Context Navigation

source: mod_gnutls/src

Legend:

: Added
: Modified
: Copied or renamed

	Rev	Age	Author	Log Message
(edit)	@a9fa300	7 years	thomas2.klute	Set GnuTLS session errno on all error paths in mgs_transport_read() asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@6868585	7 years	thomas2.klute	Remove unnecessary session pointer check The transport functions are … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@be41ee4	7 years	thomas2.klute	Set GnuTLS session errno on errors in mgs_transport_write() Sunil … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@8ac7c0d	7 years	thomas2.klute	Register "ssl_is_https" function for compatibility with mod_rewrite … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@bc539d5	7 years	thomas2.klute	Implement short message for mod_status reports Until now the flags … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@600cf16	7 years	thomas2.klute	mgs_status_hook: Remove code for GnuTLS versions < 3 mod_gnutls … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@73b0bf0	7 years	thomas2.klute	mgs_filter_input: Use APR_STATUS_IS macros instead of integer comparison asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@a2368a4	7 years	thomas2.klute	Use TLS session cleanup hook for all connection pools If a TLS … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@2ceb836	7 years	thomas2.klute	Update log messages on session termination (cleanup_gnutls_session, … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@401a0de	7 years	thomas2.klute	Close TLS session on EOF in input filter If the input filter receives … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@f5a36ee	7 years	thomas2.klute	Pass EAGAIN/EINTR from gnutls_io_input_read to input filter … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@02a6a18	7 years	thomas2.klute	gnutls_io.c: Don't mix EAGAIN and EINTR in mgs_transport_read … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@dff03fa	8 years	thomas2.klute	Configure C99 mode Variable declarations in for loops improve code … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@9ca1f21	8 years	thomas2.klute	Allow loading more than one PKCS #11 module using GnuTLSP11Module … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@88df24d	8 years	thomas2.klute	Replace "SSL" with "TLS" in config directive descriptions asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@176047e	8 years	thomas2.klute	Use AP_INIT_FLAG for On/Off? config directives Letting the Apache … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@7764015	8 years	thomas2.klute	Update GnuTLSP11Module documentation for stricter semantics asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@746e993	8 years	thomas2.klute	Formatting fix for PKCS #11 module loading asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@f21d2a6	8 years	thomas2.klute	Changed the semantics of GnuTLSP11Module That setting instructs … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@efd3cfe	8 years	thomas2.klute	Whitespace fix in gnutls_hooks.c asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@99f8375	8 years	thomas2.klute	Ensure safe defaults during client verification Initialize the … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@dfd5837	8 years	thomas2.klute	Log possible error messages from gnutls_bye asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@ee687ab	8 years	thomas2.klute	Update README and post-install documentation hint asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@e021722	8 years	thomas2.klute	Update copyright headers for Nikos Mavrogiannopoulos' PKCS #11 patch … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@e391197	8 years	thomas2.klute	Update copyright headers for C source asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@a2e3c33	8 years	thomas2.klute	Rename option SSLProxyEngine to GnuTLSProxyEngine This matches the … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@e765670	8 years	thomas2.klute	Fix signature of mgs_cache_child_init when building without … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@87f1ed2	8 years	thomas2.klute	Allow loading of an additional PKCS #11 provider library When using … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@4133f2d	8 years	thomas2.klute	Unify argument handling in mgs_set_priorities Just store the argument … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@2cde026d	8 years	thomas2.klute	Merge branch 'new-gnutls-api' Merge my TLS proxy implementation with … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@73f6f12	8 years	thomas2.klute	Check handshake result before logging "TLS connection opened" Without … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@f030883	8 years	thomas2.klute	Set GnuTLS priorities for proxy connections separately Until now, … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@d04f7da	8 years	thomas2.klute	Version guards for gnutls_privkey_import_openpgp_raw workaround The … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@8b472af	8 years	thomas2.klute	Use server root for file paths in TLS proxy config This is what users … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@2cde8111	8 years	thomas2.klute	Workarounds for OpenPGP key handling Commit … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@01b5d85	8 years	thomas2.klute	Merge branch 'client-verify-fix' into new-gnutls-api Merge the fix … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@c4a015b	8 years	thomas2.klute	Merge branch 'split-testsuite' into new-gnutls-api OpenPGP support is … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@259e835	8 years	thomas2.klute	Merge branch 'master' into new-gnutls-api Branch 'master' at this … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@1d9cfaf	8 years	thomas2.klute	gnutls_config.c: Backport function signature changes from master … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@809c422	8 years	thomas2.klute	TLS proxy: Add support for CRLs to back end server verification When … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@bd24203	8 years	thomas2.klute	Explicitly build trust list for proxy connections This change … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@7d2123d	8 years	thomas2.klute	Log errors while loading proxy certificate trust list The way the … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@6bbc00a	8 years	thomas2.klute	Check hostname of proxy back end server against certificate … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@0de1839	8 years	thomas2.klute	Support X.509 auth for TLS proxy connections This commit adds support … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@7314438	8 years	thomas2.klute	Fix whitespace problems detected by git asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@b324906	8 years	thomas2.klute	Merge branch 'client-verify-fix' into tls-proxy Most importantly, … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@5a8a32b	8 years	thomas2.klute	TLS Client auth: Check server verify mode if unset for dir The … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@b429e4c	8 years	thomas2.klute	Cleanup handler for proxy TLS connections When handling client … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@d7a8286	8 years	thomas2.klute	Remove debug log messages for allocating connection config memory … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@265eafc	8 years	thomas2.klute	gnutls_io.c: Log connection start/end and unusual input filter events … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@4261999	8 years	thomas2.klute	gnutls_io_input_read: Retry gnutls_record_recv if necessary While … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@398d1a0	8 years	thomas2.klute	Improved logging for gnutls_io_input_read * Log if something tried to … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@4fefa39	8 years	thomas2.klute	src/gnutls_io.c: Reformat gnutls_io_filter_error for readability No … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@beb14d9	8 years	thomas2.klute	Proof of concept: Support for proxy back end connections using TLS … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@c1ef069	8 years	thomas2.klute	Record if a connection is a proxy connection When handling a proxy … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@5342265	8 years	thomas2.klute	Close last for loop in mgs_find_sni_server The closing brace for the … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@07d548d	8 years	thomas2.klute	Properly use SSLProxyEngine option ssl_proxy_enable now checks if … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@accbb83	8 years	thomas2.klute	mod_gnutls.c: Whitespace and line break fixes asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@c782c1f	8 years	thomas2.klute	Don't do global deinit when disabling TLS for a proxy back end … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@e8acf05	8 years	thomas2.klute	Enable/disable TLS per connection in ssl_engine_disable Previously, … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@e4b58b6	8 years	thomas2.klute	Check error codes during GnuTLS connection init These calls shouldn't … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@3d361b8	8 years	thomas2.klute	Check if filters exist before removing them in ssl_engine_disable … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@64dadf8	8 years	thomas2.klute	Use proper GNUTLS_ENABLED_* macros in SSL proxy functions asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@031acac	9 years	nmav	Use the new (3.1.3+) GnuTLS APIs to obtain private keys. This allows … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@fd82e59	9 years	dkg	use strict compiler arguments by default (-Wall -Werror -Wextra) … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@765cac2	9 years	dkg	clean up MGS_SIDE abuse of apr_pstrcat We were allocating twice as … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@2aaf4f5	9 years	dkg	implement GnuTLSExportCertificates control over max exported cert size … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@55dc3f0	9 years	dkg	Make Apache 2.4 display the correct module in error logs asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@83eafed	9 years	dkg	avoid a very unlikely NULL dereference asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@4ec9183	9 years	dkg	Include GnuTLS version as additional version component in Server … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@46de753	9 years	dkg	fix build against GnuTLS 2.12.x asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@671b64f	9 years	dkg	remove all trailing whitespace asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@9720026	9 years	dkg	silly newline cleanup asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@5674676	9 years	dkg	add SSL_DH_PRIME_BITS to expose the size of the DH modulus to CGI asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@b4739cd	9 years	dkg	display some information in mod_status asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@b55bf71	9 years	dkg	accept the e-mail address in the cert Subject if no sAN e-mail is present asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@a01f8ab	9 years	dkg	upgrade to libmsv 0.1 API asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@832182b	9 years	dkg	extracting the user ID from a certificate cleanly. asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@5c0d491	9 years	dkg	MSVA: successful communication between apache and the agent This is … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@07889ab	9 years	dkg	MSVA: some initial framework asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@cf2b905	9 years	dkg	MSVA: document and parse GnuTLSClientVerifyMethod directive The … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@6bb2474	10 years	dkg	Changed Default Export Of Full PEM Certificates To FALSE This matches … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainproxy-ticketupstream
(edit)	@b1c2b01	10 years	dkg	avoid a segfault if no X.509 certificates are present during vhost_cb asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@7d1ab49	10 years	dkg	restore GnuTLSExportCertificate directive It looks to me like this … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@c0dd3ab	10 years	dkg	avoid invoking gnutls_transport_get_ptr on a NULL session asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@b668622	10 years	dkg	Do not override the configured GnuTLS priority string. This fixes … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@8985a6b	10 years	dkg	allow certificate use for clients without SNI The test removed here … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@9ecd212	10 years	dkg	avoid embedding extra/unnecessary newlines in logs asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@932b68e	10 years	dkg	Check for the version of GnuTLS we built against asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@cb5188f	10 years	dkg	fatal library initialization error logs should be at APLOG_EMERG … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@421ef1c	10 years	dkg	deal responsibly with grave failures in pre_config hook If a … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@929d313	10 years	dkg	avoid use-after-free in mgs_set_key_file() asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@480aba1	10 years	dkg	correct context terminology for GnuTLSCache configurations "global … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@040387c	10 years	dkg	server-wide settings should be defaults unless overridden in a vhost … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@2d0f6cf	10 years	dkg	initialize members by name, for better clarity asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@8400c2e	10 years	dkg	properly document the GnuTLSCache directive asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@369f47a	10 years	dkg	avoid calling gnutls_srp_server_get_username() unless SRP is configured asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@b8df283	10 years	dkg	use gnutls_datum_t instead of the deprecated gnutls_datum asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@2b76a9c	10 years	dkg	X.509 certificates are ordered EE first (see … asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream
(edit)	@6055aff	10 years	dkg	warn if the server hostname cannot be found in the certificate asynciodebian/masterdebian/stretch-backportsjessie-backportsmainmsvaproxy-ticketupstream

Note: See TracRevisionLog for help on using the revision log.

Download in other formats: