiannopoulos [e02dd8c] * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) * src/gnutls_lua.c (modified) * src/mod_gnutls.c (modified) indented code Fri, 24 Sep 2010 07:12:37 GMT Nikos Mavrogiannopoulos [62def2f] * src/gnutls_io.c (modified) reduced warning level of TLS errors. Fri, 24 Sep 2010 06:51:52 GMT Nikos Mavrogiannopoulos [d8c7cf4] * NEWS (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) Only allow two options for DB. Berkeley DB and gdbm. The other ... Thu, 23 Sep 2010 07:35:27 GMT Nikos Mavrogiannopoulos [771ca63] * NEWS (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) The GnuTLSCache variable now can be given the specific option "sdbm" ... Wed, 22 Sep 2010 06:05:48 GMT Nikos Mavrogiannopoulos [7ce01c9] * NEWS (modified) * src/gnutls_io.c (modified) Corrected behavior in Keep-Alive connections (do not terminate the ... Wed, 18 Aug 2010 18:41:36 GMT Nikos Mavrogiannopoulos [368b574] * src/gnutls_hooks.c (modified) * src/gnutls_io.c (modified) Safer usage of session variable to prevent segmentation faults on ... Fri, 02 Jul 2010 13:15:52 GMT Nikos Mavrogiannopoulos [7fec961] * src/gnutls_hooks.c (modified) Depend on libgnutls for the activation and expiration time checks. Fri, 02 Jul 2010 13:04:15 GMT Nikos Mavrogiannopoulos [bca274d] * NEWS (modified) * src/gnutls_config.c (modified) Session tickets are enabled by default. Thu, 01 Jul 2010 01:09:56 GMT Nikos Mavrogiannopoulos [ae233c2] * NEWS (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) Added option to turn on/off session tickets. Thu, 01 Jul 2010 00:47:51 GMT Nikos Mavrogiannopoulos [03a9a6b] * NEWS (modified) * src/gnutls_cache.c (modified) * src/gnutls_config.c (modified) Force SDBM. Wed, 30 Jun 2010 20:18:48 GMT Nikos Mavrogiannopoulos [3928f79] * src/gnutls_hooks.c (modified) More libgcrypt fixes. Wed, 30 Jun 2010 18:16:35 GMT Nikos Mavrogiannopoulos [0499540] * include/mod_gnutls.h.in (modified) * src/gnutls_hooks.c (modified) Use libgcrypt calls only if gnutls is older than 2.11.0 Sun, 27 Jun 2010 19:13:18 GMT Nikos Mavrogiannopoulos [2b29da0] * NEWS (modified) * src/gnutls_cache.c (modified) Check the cache DB every 15 minutes instead of checking on every write. Sun, 27 Jun 2010 19:06:15 GMT Nikos Mavrogiannopoulos [622abdd] * src/gnutls_cache.c (modified) open the database as readonly when fetching. Sun, 27 Jun 2010 18:10:12 GMT Nikos Mavrogiannopoulos [8e98518] * src/gnutls_hooks.c (modified) properly initialize variable. Sun, 27 Jun 2010 17:55:53 GMT Nikos Mavrogiannopoulos [ed07ddf] * src/gnutls_hooks.c (modified) Added support for session tickets. Mon, 15 Mar 2010 20:48:49 GMT Nokis Mavrogiannopoulos [9085f5b] * NEWS (modified) * configure.ac (modified) * src/gnutls_io.c (modified) Corrected issue with firefox and long post data (had to do with read ... Tue, 21 Jul 2009 20:46:13 GMT Nokis Mavrogiannopoulos [dcf1118] * src/gnutls_io.c (modified) On connection termination be polite and send a bye (common handling ... Tue, 21 Jul 2009 18:42:44 GMT Nokis Mavrogiannopoulos [daf3dc9] * src/gnutls_io.c (modified) removed APR_BUCKET_IS_EOS. Doesn't seem appropriate at this point. Mon, 20 Jul 2009 21:14:37 GMT Nokis Mavrogiannopoulos [1d48b0a] * src/gnutls_io.c (modified) More fixes related to bug #102 Mon, 20 Jul 2009 21:08:39 GMT Nokis Mavrogiannopoulos [67101aa] * src/gnutls_hooks.c (modified) Applied patch of jmdesp that allows certificate lists by client. Mon, 20 Jul 2009 20:39:22 GMT Nokis Mavrogiannopoulos [c05a8bb] * src/gnutls_io.c (modified) only call gnutls_bye on non null gnutls session. Tue, 30 Jun 2009 18:42:11 GMT Nokis Mavrogiannopoulos [c38a4e9] * src/gnutls_hooks.c (modified) Avoid requesting certificate from client when we already have it. ... Tue, 30 Jun 2009 18:37:28 GMT Nokis Mavrogiannopoulos [1c90c18] * src/gnutls_hooks.c (modified) Applied patch by AlainKnaff to correctly verify certificates per ... Tue, 30 Jun 2009 18:14:23 GMT Nokis Mavrogiannopoulos [377a900] * src/gnutls_hooks.c (modified) set srp username to empty string. Solves ... Tue, 30 Jun 2009 18:08:22 GMT Nokis Mavrogiannopoulos [a601e7d] * src/gnutls_io.c (modified) Try to avoid bug http://issues.outoforder.cc/view.php?id=102 Tue, 30 Jun 2009 18:02:38 GMT Nokis Mavrogiannopoulos [f7a7d66] * src/gnutls_hooks.c (modified) Allow openpgp certificates that have infinite expiration time. ... Tue, 30 Jun 2009 17:12:19 GMT Nokis Mavrogiannopoulos [7e67487] * include/mod_gnutls.h.in (modified) * src/gnutls_cache.c (modified) Applied patch to allow building with Apache 2.4. Patch by Arfrever ... Sat, 13 Jun 2009 15:00:34 GMT Nokis Mavrogiannopoulos [0e13d67] * src/gnutls_io.c (modified) do not try to send empty packs using TLS. This this has a special ... Thu, 21 May 2009 18:48:34 GMT Nokis Mavrogiannopoulos [7ef38d4] * src/gnutls_config.c (modified) if private key import fails try as pkcs8 key. Sat, 24 Jan 2009 17:47:18 GMT Nokis Mavrogiannopoulos [8663ace] * NEWS (modified) * include/mod_gnutls.h.in (modified) * src/gnutls_config.c (modified) removed limit on ca certificates' number Sun, 04 Jan 2009 15:52:40 GMT Nokis Mavrogiannopoulos [56f3628] * src/gnutls_hooks.c (modified) Added patch to fix issue with mod_proxy. Investigation and patch by ... Sun, 02 Nov 2008 13:22:51 GMT Nokis Mavrogiannopoulos [1a53be1] * src/gnutls_hooks.c (modified) APLOG_EMERG was replaced with APLOG_STARTUP for startup messages. Thu, 16 Oct 2008 18:55:45 GMT Nokis Mavrogiannopoulos [0106b25] * src/gnutls_io.c (modified) increased max handshake tries Wed, 01 Oct 2008 16:06:35 GMT Nokis Mavrogiannopoulos [52149ee] * src/gnutls_hooks.c (modified) Allow openpgp-only sites Wed, 01 Oct 2008 16:01:42 GMT Nokis Mavrogiannopoulos [a208cd3] * src/gnutls_hooks.c (modified) better logging Wed, 01 Oct 2008 15:50:40 GMT Nokis Mavrogiannopoulos [26b08fd] * README (modified) * src/gnutls_hooks.c (modified) updated README file to account for openpgp keys --patch by Jack Bates Sun, 14 Sep 2008 16:40:15 GMT Nokis Mavrogiannopoulos [4fb2b3c] * src/gnutls_io.c (modified) use memmove instead of memcpy because buffers might overlap. Sun, 14 Sep 2008 14:08:52 GMT Nokis Mavrogiannopoulos [df34f08] * src/gnutls_hooks.c (modified) added check for invalid context Sun, 29 Jun 2008 19:31:37 GMT Nokis Mavrogiannopoulos [1897a1c] * NEWS (modified) * configure.ac (modified) * m4/libgnutls.m4 (modified) * src/gnutls_hooks.c (modified) depend on main libgnutls library (and gnutls 2.4.x) Wed, 05 Mar 2008 18:03:06 GMT Nokis Mavrogiannopoulos [1812f72] * src/gnutls_cache.c (modified) send database store failure as DEBUG Mon, 03 Mar 2008 14:04:01 GMT Nokis Mavrogiannopoulos [b072204] * autogen.sh (modified) * configure.ac (modified) * src/gnutls_cache.c (modified) * src/mod_gnutls.c (modified) corrected SRP enable flag, and corrected the DBM hook support. It now ... Wed, 20 Feb 2008 19:50:09 GMT Nokis Mavrogiannopoulos [787dab7] * configure.ac (modified) * src/gnutls_config.c (modified) * src/gnutls_hooks.c (modified) * src/mod_gnutls.c (modified) added option to disable srp (for distributions that disable it in gnutls)