source: mod_gnutls/src

Revision Log Mode:


Legend:

Added
Modified
Copied or renamed
Diff Rev Age Author Log Message
(edit) @3aff94d   22 months fiona.klute Include cache status in mod_status reports debian/masterproxy-ticket
(edit) @04753db8   22 months fiona.klute Require Host header to match SNI hostname (if any) This is a … debian/masterproxy-ticket
(edit) @a14cf5c   22 months fiona.klute Store SNI hostname in mod_gnutls' connection context debian/masterproxy-ticket
(edit) @de3fad3   22 months fiona.klute Require handshake and request to use the same server The new check … debian/masterproxy-ticket
(edit) @15368a4   22 months fiona.klute Improve log messages for PKCS #11 provider loading debian/masterproxy-ticket
(edit) @8273683   22 months fiona.klute Fix port numbers for vhosts in post_config log messages debian/masterproxy-ticket
(edit) @469861a   23 months fiona.klute Enable session tickets in the post client hello hook With this … debian/masterproxy-ticket
(edit) @bac1a32   23 months fiona.klute Order, log message, and style fixes debian/masterproxy-ticket
(edit) @fdd3bf0   23 months fiona.klute Enable session tickets by default if GnuTLS version >= 3.6.4 GnuTLS … debian/masterproxy-ticket
(edit) @bd2b48b   23 months fiona.klute Immediately retry on EINTR or EAGAIN for blocking receive Proxy TLS … debian/masterproxy-ticket
(edit) @78d75ac   23 months fiona.klute Use the right cache config string in cache trace logs debian/masterproxy-ticket
(edit) @0d7660d   23 months fiona.klute Provide a default path for the default OCSP cache debian/masterproxy-ticket
(edit) @60868d2   23 months fiona.klute Default to NORMAL for the GnuTLS priority settings This simplifies … debian/masterproxy-ticket
(edit) @72b669e   23 months fiona.klute Refuse to send or receive over a failed TLS connection On a failed … debian/masterproxy-ticket
(edit) @adceac0   23 months fiona.klute Remove unneeded server variables "cert_cn" and "cert_san" "cert_san" … debian/masterproxy-ticket
(edit) @cb6476c   23 months fiona.klute Enable OCSP stapling by default if possible If the user hasn't … debian/masterproxy-ticket
(edit) @efc43b4   23 months fiona.klute Split per-vhost post config for OCSP stapling into configuring and … debian/masterproxy-ticket
(edit) @994200a   23 months fiona.klute Set up shmcb OCSP cache by default The shmcb socache doesn't require … debian/masterproxy-ticket
(edit) @3358887   2 years fiona.klute Assign cache configuration to server only if successful The sc->cache … debian/masterproxy-ticket
(edit) @eced11a   2 years fiona.klute Remove server variable ocsp_cache_enable There is no need to … debian/masterproxy-ticket
(edit) @92b5f4d   2 years fiona.klute Use the OCSP cache for responses debian/masterproxy-ticket
(edit) @babdb29   2 years fiona.klute Initialize and clean up the OCSP cache, following session cache patterns debian/masterproxy-ticket
(edit) @d036f96   2 years fiona.klute Add configuration directive GnuTLSOCSPCache (no-op for now) First … debian/masterproxy-ticket
(edit) @2d454a2   2 years fiona.klute Macro for session cache name debian/masterproxy-ticket
(edit) @72377cf   2 years fiona.klute Always set SSL_COMPRESS_METHOD=NULL with GnuTLS >= 3.6.0 Compression … debian/masterproxy-ticket
(edit) @ce5f776   2 years fiona.klute Move config and post_config of a cache instance to separate functions … debian/masterproxy-ticket
(edit) @5ab2868   2 years fiona.klute Remove unused server variable The mgs_srvconf_rec.non_ssl_request … debian/masterproxy-ticket
(edit) @f52f1b4   2 years fiona.klute Allow GnuTLSCacheTimeout in virtual host config I'm not sure if … debian/masterproxy-ticket
(edit) @d8d6b1e   2 years fiona.klute Reallocate buffer to data size after fetching from socache There is … debian/masterproxy-ticket
(edit) @a314ec9   2 years fiona.klute Store config pointer in struct mgs_cache for logging This way the … debian/masterproxy-ticket
(edit) @b94aee2   2 years fiona.klute Remove internal cache type enum The cache type is now transparently … debian/masterproxy-ticket
(edit) @adf36c3   2 years fiona.klute Update documentation in gnutls_cache.c debian/masterproxy-ticket
(edit) @41f9bcb   2 years fiona.klute Use cache parameter in mgs_cache_store() and mgs_cache_fetch() The … debian/masterproxy-ticket
(edit) @ded2291   2 years fiona.klute Switch generic cache store/fetch function pointers to constant … debian/masterproxy-ticket
(edit) @6bbd378   2 years fiona.klute Remove special handling for APR memcache and leftover includes debian/masterproxy-ticket
(edit) @0363315   2 years fiona.klute Use cache mutex only if socache provider is not multiprocess/thread safe debian/masterproxy-ticket
(edit) @14a6f41   2 years fiona.klute Check for a cache during OCSP setup debian/masterproxy-ticket
(edit) @de1ceab   2 years fiona.klute Replace internal cache implementation with mod_socache Massively … debian/masterproxy-ticket
(edit) @0470e44   2 years fiona.klute Support common socache "type:config" style for GnuTLSCache directive debian/masterproxy-ticket
(edit) @7921dc7   2 years fiona.klute Remove OpenPGP authentication OpenPGP authentication was removed from … debian/masterproxy-ticket
(edit) @2246a84   2 years fiona.klute Make automatic OCSP cache updates and fuzz time configurable debian/masterproxy-ticket
(edit) @fa6d0bb   2 years fiona.klute Initialize OCSP stapling only if mod_gnutls is enabled for a virtual … debian/masterproxy-ticket
(edit) @f233a23   2 years fiona.klute Logic for fuzzy OCSP update timing If a server has a lot of virtual … debian/masterproxy-ticket
(edit) @3d30543   2 years fiona.klute Write failure cache entries from asynchronous OCSP updates This … debian/masterproxy-ticket
(edit) @61e802c   2 years fiona.klute Simplify mgs_async_ocsp_update Always use OCSP mutex for updates, … debian/masterproxy-ticket
(edit) @3c475e0   2 years fiona.klute Ensure that mod_gnutls child_init runs before mod_watchdog's Our … debian/masterproxy-ticket
(edit) @103cafa   2 years fiona.klute Remove extra "OCSP failed" log entry while writing failure to cache … debian/masterproxy-ticket
(edit) @a85de63   2 years fiona.klute Make cache_fetch_func work without a connection context This is … debian/masterproxy-ticket
(edit) @c34a68b   2 years fiona.klute dbm_cache_fetch: Prepare for signature without connection context … debian/masterproxy-ticket
(edit) @3656df0   2 years fiona.klute mgs_cache_ocsp_failure: Make expiry timeout an argument A failure … debian/masterproxy-ticket
(edit) @6945efb   2 years fiona.klute mc_cache_fetch: Don't require a connection context debian/masterproxy-ticket
(edit) @3381559   2 years fiona.klute Adjust intervals for async OCSP updates based on cache expiry or failure debian/masterproxy-ticket
(edit) @0cdfb19   2 years fiona.klute Documentation for mgs_new_singleton_watchdog debian/masterproxy-ticket
(edit) @a467635   2 years fiona.klute Enable asynchronous OCSP updates Asynchronous updates are always … debian/masterproxy-ticket
(edit) @506e64a   2 years fiona.klute Optionally return cache expiry time when caching an OCSP response … debian/masterproxy-ticket
(edit) @0e3f8c6   2 years fiona.klute Create module-wide singleton watchdog during post_config debian/masterproxy-ticket
(edit) @4aa63a4   2 years fiona.klute Infrastructure for mod_watchdog support Asynchronous OCSP cache … debian/masterproxy-ticket
(edit) @3c123cd   2 years fiona.klute Update my name, prepare changelog for the next release debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @9cee2e9   2 years fiona.klute Support ALPN (required for secure HTTP/2) debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @2f10643   2 years fiona.klute Consider secondary connections (like mod_http2 streams) in hooks … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @e7cf823   2 years fiona.klute Add process_connection hook, adjust hook order for mod_http2 … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @4cdd4fd   2 years fiona.klute Implement ssl_var_lookup function (subset of mod_ssl implementation) … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @23e98b3   2 years fiona.klute Implement ssl_engine_set as introduced by mod_ssl in Apache 2.4.33 debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @235e109   2 years fiona.klute Unify initialization of mod_gnutls connection context debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @fe21671   3 years thomas2.klute ssl_engine_disable(): Remove mod_gnutls filters, not first in chain debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @1de1026   3 years thomas2.klute mgs_get_ocsp_response(): Separate mgs_srvconf_rec* variable for … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @994a5fb   3 years thomas2.klute Do not reconfigure OCSP status callback on each connection The … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @54d07a1   3 years thomas2.klute Do not announce (unused) session ticket support on proxy connections … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @265159d   3 years thomas2.klute Send SNI for proxy connections debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @98cf33f   3 years thomas2.klute Rewrite SNI handler to accept long names and ignore unknown name types … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @017ef2d   3 years thomas2.klute Cleanup of post client hello and SNI handling functions * Get module … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @cebb74a   3 years thomas2.klute Remove broken SNI/session resumption workaround By specification, the … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @e389b85   3 years thomas2.klute Remove obsolete global GnuTLS (de)init calls These calls have been … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @f4deac5   3 years thomas2.klute Warn users about OpenPGP deprecation OpenPGP support has been … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @a2b4ab6   3 years thomas2.klute Use GnuTLS known DH parameters If the user does not configure the DH … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @92ac36e   3 years thomas2.klute Remove dead code in DH parameters setup The dh_params variable in … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @4f7edd5   3 years thomas2.klute Remove log for mutex creation errors (core logs them at emergency level) debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @5ac4bbe   4 years thomas2.klute Use APR_SIZE_T_FMT macro for portable apr_size_t formatting The size … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @08b821a   4 years thomas2.klute gnutls_io.c: API documentation debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @104e881   4 years thomas2.klute General comment updates for Doxygen compatibility Mostly /* */ vs. … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @14548b9   4 years thomas2.klute Update comments in gnutls_cache.(c|h) to work with Doxygen debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @e1c094c   4 years thomas2.klute Replace GnuTLSOCSPGraceTime with GnuTLSOCSPCacheTimeout Configuring a … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @b888e8b   4 years thomas2.klute New directive GnuTLSOCSPCheckNonce Some CAs refuse to send nonces in … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @3475e62   4 years thomas2.klute Remove EXPERIMENTAL mark for OCSP from internal documentation debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @c39ae1a   4 years thomas2.klute Initialize OCSP timeouts with an "unset" value The configuration … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @ef107fd   4 years thomas2.klute Remove TODO for OCSP requests without nonces Ideally all OCSP … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @0a02378   4 years thomas2.klute Style fixes for OCSP related time differences * Consistently use … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @333bbc7   4 years thomas2.klute Configurable OCSP socket timeout Stalled OCSP requests must time out … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @c6dda6d   4 years thomas2.klute Rate limit OCSP requests Retries after failed OCSP requests must be … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @d26fa55   4 years thomas2.klute Allow GnuTLSOCSPGraceTime in virtual host context mgs_set_timeout … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @3f0b470   4 years thomas2.klute Macro for the OCSP socket timeout debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @8a0da86   4 years thomas2.klute Adjust log levels for OCSP cache updates debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @9c456a9   4 years thomas2.klute Clean up cache logging * Demote ordinary cache store/fetch operations … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @e9ef72c   4 years thomas2.klute Disable GnuTLSSessionTickets by default as described in handbook The … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @f1147b6   4 years thomas2.klute OCSP post config: Ensure OCSP URI or response file are set If the … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @ef06c74   4 years thomas2.klute Compatibility code for GCC version < 5 The builtin_add_overflow() … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @ac3f500   4 years thomas2.klute Compatibility code for GnuTLS version < 3.4 * gnutls_memset() is not … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @87d507b   4 years thomas2.klute Overwrite session ticket key before releasing it Private key material … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @78b75b3   4 years thomas2.klute Restore GnuTLSOCSPResponseFile option Using an externally updated … debian/masterdebian/stretch-backportsproxy-ticketupstream
(edit) @4d4a406   4 years thomas2.klute New config option: GnuTLSOCSPStapling This flag option … debian/masterdebian/stretch-backportsproxy-ticketupstream
Note: See TracRevisionLog for help on using the revision log.