source: mod_gnutls/src

Revision Log Mode:


Legend:

Added
Modified
Copied or renamed
Diff Rev Age Author Log Message
(edit) @7d2123d   5 years thomas2.klute Log errors while loading proxy certificate trust list The way the … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @6bbc00a   5 years thomas2.klute Check hostname of proxy back end server against certificate … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @0de1839   5 years thomas2.klute Support X.509 auth for TLS proxy connections This commit adds support … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @b324906   5 years thomas2.klute Merge branch 'client-verify-fix' into tls-proxy Most importantly, … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @5a8a32b   5 years thomas2.klute TLS Client auth: Check server verify mode if unset for dir The … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @b429e4c   5 years thomas2.klute Cleanup handler for proxy TLS connections When handling client … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @d7a8286   5 years thomas2.klute Remove debug log messages for allocating connection config memory … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @265eafc   5 years thomas2.klute gnutls_io.c: Log connection start/end and unusual input filter events … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @4261999   5 years thomas2.klute gnutls_io_input_read: Retry gnutls_record_recv if necessary While … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @398d1a0   5 years thomas2.klute Improved logging for gnutls_io_input_read * Log if something tried to … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @4fefa39   5 years thomas2.klute src/gnutls_io.c: Reformat gnutls_io_filter_error for readability No … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @beb14d9   5 years thomas2.klute Proof of concept: Support for proxy back end connections using TLS … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @c1ef069   5 years thomas2.klute Record if a connection is a proxy connection When handling a proxy … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @5342265   5 years thomas2.klute Close last for loop in mgs_find_sni_server The closing brace for the … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @07d548d   5 years thomas2.klute Properly use SSLProxyEngine option ssl_proxy_enable now checks if … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @accbb83   5 years thomas2.klute mod_gnutls.c: Whitespace and line break fixes debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @c782c1f   5 years thomas2.klute Don't do global deinit when disabling TLS for a proxy back end … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @e8acf05   5 years thomas2.klute Enable/disable TLS per connection in ssl_engine_disable Previously, … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @e4b58b6   5 years thomas2.klute Check error codes during GnuTLS connection init These calls shouldn't … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @3d361b8   5 years thomas2.klute Check if filters exist before removing them in ssl_engine_disable … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @64dadf8   5 years thomas2.klute Use proper GNUTLS_ENABLED_* macros in SSL proxy functions debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @fd82e59   6 years dkg use strict compiler arguments by default (-Wall -Werror -Wextra) … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @765cac2   6 years dkg clean up MGS_SIDE abuse of apr_pstrcat We were allocating twice as … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @2aaf4f5   6 years dkg implement GnuTLSExportCertificates control over max exported cert size … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @55dc3f0   6 years dkg Make Apache 2.4 display the correct module in error logs debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @83eafed   6 years dkg avoid a very unlikely NULL dereference debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @4ec9183   6 years dkg Include GnuTLS version as additional version component in Server … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @46de753   6 years dkg fix build against GnuTLS 2.12.x debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @671b64f   6 years dkg remove all trailing whitespace debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @9720026   6 years dkg silly newline cleanup debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @5674676   6 years dkg add SSL_DH_PRIME_BITS to expose the size of the DH modulus to CGI debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @b4739cd   6 years dkg display some information in mod_status debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @b55bf71   6 years dkg accept the e-mail address in the cert Subject if no sAN e-mail is present debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @a01f8ab   6 years dkg upgrade to libmsv 0.1 API debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @832182b   6 years dkg extracting the user ID from a certificate cleanly. debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @5c0d491   6 years dkg MSVA: successful communication between apache and the agent This is … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @07889ab   6 years dkg MSVA: some initial framework debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @cf2b905   6 years dkg MSVA: document and parse GnuTLSClientVerifyMethod directive The … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @6bb2474   7 years dkg Changed Default Export Of Full PEM Certificates To FALSE This matches … debian/masterdebian/stretch-backportsjessie-backportsupstream
(edit) @b1c2b01   7 years dkg avoid a segfault if no X.509 certificates are present during vhost_cb debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @7d1ab49   7 years dkg restore GnuTLSExportCertificate directive It looks to me like this … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @c0dd3ab   7 years dkg avoid invoking gnutls_transport_get_ptr on a NULL session debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @b668622   7 years dkg Do not override the configured GnuTLS priority string. This fixes … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @8985a6b   7 years dkg allow certificate use for clients without SNI The test removed here … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @9ecd212   7 years dkg avoid embedding extra/unnecessary newlines in logs debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @932b68e   7 years dkg Check for the version of GnuTLS we built against debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @cb5188f   7 years dkg fatal library initialization error logs should be at APLOG_EMERG … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @421ef1c   7 years dkg deal responsibly with grave failures in pre_config hook If a … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @929d313   7 years dkg avoid use-after-free in mgs_set_key_file() debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @480aba1   7 years dkg correct context terminology for GnuTLSCache configurations "global … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @040387c   7 years dkg server-wide settings should be defaults unless overridden in a vhost … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @2d0f6cf   7 years dkg initialize members by name, for better clarity debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @8400c2e   7 years dkg properly document the GnuTLSCache directive debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @369f47a   7 years dkg avoid calling gnutls_srp_server_get_username() unless SRP is configured debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @b8df283   7 years dkg use gnutls_datum_t instead of the deprecated gnutls_datum debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @2b76a9c   7 years dkg X.509 certificates are ordered EE first (see … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @6055aff   7 years dkg warn if the server hostname cannot be found in the certificate debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @e2b936e   7 years dkg no longer using first_run since 31645b2ad; remove it debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @422f5b7   7 years dkg report an error if the attempt to chown the dbm session cache fails debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @3b4c0d0   7 years neuromancer * Added Comments to Header Structures * Refactored the following: … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @8c03808   7 years neuromancer Removed Obselete Configuration Directives: - GnuTLSRSAFile - … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @cb60afc   7 years neuromancer Bugfix: check_server_aliases() Signed-off-by: Dash Shendy … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @e3d36c7   7 years neuromancer Fixed conditional ServerAlias? names' & wildcards' matching … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @14d718f   7 years neuromancer Added support for wildcards in ServerAlias? configuration directive … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @9ee0464   7 years neuromancer Compilation Errors Cleanup Signed-off-by: Dash Shendy … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @37f8282   8 years neuromancer mod_proxy support continued Signed-off-by: Dash Shendy … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @33826c5   8 years neuromancer mod_proxy support debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @da8c2fe   8 years neuromancer Debug logging fix up debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @74f798f   8 years neuromancer Added Debug logging and user warning for not spec. DH Params debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @fe42bfb   8 years neuromancer Compilation Warnings Fixup debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @410d216   8 years neuromancer Generate DH params instead of using the static ones debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @b3eb741   8 years neuromancer Removed Obselete static const int protocol_priority[] debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @0cfcbf3   8 years neuromancer Removed DEBUGLOG debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @b7098b2   8 years neuromancer ServerAlias? Directive Fix (For Apache 2.0.x) debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @8581fac   8 years neuromancer Compilation Errors Fixup debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @8764d0d   8 years neuromancer ServerAlias? Directive Fix debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @d2ee1a1   8 years neuromancer Removed obselete function gnutls_certificate_server_set_retrieve_function() debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @cf10d49   8 years neuromancer Added new definition for function cert_retrieve_fn() debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @d0be765   8 years neuromancer Added some comments debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @9180a60   8 years neuromancer Applied New Functions Patch from Nikos debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @9a9bc1e   8 years neuromancer Added fix for unclean shutdowns, we're now ignoring SIGPIPE Signals debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @7c05ed1   8 years neuromancer Fix Compilation Warnings debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @7f1b026   8 years neuromancer Remove Lua Source file debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @e183628   8 years neuromancer Updated Copyright Headers & Formatting debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @6223319   8 years neuromancer Remove More Legacy LUA Code debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @443b18e   8 years neuromancer Remove Legacy LUA Code debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @485d28e   8 years neuromancer Major Legacy Code Cleanup debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @8fffed1   8 years neuromancer Compilation Fixups Signed-off-by: Dash Shendy <neuromancer@…> debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @60cf11c   8 years neuromancer Proxy (TLS termination) patch Signed-off-by: Dash Shendy … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @b4a875b   8 years admin EOC Bucket Infinite Loop Bugfix Signed-off-by: Dash Shendy … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @b59327c   9 years nmav GnuTLSCache can now take a single argument (none). debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @e02dd8c   9 years nmav indented code debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @62def2f   9 years nmav reduced warning level of TLS errors. debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @d8c7cf4   9 years nmav Only allow two options for DB. Berkeley DB and gdbm. The other options … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @771ca63   9 years nmav The GnuTLSCache variable now can be given the specific option "sdbm" … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @7ce01c9   9 years nmav Corrected behavior in Keep-Alive connections (do not terminate the … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @368b574   9 years nmav Safer usage of session variable to prevent segmentation faults on … debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @7fec961   9 years nmav Depend on libgnutls for the activation and expiration time checks. debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @bca274d   9 years nmav Session tickets are enabled by default. debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
(edit) @ae233c2   9 years nmav Added option to turn on/off session tickets. debian/masterdebian/stretch-backportsjessie-backportsmsvaupstream
Note: See TracRevisionLog for help on using the revision log.