Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 07a718e7125fbc01f71d7712717cce66e09b9200 / src / ssl_sock.c
  1. 4dd145a BUG/MINOR: ssl: clear the SSL errors on DH loading failure by William Lallemand · Wed Feb 05 11:46:33 2020 +0100
  2. 731248f BUG/MINOR: ssl: we may only ignore the first 64 errors by Willy Tarreau · Tue Feb 04 14:02:02 2020 +0100
  3. 3af48e7 MINOR: ssl: ssl-load-extra-files configure loading of files by William Lallemand · Mon Feb 03 17:15:52 2020 +0100
  4. a25a19f BUG/MINOR: ssl/cli: fix unused variable with openssl < 1.0.2 by William Lallemand · Wed Jan 29 00:04:24 2020 +0100
  5. efe5e8e BUG/MEDIUM: ssl: Don't forget to free ctx->ssl on failure. by Olivier Houchard · Fri Jan 24 15:17:38 2020 +0100
  6. 6d53cd6 MINOR: ssl: Remove dead code. by Olivier Houchard · Fri Jan 24 15:13:57 2020 +0100
  7. 3139c1b BUG/MINOR: ssl: Possible memleak when allowing the 0RTT data buffer. by Frédéric Lécaille · Fri Jan 24 14:56:18 2020 +0100
  8. 911db9b MEDIUM: connection: use CO_FL_WAIT_XPRT more consistently than L4/L6/HANDSHAKE by Willy Tarreau · Thu Jan 23 16:27:54 2020 +0100
  9. 4450b58 MINOR: connection: remove CO_FL_SSL_WAIT_HS from CO_FL_HANDSHAKE by Willy Tarreau · Thu Jan 23 15:23:13 2020 +0100
  10. 220a26c BUG/MEDIUM: 0rtt: Only consider the SSL handshake. by Olivier Houchard · Thu Jan 23 14:57:36 2020 +0100
  11. c192b0a MEDIUM: connection: remove CO_FL_CONNECTED and only rely on CO_FL_WAIT_* by Willy Tarreau · Thu Jan 23 09:11:58 2020 +0100
  12. 078156d BUG/MINOR: ssl/cli: ocsp_issuer must be set w/ "set ssl cert" by Emmanuel Hocdet · Wed Jan 22 17:02:53 2020 +0100
  13. dad239d BUG/MINOR: ssl: typo in previous patch by William Lallemand · Thu Jan 23 11:59:02 2020 +0100
  14. 5c3c96f BUG/MINOR: ssl: memory leak w/ the ocsp_issuer by William Lallemand · Thu Jan 23 11:53:13 2020 +0100
  15. b829dda BUG/MINOR: ssl: increment issuer refcount if in chain by William Lallemand · Thu Jan 23 11:42:52 2020 +0100
  16. 75b15f7 BUG/MINOR: ssl/cli: free the previous ckch content once a PEM is loaded by William Lallemand · Thu Jan 23 10:56:05 2020 +0100
  17. 477902b MEDIUM: connections: Get ride of the xprt_done callback. by Olivier Houchard · Wed Jan 22 18:08:48 2020 +0100
  18. 6b5b44e BUG/MINOR: ssl: ssl_sock_load_pem_into_ckch is not consistent by Emmanuel Hocdet · Fri Dec 20 17:47:12 2019 +0100
  19. e9ff899 BUILD: ssl: more elegant anti-replay feature presence check by Ilya Shipitsin · Sun Jan 19 12:20:14 2020 +0500
  20. 224a087 BUG/MINOR: ssl: ssl_sock_load_sctl_from_file memory leak by Emmanuel Hocdet · Thu Jan 16 15:15:49 2020 +0100
  21. eb73dc3 BUG/MINOR: ssl: ssl_sock_load_issuer_file_into_ckch memory leak by Emmanuel Hocdet · Thu Jan 16 14:45:00 2020 +0100
  22. 0667fae BUG/MINOR: ssl: ssl_sock_load_ocsp_response_from_file memory leak by Emmanuel Hocdet · Thu Jan 16 14:41:36 2020 +0100
  23. ebf840b MINOR: ssl: accept 'verify' bind option with 'set ssl cert' by Emmanuel Hocdet · Mon Jan 20 17:18:00 2020 +0100
  24. 71f8297 MINOR: ssl: Add support for returning the dn samples from ssl_(c|f)_(i|s)_dn in LDAP v3 (RFC2253) format. by Elliot Otchet · Wed Jan 15 08:12:14 2020 -0500
  25. ee1a6fc MINOR: connection: make the last arg of subscribe() a struct wait_event* by Willy Tarreau · Fri Jan 17 07:52:13 2020 +0100
  26. 113d52b MEDIUM: ssl: merge recv_wait and send_wait in ssl_sock by Willy Tarreau · Fri Jan 10 09:20:26 2020 +0100
  27. 3381bf8 MEDIUM: connection: get rid of CO_FL_CURR_* flags by Willy Tarreau · Fri Jan 17 17:39:35 2020 +0100
  28. 9a8ef7f CLEANUP: ssl: remove opendir call in ssl_sock_load_cert by William Dauchy · Mon Jan 13 17:52:49 2020 +0100
  29. 7f4f7f1 MINOR: ssl: Remove unused variable "need_out". by Olivier Houchard · Sun Jan 05 16:45:14 2020 +0100
  30. a26d1e1 BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility by Lukas Tribus · Fri Dec 20 18:47:18 2019 +0100
  31. 54907bb BUG/MEDIUM: ssl: Revamp the way early data are handled. by Olivier Houchard · Thu Dec 19 15:02:39 2019 +0100
  32. ba22e90 BUG/MINOR: ssl/cli: fix build for openssl < 1.0.2 by William Lallemand · Wed Dec 18 20:36:01 2019 +0100
  33. d4f946c MINOR: ssl/cli: 'show ssl cert' give information on the certificates by William Lallemand · Thu Dec 05 10:26:40 2019 +0100
  34. 545989f BUG/MEDIUM: ssl: Don't set the max early data we can receive too early. by Olivier Houchard · Tue Dec 17 15:39:54 2019 +0100
  35. 3777e3a BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1 by Emmanuel Hocdet · Wed Nov 06 16:05:34 2019 +0100
  36. 920b035 BUG/MINOR: ssl/cli: don't overwrite the filters variable by William Lallemand · Wed Dec 04 15:33:01 2019 +0100
  37. 230662a BUG/MINOR: ssl/cli: 'ssl cert' cmd only usable w/ admin rights by William Lallemand · Tue Dec 03 13:32:54 2019 +0100
  38. 140b64f BUG/MINOR: ssl: fix SSL_CTX_set1_chain compatibility for openssl < 1.0.2 by Emmanuel Hocdet · Thu Oct 24 18:33:10 2019 +0200
  39. b270e81 MINOR: ssl: deduplicate crl-file by Emmanuel Hocdet · Thu Nov 21 19:09:31 2019 +0100
  40. 129d328 MINOR: ssl: compute ca-list from deduplicate ca-file by Emmanuel Hocdet · Thu Oct 24 18:08:51 2019 +0200
  41. d4f9a60 MINOR: ssl: deduplicate ca-file by Emmanuel Hocdet · Thu Oct 24 11:32:47 2019 +0200
  42. 9312853 CLEANUP: ssl: Clean up error handling by Tim Duesterhus · Sat Nov 23 23:45:10 2019 +0100
  43. c8bb153 CLEANUP: ssl: check if a transaction exists once before setting it by William Dauchy · Sun Nov 24 15:04:20 2019 +0100
  44. c0e820c BUG/MINOR: ssl: Stop passing dynamic strings as format arguments by Tim Duesterhus · Sat Nov 23 23:52:30 2019 +0100
  45. d14b49c BUG/MINOR: ssl: fix curve setup with LibreSSL by Lukas Tribus · Sun Nov 24 18:20:40 2019 +0100
  46. 5f1fa7d MINOR: ssl: fix possible null dereference in error handling by William Dauchy · Sat Nov 23 21:14:33 2019 +0100
  47. ed44243 MINOR: ssl/cli: display warning during 'commit ssl cert' by William Lallemand · Thu Nov 21 16:41:07 2019 +0100
  48. 8ef0c2a MEDIUM: ssl/cli: apply SSL configuration on SSL_CTX during commit by William Lallemand · Thu Nov 21 16:30:34 2019 +0100
  49. 8b45391 MINOR: ssl: ssl_sock_prepare_ctx() return an error code by William Lallemand · Thu Nov 21 15:48:10 2019 +0100
  50. 3c8bde8 BUILD/MINOR: ssl: fix compiler warning about useless statement by Eric Salama · Wed Nov 20 11:33:40 2019 +0100
  51. 0bc9c8a MINOR: ssl/cli: 'abort ssl cert' deletes an on-going transaction by William Lallemand · Tue Nov 19 15:51:51 2019 +0100
  52. c5fdf0f BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1 by Emmanuel Hocdet · Mon Nov 04 15:49:46 2019 +0100
  53. c3775d2 BUG/MINOR: ssl: ssl_pkey_info_index ex_data can store a dereferenced pointer by Emmanuel Hocdet · Mon Nov 04 18:19:32 2019 +0100
  54. 21724f0 MINOR: ssl/cli: replace the default_ctx during 'commit ssl cert' by William Lallemand · Mon Nov 04 17:56:13 2019 +0100
  55. 3246d94 BUG/MINOR: ssl/cli: fix an error when a file is not found by William Lallemand · Mon Nov 04 14:02:11 2019 +0100
  56. 37031b8 BUG/MINOR: ssl/cli: unable to update a certificate without bundle extension by William Lallemand · Mon Nov 04 13:38:53 2019 +0100
  57. 8a7fdf0 BUG/MEDIUM: ssl/cli: don't alloc path when cert not found by William Lallemand · Mon Nov 04 10:59:32 2019 +0100
  58. 40f2f1e BUG/MEDIUM: ssl/cli: fix dot research in cli_parse_set_cert by Emmanuel Hocdet · Wed Oct 30 17:31:28 2019 +0100
  59. eaad5cc MINOR: ssl: BoringSSL ocsp_response does not need issuer by Emmanuel Hocdet · Fri Oct 25 12:19:00 2019 +0200
  60. 83cbd3c BUG/MINOR: ssl: double free on error for ckch->{key,cert} by Emmanuel Hocdet · Fri Oct 25 11:55:03 2019 +0200
  61. ed17f47 BUG/MINOR: ssl: ckch->chain must be initialized by Emmanuel Hocdet · Thu Oct 24 18:28:33 2019 +0200
  62. f6ac4fa BUG/MINOR: ssl: segfault in cli_parse_set_cert with old openssl/boringssl by Emmanuel Hocdet · Wed Oct 30 17:41:27 2019 +0100
  63. 33cc76f BUG/MINOR: ssl/cli: check trash allocation in cli_io_handler_commit_cert() by William Lallemand · Thu Oct 31 11:43:45 2019 +0100
  64. beea2a4 CLEANUP: ssl/cli: remove leftovers of bundle/certs (it < 2) by William Lallemand · Wed Oct 30 17:45:33 2019 +0100
  65. bc6ca7c MINOR: ssl/cli: rework 'set ssl cert' as 'set/commit' by William Lallemand · Tue Oct 29 23:48:19 2019 +0100
  66. 0580052 BUILD/MINOR: ssl: shut up a build warning about format truncation by Willy Tarreau · Tue Oct 29 10:48:50 2019 +0100
  67. 430413e MINOR: ssl/cli: rework the 'set ssl cert' IO handler by William Lallemand · Mon Oct 28 14:30:47 2019 +0100
  68. 1212db4 BUG/MINOR: ssl/cli: cleanup on cli_parse_set_cert error by William Lallemand · Mon Oct 28 14:26:56 2019 +0100
  69. f29cdef BUG/MINOR: ssl/cli: out of bounds when built without ocsp/sctl by William Lallemand · Wed Oct 23 15:00:52 2019 +0200
  70. 541a534 BUG/MINOR: ssl/cli: fix build of SCTL and OCSP by William Lallemand · Wed Oct 23 14:11:54 2019 +0200
  71. 8f840d7 MEDIUM: cli/ssl: handle the creation of SSL_CTX in an IO handler by William Lallemand · Wed Oct 23 10:53:05 2019 +0200
  72. 0c3b7d9 MINOR: ssl/cli: assignate a new ckch_store by William Lallemand · Fri Oct 18 11:27:07 2019 +0200
  73. 8c1cdde MINOR: ssl: new functions duplicate and free a ckch_store by William Lallemand · Fri Oct 18 10:58:14 2019 +0200
  74. 8d0f893 MINOR: ssl: copy a ckch from src to dst by William Lallemand · Thu Oct 17 18:03:58 2019 +0200
  75. 455af50 MINOR: ssl: update ssl_sock_free_cert_key_and_chain_contents by William Lallemand · Thu Oct 17 18:04:45 2019 +0200
  76. 44b3532 MINOR: ssl/cli: update ocsp/issuer/sctl file from the CLI by William Lallemand · Thu Oct 17 16:28:40 2019 +0200
  77. 849eed6 BUG/MINOR: ssl/cli: fix looking up for a bundle by William Lallemand · Thu Oct 17 16:23:50 2019 +0200
  78. 96a9c97 MINOR: ssl: split ssl_sock_load_crt_file_into_ckch() by William Lallemand · Thu Oct 17 11:56:17 2019 +0200
  79. f9568fc MINOR: ssl: load issuer from file or from buffer by William Lallemand · Wed Oct 16 18:27:58 2019 +0200
  80. 0dfae6c MINOR: ssl: load sctl from buf OR from a file by William Lallemand · Wed Oct 16 18:06:58 2019 +0200
  81. 3b5f360 MINOR: ssl: OCSP functions can load from file or buffer by William Lallemand · Wed Oct 16 18:05:05 2019 +0200
  82. 0201047 CLEANUP: ssl: fix SNI/CKCH lock labels by William Lallemand · Fri Oct 18 11:02:19 2019 +0200
  83. 34779c3 CLEANUP: ssl: remove old TODO commentary by William Lallemand · Tue Oct 15 22:01:54 2019 +0200
  84. eb46965 BUG/MINOR: ssl: fix memcpy overlap without consequences. by Emeric Brun · Tue Oct 08 18:27:37 2019 +0200
  85. e566f3d BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed by Christopher Faulet · Mon Oct 21 09:55:49 2019 +0200
  86. a9363eb BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1 by Emeric Brun · Thu Oct 17 14:53:03 2019 +0200
  87. 7a88336 CLEANUP: ssl: make ssl_sock_load_dh_params handle errcode/warn by Emeric Brun · Thu Oct 17 13:27:40 2019 +0200
  88. a96b582 CLEANUP: ssl: make ssl_sock_put_ckch_into_ctx handle errcode/warn by Emeric Brun · Thu Oct 17 13:25:14 2019 +0200
  89. 054563d CLEANUP: ssl: make ckch_inst_new_load_(multi_)store handle errcode/warn by Emeric Brun · Thu Oct 17 13:16:58 2019 +0200
  90. f69ed1d CLEANUP: ssl: make cli_parse_set_cert handle errcode and warnings. by Emeric Brun · Thu Oct 17 11:56:56 2019 +0200
  91. 8c5414a CLEANUP: ssl: make ssl_sock_load_ckchs() return a set of ERR_* by Willy Tarreau · Wed Oct 16 17:06:25 2019 +0200
  92. bbc9196 CLEANUP: ssl: make ssl_sock_load_cert*() return real error codes by Willy Tarreau · Wed Oct 16 16:42:19 2019 +0200
  93. e0f48ae BUG/MINOR: ssl: can't load ocsp files by William Lallemand · Tue Oct 15 13:44:57 2019 +0200
  94. 786188f BUG/MINOR: ssl: fix error messages for OCSP loading by William Lallemand · Tue Oct 15 10:05:37 2019 +0200
  95. 4a66013 BUG/MINOR: ssl: fix OCSP build with BoringSSL by William Lallemand · Mon Oct 14 14:51:41 2019 +0200
  96. 104a7a6 BUILD: ssl: wrong #ifdef for SSL engines code by William Lallemand · Mon Oct 14 14:14:59 2019 +0200
  97. 963b2e7 BUG/MINOR: ssl: fix build without multi-cert bundles by William Lallemand · Mon Oct 14 11:38:36 2019 +0200
  98. e15029b BUG/MEDIUM: ssl: NULL dereference in ssl_sock_load_cert_sni() by William Lallemand · Mon Oct 14 10:46:58 2019 +0200
  99. 246c024 MINOR: ssl: load the ocsp in/from the ckch by William Lallemand · Fri Oct 11 08:59:13 2019 +0200
  100. a17f411 MINOR: ssl: load the sctl in/from the ckch by William Lallemand · Thu Oct 10 15:16:44 2019 +0200