Gitiles
Code Review
Sign In
git01.mediatek.com
/
haproxy
/
3fd1973d373363123ee25b995416643fb3a4446b
/
src
/
ssl_sock.c
« Previous
abd3233
MEDIUM: ssl: ssl-min-ver and ssl-max-ver compatibility.
by Emmanuel Hocdet
· 8 years ago
e1c722b
MEDIUM: ssl: add ssl-min-ver and ssl-max-ver parameters for bind and server
by Emmanuel Hocdet
· 8 years ago
50e25e1
MINOR: ssl: show methods supported by openssl
by Emmanuel Hocdet
· 8 years ago
42fb980
MINOR: ssl: support TLSv1.3 for bind and server
by Emmanuel Hocdet
· 8 years ago
b4e9ba4
MEDIUM: ssl: calculate the real min/max TLS version and find holes
by Emmanuel Hocdet
· 8 years ago
5db33cb
MEDIUM: ssl: ssl_methods implementation is reworked and factored for min/max tlsxx
by Emmanuel Hocdet
· 8 years ago
6cb2d1e
MEDIUM: ssl: revert ssl/tls version settings relative to default-server.
by Emmanuel Hocdet
· 8 years ago
53ae85c
MINOR: ssl: add prefer-client-ciphers
by Lukas Tribus
· 8 years ago
fa5c5c8
BUG/MINOR: ssl: fix warnings about methods for opensslv1.1.
by Emeric Brun
· 8 years ago
9a146de
MINOR: server: Make 'default-server' support 'sni' keyword.
by Frédéric Lécaille
· 8 years ago
bcaf1d7
MINOR: server: Make 'default-server' support 'ciphers' keyword.
by Frédéric Lécaille
· 8 years ago
5e57643
MINOR: server: Make 'default-server' support 'ca-file', 'crl-file' and 'crt' settings.
by Frédéric Lécaille
· 8 years ago
273f321
MINOR: server: Make 'default-server' support 'verifyhost' setting.
by Frédéric Lécaille
· 8 years ago
7c8cd58
MINOR: server: Make 'default-server' support 'verify' keyword.
by Frédéric Lécaille
· 8 years ago
18388c9
CLEANUP: server: code alignement.
by Frédéric Lécaille
· 8 years ago
e892c4c
MINOR: server: Make 'default-server' support 'send-proxy-v2-ssl*' keywords.
by Frédéric Lécaille
· 8 years ago
e381d76
MINOR: server: Make 'default-server' support 'ssl' keyword.
by Frédéric Lécaille
· 8 years ago
2cfcdbe
MINOR: server: Make 'default-server' support 'no-ssl*' and 'no-tlsv*' keywords.
by Frédéric Lécaille
· 8 years ago
ec16f03
CLEANUP: server: code alignement.
by Frédéric Lécaille
· 8 years ago
9698092
MINOR: server: Make 'default-server' support 'force-sslv3' and 'force-tlsv1[0-2]' keywords.
by Frédéric Lécaille
· 8 years ago
340ae60
MINOR: server: Make 'default-server' support 'check-ssl' keyword.
by Frédéric Lécaille
· 8 years ago
a52bb15
BUILD: ssl: simplify SSL_CTX_set_ecdh_auto compatibility
by Emmanuel Hocdet
· 8 years ago
8d71049
BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file
by Janusz Dziemidowicz
· 8 years ago
e380474
MINOR: ssl: improved cipherlist captures
by Emmanuel Hocdet
· 8 years ago
aaee750
BUG/MINOR: ssl: fix cipherlist captures with sustainable SSL calls
by Emmanuel Hocdet
· 8 years ago
f6b37c6
BUG/MEDIUM: ssl: in bind line, ssl-options after 'crt' are ignored.
by Emmanuel Hocdet
· 8 years ago
4608ed9
MEDIUM: ssl: remove ssl-options from crt-list
by Emmanuel Hocdet
· 8 years ago
5bf7732
MEDIUM: ssl: add new sample-fetch which captures the cipherlist
by Thierry FOURNIER
· 8 years ago
cc6c2a2
BUILD: ssl: fix build with -DOPENSSL_NO_DH
by Emmanuel Hocdet
· 8 years ago
4de1ff1
MINOR: ssl: removes SSL_CTX_set_ssl_version call and cleanup CTX creation.
by Emmanuel Hocdet
· 8 years ago
d385060
BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING
by Emmanuel Hocdet
· 8 years ago
530141f
BUG/MEDIUM: ssl: fix verify/ca-file per certificate
by Emmanuel Hocdet
· 8 years ago
0594211
MEDIUM: boringssl: support native multi-cert selection without bundling
by Emmanuel Hocdet
· 8 years ago
e3cc3a3
BUG/MAJOR: ssl: fix a regression in ssl_sock_shutw()
by Willy Tarreau
· 8 years ago
e3e326d
BUILD: ssl: kill a build warning introduced by BoringSSL compatibility
by Willy Tarreau
· 8 years ago
fdec789
BUILD: ssl: fix to build (again) with boringssl
by Emmanuel Hocdet
· 8 years ago
e7f2b73
MINOR: ssl: add curve suite for ECDHE negotiation
by Emmanuel Hocdet
· 8 years ago
9826329
MAJOR: ssl: bind configuration per certificat
by Emmanuel Hocdet
· 8 years ago
3eb5b3f
MINOR: ssl: don't show prefer-server-ciphers output
by Lukas Tribus
· 8 years ago
405ff31
BUG/MINOR: ssl: assert on SSL_set_shutdown with BoringSSL
by Emmanuel Hocdet
· 8 years ago
b7a4c34
BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage
by Emmanuel Hocdet
· 8 years ago
119a408
BUG/MEDIUM: ssl: for a handshake when server-side SNI changes
by Willy Tarreau
· 8 years ago
ef93460
CLEANUP: ssl: move most ssl-specific global settings to ssl_sock.c
by Willy Tarreau
· 8 years ago
d1c5750
CLEANUP: ssl: move tlskeys_finalize_config() to a post_check callback
by Willy Tarreau
· 8 years ago
17d4538
MINOR: ssl_sock: implement and use prepare_srv()/destroy_srv()
by Willy Tarreau
· 8 years ago
d9f5cca
CLEANUP: connection: unexport raw_sock and ssl_sock
by Willy Tarreau
· 8 years ago
13e1410
MINOR: connection: add a minimal transport layer registration system
by Willy Tarreau
· 8 years ago
795cdab
MINOR: ssl_sock: implement ssl_sock_destroy_bind_conf()
by Willy Tarreau
· 8 years ago
55d3791
MEDIUM: ssl_sock: implement ssl_sock_prepare_bind_conf()
by Willy Tarreau
· 8 years ago
0320934
MEDIUM: ssl: remote the proxy argument from most functions
by Willy Tarreau
· 8 years ago
71a8c7c
MINOR: listener: move the transport layer pointer to the bind_conf
by Willy Tarreau
· 8 years ago
94ff03a
BUG/MEDIUM: ssl: avoid double free when releasing bind_confs
by Willy Tarreau
· 8 years ago
30fd4bd
BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
by Willy Tarreau
· 8 years ago
14e36a1
MEDIUM: cfgparse: move ssl-dh-param-file parsing to ssl_sock
by Willy Tarreau
· 8 years ago
f22e968
MINOR: cfgparse: move parsing of ssl-default-{bind,server}-ciphers to ssl_sock
by Willy Tarreau
· 8 years ago
0bea58d
MEDIUM: cfgparse: move maxsslconn parsing to ssl_sock
by Willy Tarreau
· 8 years ago
9ceda38
MEDIUM: cfgparse: move all tune.ssl.* keywords to ssl_sock
by Willy Tarreau
· 8 years ago
8c3b0fd
MINOR: cfgparse: move parsing of "ca-base" and "crt-base" to ssl_sock
by Willy Tarreau
· 8 years ago
c2c0b61
CLEANUP: ssl: use the build options list to report the SSL details
by Willy Tarreau
· 8 years ago
f5f26e8
MINOR: appctx/cli: remove the "tlskeys" entry from the appctx union
by Willy Tarreau
· 8 years ago
578b169
BUILD/MEDIUM: Fixing the build using LibreSSL
by Luca Pizzamiglio
· 8 years ago
3067bfa
BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys"
by Willy Tarreau
· 8 years ago
30e5e18
CLEANUP: cli: remove assignments to st0 and st2 in keyword parsers
by Willy Tarreau
· 8 years ago
3b6e547
CLEANUP: cli: rename STAT_CLI_* to CLI_ST_*
by Willy Tarreau
· 8 years ago
32af203
REORG: cli: move ssl CLI functions to ssl_sock.c
by William Lallemand
· 8 years ago
8e0bb0a
MINOR: connection: add names for transport and data layers
by Willy Tarreau
· 8 years ago
ff13c06
CLEANUP: ssl: Fix bind keywords name in comments
by Bertrand Jacquin
· 8 years ago
5424ee0
BUG/MINOR: ssl: Print correct filename when error occurs reading OCSP
by Bertrand Jacquin
· 8 years ago
3342309
BUG/MEDIUM: ssl: Store certificate filename in a variable
by Bertrand Jacquin
· 8 years ago
1866d6d
MEDIUM: ssl: Add support for OpenSSL 1.1.0
by Dirkjan Bussink
· 8 years ago
07c3d78
BUG/MINOR: ssl: prevent multiple entries for the same certificate
by Thierry FOURNIER / OZON.IO
· 8 years ago
7a3bd3b
BUG/MINOR: ssl: Check malloc return code
by Thierry FOURNIER / OZON.IO
· 8 years ago
d44ea3f
BUILD/CLEANUP: ssl: Check BIO_reset() return code
by Thierry FOURNIER / OZON.IO
· 8 years ago
8b068c2
MINOR: ssl: add debug traces
by Thierry FOURNIER / OZON.IO
· 8 years ago
c7e1263
BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
by Remi Gacogne
· 8 years ago
90fd35c
Revert "BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()"
by Willy Tarreau
· 8 years ago
16aa015
BUG/MINOR: ssl: close ssl key file on error
by mildis
· 8 years ago
24b892f
BUILD: ssl: fix typo causing a build failure in the multicert patch
by Willy Tarreau
· 8 years ago
5e0e6e4
MINOR: ssl: crt-list parsing factor
by Emmanuel Hocdet
· 8 years ago
d294aea
MEDIUM: ssl: support SNI filters with multicerts
by Emmanuel Hocdet
· 8 years ago
0ea4c23
BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
by Roberto Guimaraes
· 8 years ago
bb137a8
BUG/MEDIUM: ssl: rewind the BIO when reading certificates
by Willy Tarreau
· 9 years ago
02779b6
CLEANUP: uniformize last argument of malloc/calloc
by Vincent Bernat
· 9 years ago
3c2f2f2
CLEANUP: remove unneeded casts
by Vincent Bernat
· 9 years ago
1789115
BUG/MEDIUM: Fix RFC5077 resumption when more than TLS_TICKETS_NO are present
by Nenad Merdanovic
· 9 years ago
e237fe1
BUG/MINOR: ssl: fix usage of the various sample fetch functions
by Willy Tarreau
· 9 years ago
be508f1
BUG/MAJOR: samples: check smp->strm before using it
by Willy Tarreau
· 9 years ago
23d19d6
BUG/MEDIUM: cfgparse: wrong argument offset after parsing server "sni" keyword
by Cyril Bonté
· 9 years ago
3724da1
BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
by Willy Tarreau
· 9 years ago
bef6091
BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
by Marcoen Hirschberg
· 9 years ago
635c0ad
BUG/MINOR: ssl: Be sure to use unique serial for regenerated certificates
by Christopher Faulet
· 9 years ago
30da7ad
BUILD: ssl: set SSL_SOCK_NUM_KEYTYPES with openssl < 1.0.2
by Willy Tarreau
· 9 years ago
be2774d
MEDIUM: ssl: Added support for Multi-Cert OCSP Stapling
by yanbzhu
· 9 years ago
63ea846
MEDIUM: ssl: Added multi cert support for loading crt directories
by yanbzhu
· 9 years ago
1b04e5b
MINOR: ssl: Added multi cert support for crt-list config keyword
by yanbzhu
· 9 years ago
08ce6ab
MEDIUM: ssl: Added support for creating SSL_CTX with multiple certs
by yanbzhu
· 9 years ago
488a4d2
MINOR: ssl: Added cert_key_and_chain struct
by yanbzhu
· 9 years ago
54ffb91
BUILD: check for libressl to be able to build against it
by Daniel Jakots
· 9 years ago
e7db216
BUILD: ssl: fix build error introduced in commit 7969a3 with OpenSSL < 1.0.0
by Christopher Faulet
· 9 years ago
2f63ef4
BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is disabled
by Willy Tarreau
· 9 years ago
Next »