Timeline


and

Jun 16, 2016:

6:49 PM Changeset in mod_gnutls [78b75b3]debianupstream by Thomas Klute <thomas2.klute@…>
Restore GnuTLSOCSPResponseFile option Using an externally updated …
6:47 PM Changeset in mod_gnutls [a784735]debianupstream by Thomas Klute <thomas2.klute@…>
Test 27_OCSP_server: Check if gnutls-cli received a stapled OCSP response
6:47 PM Changeset in mod_gnutls [4d4a406]debianupstream by Thomas Klute <thomas2.klute@…>
New config option: GnuTLSOCSPStapling This flag option …
3:37 PM Changeset in mod_gnutls [70d014b]debianupstream by Thomas Klute <thomas2.klute@…>
Remove FIXME comment about releasing config structures: Done!
2:32 PM Changeset in mod_gnutls [b8700b0]debianupstream by Thomas Klute <thomas2.klute@…>
Deinit proxy credentials on config pool cleanup
2:28 PM Changeset in mod_gnutls [02eabe7]debianupstream by Thomas Klute <thomas2.klute@…>
TLS Proxy: Fix memory leak while logging certificate status The …
4:36 AM Changeset in mod_gnutls [f265001]debianupstream by Thomas Klute <thomas2.klute@…>
Bind temporary pool in load_proxy_x509_credentials() to ptemp scope …

Jun 15, 2016:

7:32 PM Changeset in mod_gnutls [7e7d328]debianupstream by Thomas Klute <thomas2.klute@…>
Deinit PGP certificate on config pool cleanup
7:27 PM Changeset in mod_gnutls [44e8944]debianupstream by Thomas Klute <thomas2.klute@…>
Allocate memory for X.509 and PGP certificates only when needed
6:12 PM Changeset in mod_gnutls [eee1432]debianupstream by Thomas Klute <thomas2.klute@…>
Bind temporary pool in mgs_load_files() to ptemp scope Pool 'spool' …
6:02 PM Changeset in mod_gnutls [45b7b83]debianupstream by Thomas Klute <thomas2.klute@…>
Deinit PGP private key and keyring on config pool cleanup
2:20 PM Changeset in mod_gnutls [db9ef68]debianupstream by Thomas Klute <thomas2.klute@…>
Deinit client CA list on config pool cleanup
1:32 PM Changeset in mod_gnutls [81433f1]debianupstream by Thomas Klute <thomas2.klute@…>
Reformat mgs_load_files() This commit changes only whitespace and …
1:32 PM Changeset in mod_gnutls [e2ba939]debianupstream by Thomas Klute <thomas2.klute@…>
Prevent memory leaks in post_conf hook Valgrind indicated memory …

Jun 14, 2016:

6:41 PM Changeset in mod_gnutls [317b569]debianupstream by Thomas Klute <thomas2.klute@…>
Make the response validity period of the test responder configurable
4:57 PM Changeset in mod_gnutls [894efd0]debianupstream by Thomas Klute <thomas2.klute@…>
Check OCSP response nonce
3:38 PM Changeset in mod_gnutls [82745d1]debianupstream by Thomas Klute <thomas2.klute@…>
Fix memory usage issues * Use-after-free of the OCSP request in …
2:40 PM Changeset in mod_gnutls [16ad0eb]debianupstream by Thomas Klute <thomas2.klute@…>
Perform OCSP request over HTTP Finally the whole stack is there! …

Jun 13, 2016:

1:32 AM Changeset in mod_gnutls [04addef]debianupstream by Thomas Klute <thomas2.klute@…>
Test suite: Always lock authority PGP keyring I've occasionally …

Jun 11, 2016:

7:03 PM Changeset in mod_gnutls [0831437]debianupstream by Thomas Klute <thomas2.klute@…>
Clarify the purpose of mgs_time2sz() I've renamed the CTIME macro to …
4:44 PM Changeset in mod_gnutls [47a909e]debianupstream by Thomas Klute <thomas2.klute@…>
Create OCSP requests when updating the cached response Actually …
8:20 AM Changeset in mod_gnutls [6c44ed2]debianupstream by Thomas Klute <thomas2.klute@…>
Test suite: Explicitly link gen_ocsp_index against libgnutls This is …

Jun 10, 2016:

8:26 PM Changeset in mod_gnutls [a372379]debianupstream by Thomas Klute <thomas2.klute@…>
Store server certificate fingerprint in OCSP config It's not like …
8:19 PM Changeset in mod_gnutls [cc74801]debianupstream by Thomas Klute <thomas2.klute@…>
Move generated vhost-wide OCSP config into a private structure
8:06 PM Changeset in mod_gnutls [6b89353]debianupstream by Thomas Klute <thomas2.klute@…>
Remove Lua bytecode variables from directory config structure The …
7:39 PM Changeset in mod_gnutls [5559aa6]debianupstream by Thomas Klute <thomas2.klute@…>
Rely on cache for OCSP response expiration With fixed DBM cache …
7:30 PM Changeset in mod_gnutls [11e6205]debianupstream by Thomas Klute <thomas2.klute@…>
dbm_cache_fetch(): Clear data size on allocation failure Memory …
3:14 PM Changeset in mod_gnutls [b2e6406]debianupstream by Thomas Klute <thomas2.klute@…>
Safe integer type conversion in mgs_filter_input() Read sizes should …
12:46 PM Changeset in mod_gnutls [15b22cb]debianupstream by Thomas Klute <thomas2.klute@…>
Allow compiling with clang Needs just a minimal workaround for an …
9:34 AM Changeset in mod_gnutls [d6834e0]debianupstream by Thomas Klute <thomas2.klute@…>
OCSP refresh mutex: Prevent parallel requests Add a global mutex …
4:16 AM Changeset in mod_gnutls [aa68232]debianupstream by Thomas Klute <thomas2.klute@…>
Move global cache mutex into the private cache struct

Jun 9, 2016:

7:52 PM Changeset in mod_gnutls [e809fb3]debianupstream by Thomas Klute <thomas2.klute@…>
Use generic cache functions for OCSP response caching With this, OCSP …
7:09 PM Changeset in mod_gnutls [3e22b82]debianupstream by Thomas Klute <thomas2.klute@…>
Add generic store/fetch support to the memcached cache Required to …
5:08 PM Changeset in mod_gnutls [70a1e5a]debianupstream by Thomas Klute <thomas2.klute@…>
Introduce OCSP caching grace time A cached OCSP response must be …
2:50 PM Changeset in mod_gnutls [f450ac9]debianupstream by Thomas Klute <thomas2.klute@…>
Replace mgs_session_id2sz() with apr_(p?)escape_hex() There's no need …
12:33 PM Changeset in mod_gnutls [d18afb8]debianupstream by Thomas Klute <thomas2.klute@…>
Ensure that dbm_cache_fetch() does not return expired data The cache …

Jun 8, 2016:

5:58 PM Changeset in mod_gnutls [c6572ec]debianupstream by Thomas Klute <thomas2.klute@…>
Apply default cache timeout to OCSP responses without nextUpdate
5:24 PM Changeset in mod_gnutls [c55902b]debianupstream by Thomas Klute <thomas2.klute@…>
Trigger cache expiration on fetch, small restructuring In a situation …
3:31 PM Changeset in mod_gnutls [c005645]debianupstream by Thomas Klute <thomas2.klute@…>
Mutex for DBM cache access I noticed that with a DBM cache enabled …
11:58 AM Changeset in mod_gnutls [9c6ffe1]jessie-backports by Daniel Kahn Gillmor <dkg@…>
rebuilding for jessie-backports

Jun 5, 2016:

3:42 PM Changeset in mod_gnutls [eb63377]debianupstream by Thomas Klute <thomas2.klute@…>
Check only expiration time for OCSP responses from cache Responses …
3:42 PM Changeset in mod_gnutls [366d1a1]debianupstream by Thomas Klute <thomas2.klute@…>
Use nextUpdate field of OCSP response to set cache lifetime
3:42 PM Changeset in mod_gnutls [08817d0]debianupstream by Thomas Klute <thomas2.klute@…>
Check OCSP response before caching Only verified responses should be …
3:42 PM Changeset in mod_gnutls [368e581]debianupstream by Thomas Klute <thomas2.klute@…>
Update OCSP response cache only if response is missing or invalid …
3:42 PM Changeset in mod_gnutls [4bf4ce2]debianupstream by Thomas Klute <thomas2.klute@…>
Use GCC builtins to catch overflows with mixed integer types …
3:42 PM Changeset in mod_gnutls [6b4136c]debianupstream by Thomas Klute <thomas2.klute@…>
Store OCSP responses in DBM cache before use This is not proper …
3:42 PM Changeset in mod_gnutls [2f932fa]debianupstream by Thomas Klute <thomas2.klute@…>
Use gnutls_datum_t to pass DBM keys for GnuTLS sessions The APR …
3:42 PM Changeset in mod_gnutls [6814e48]debianupstream by Thomas Klute <thomas2.klute@…>
Explain the different signatures of the dbm_cache functions
3:42 PM Changeset in mod_gnutls [15245bf]debianupstream by Thomas Klute <thomas2.klute@…>
Split dbm_cache_fetch() in generic and GnuTLS session specific parts …
3:42 PM Changeset in mod_gnutls [1d1361f]debianupstream by Thomas Klute <thomas2.klute@…>
Make dbm_cache_store() work outside connection context
3:42 PM Changeset in mod_gnutls [ae08186]debianupstream by Thomas Klute <thomas2.klute@…>
DBM cache: Separate session caching and generic store operation
3:42 PM Changeset in mod_gnutls [f785704]debianupstream by Thomas Klute <thomas2.klute@…>
Make dbm_cache_expire() work outside connection context DBM cache …

Jun 3, 2016:

6:49 PM Changeset in mod_gnutls [04e6e65]debianupstream by Thomas Klute <thomas2.klute@…>
Move declarations of cache-related functions to a dedicated header …
3:33 PM Changeset in mod_gnutls [379a297]debianupstream by Thomas Klute <thomas2.klute@…>
Remove code used only with GnuTLS 2.x
3:09 PM Changeset in mod_gnutls [7511bfa]debianupstream by Thomas Klute <thomas2.klute@…>
Use ap_log_cerror() instead of ap_log_error() where reasonable …
3:01 PM Changeset in mod_gnutls [8913410]debianupstream by Thomas Klute <thomas2.klute@…>
Update copyright headers
2:31 PM Changeset in mod_gnutls [c3ad933]debianupstream by Thomas Klute <thomas2.klute@…>
Remove stale support code for Apache versions before 2.2
10:08 AM Changeset in mod_gnutls [fd6bb19]debianupstream by Thomas Klute <thomas2.klute@…>
Extract OCSP access URI from the server certificate

Jun 1, 2016:

1:01 PM Changeset in mod_gnutls [4ae7810]debianupstream by Thomas Klute <thomas2.klute@…>
Log port along with hostname if OCSP trust list initialization fails
12:41 PM Changeset in mod_gnutls [68ce93c]debianupstream by Thomas Klute <thomas2.klute@…>
Rearrange mgs_get_ocsp_response() for readability
12:20 PM Changeset in mod_gnutls [fad7695]debianupstream by Thomas Klute <thomas2.klute@…>
Store OCSP trust list in server config This avoids recreating the …
9:48 AM Changeset in mod_gnutls [baa4ed5]debianjessie-backports by Daniel Kahn Gillmor <dkg@…>
prepare release
9:47 AM Changeset in mod_gnutls [7d61199]debianjessie-backports by Daniel Kahn Gillmor <dkg@…>
improve build-depends for nocheck scenario
9:46 AM Changeset in mod_gnutls [c9196cf]debianjessie-backports by Daniel Kahn Gillmor <dkg@…>
wrap-and-sort
9:45 AM Changeset in mod_gnutls [6afa7b9]debianjessie-backports by Daniel Kahn Gillmor <dkg@…>
ensure build-deps work where pandoc does not exist

May 31, 2016:

6:00 PM Changeset in mod_gnutls [64856fd]debianupstream by Thomas Klute <thomas2.klute@…>
Get rid of exit(-1) calls in mgs_hook_post_config() This allows the …
2:45 PM Changeset in mod_gnutls [c6c3357]pristine-tar by Daniel Kahn Gillmor <dkg@…>
pristine-tar data for mod-gnutls_0.7.5.orig.tar.bz2
2:42 PM Changeset in mod_gnutls [2c81c36]debianjessie-backports by Daniel Kahn Gillmor <dkg@…>
prepare changelog for new release
2:42 PM Changeset in mod_gnutls [e12b9b6]debianjessie-backports by Daniel Kahn Gillmor <dkg@…>
no need to adjust name of mod_gnutls.so after upstream fix
2:09 PM Changeset in mod_gnutls [96fc9d9]debianjessie-backports by Daniel Kahn Gillmor <dkg@…>
drop patches applied upstream
2:09 PM Changeset in mod_gnutls [855b295]debianjessie-backports by Daniel Kahn Gillmor <dkg@…>
Merge tag 'upstream/0.7.5' into debian Upstream version 0.7.5
2:09 PM Changeset in mod_gnutls [ce12806]debianjessie-backportsupstream by Daniel Kahn Gillmor <dkg@…>
Imported Upstream version 0.7.5
1:12 PM Changeset in mod_gnutls [2a1ffd6]debianupstream by Thomas Klute <thomas2.klute@…>
Move trust list generation for OCSP to a separate function The new …

May 30, 2016:

5:21 PM Changeset in mod_gnutls [d35b98e]debianupstream by Thomas Klute <thomas2.klute@…>
Check OCSP response and staple it only if good
4:18 PM Changeset in mod_gnutls [c05780e]debianupstream by Thomas Klute <thomas2.klute@…>
Proper runtests integration Test fails if runtests failed, avoid …
4:06 PM Changeset in mod_gnutls [4cc1edc]debianupstream by Thomas Klute <thomas2.klute@…>
Remove pointless <If> from test server config Apparently <If> is …
4:03 PM Changeset in mod_gnutls [20f8e99]debianupstream by Thomas Klute <thomas2.klute@…>
Provide full certificate chain to the server The server will need CA …

May 29, 2016:

6:06 PM Changeset in mod_gnutls [94cb972]debianupstream by Thomas Klute <thomas2.klute@…>
Minimal OCSP stapling implementation using externally provided …
3:38 PM Changeset in mod_gnutls [b674e95]debianupstream by Thomas Klute <thomas2.klute@…>
Merge version 0.7.5 into ocsp branch

May 28, 2016:

9:57 AM Ticket #136 (Infinite loop while cleaning up GnuTLS session) closed by http://gtlsbug.livejournal.com/
fixed: This is now fixed in 0.7.5.
8:05 AM Changeset in mod_gnutls [086cea9]debianjessie-backportsupstream by Thomas Klute <thomas2.klute@…>
Release version 0.7.5

May 27, 2016:

8:33 PM Changeset in mod_gnutls [2b80754]debianjessie-backportsupstream by Thomas Klute <thomas2.klute@…>
Delete target files before exporting PGP certificates GnuPG promts or …
8:12 PM Changeset in mod_gnutls [9e56602]debianjessie-backportsupstream by Thomas Klute <thomas2.klute@…>
Check for write errors in pgpcrc.c to get rid of build warning
8:12 PM Changeset in mod_gnutls [42829ae]debianjessie-backportsupstream by Thomas Klute <thomas2.klute@…>
Build pgpcrc through Automake, clean new GnuPG privkey files & directories
8:12 PM Changeset in mod_gnutls [298dc66]debianjessie-backportsupstream by Thomas Klute <thomas2.klute@…>
use --outfile instead of stdio redirection This way, when a command …
8:12 PM Changeset in mod_gnutls [d70dd6e]debianjessie-backportsupstream by Thomas Klute <thomas2.klute@…>
ensure cleanup of gpg v2.1 keyrings as well depending on the version …
4:07 PM Changeset in mod_gnutls [0bda20f]debianjessie-backportsupstream by Thomas Klute <thomas2.klute@…>
Make "make distcheck" work This requires strict DIST/DISTCLEAN lists …
2:56 PM Changeset in mod_gnutls [eb34ac4]debianjessie-backportsupstream by Thomas Klute <thomas2.klute@…>
Let Automake handle module installation Using a custom pkglib …
1:03 PM Changeset in mod_gnutls [eda8686]debianjessie-backportsupstream by Thomas Klute <thomas2.klute@…>
Disable building static libraries Only the dynamic library is used by …
12:26 PM Changeset in mod_gnutls [19f2719]debianjessie-backportsupstream by Thomas Klute <thomas2.klute@…>
Update comments and formating in push/pull functions
12:11 PM Changeset in mod_gnutls [a9fa300]debianjessie-backportsupstream by Thomas Klute <thomas2.klute@…>
Set GnuTLS session errno on all error paths in mgs_transport_read()

May 26, 2016:

6:00 PM Changeset in mod_gnutls [6868585]debianjessie-backportsupstream by Thomas Klute <thomas2.klute@…>
Remove unnecessary session pointer check The transport functions are …
5:09 PM Changeset in mod_gnutls [be41ee4]debianjessie-backportsupstream by Thomas Klute <thomas2.klute@…>
Set GnuTLS session errno on errors in mgs_transport_write() Sunil …

May 23, 2016:

5:08 PM Changeset in mod_gnutls [efe884e]debianupstream by Thomas Klute <thomas2.klute@…>
Skip OCSP test with incompatible GnuTLS versions Please see the …
5:08 PM Changeset in mod_gnutls [c4d6e77]debianupstream by Thomas Klute <thomas2.klute@…>
Test suite: New test case for simple HTTPS access with OCSP status check
2:02 AM Changeset in mod_gnutls [9e309ae]debianupstream by Thomas Klute <thomas2.klute@…>
Merge version 0.7.4 into ocsp

May 21, 2016:

8:16 AM Ticket #136 (Infinite loop while cleaning up GnuTLS session) created by http://gtlsbug.livejournal.com/
I noticed that some apache2 processes take 100% CPU after a few …
Note: See TracTimeline for information about the timeline view.