Gitiles
Code Review
Sign In
git01.mediatek.com
/
haproxy
/
4ba494ca1bee297dde82f0fde546621bb5e1ce30
/
src
/
ssl_sock.c
« Previous
85b5a1a
MINOR: ssl: Add callbacks to set DH/ECDH params for generated certificates
by Christopher Faulet
· 9 years ago
7969a33
MINOR: ssl: Add support for EC for the CA used to sign generated certificates
by Christopher Faulet
· 9 years ago
c6f02fb
MINOR: ssl: Read the file used to generate certificates in any order
by Christopher Faulet
· 9 years ago
a84c267
BUILD: ssl: fix build error introduced by recent commit
by Willy Tarreau
· 9 years ago
77fe80c
MINOR: ssl: Release Servers SSL context when HAProxy is shut down
by Christopher Faulet
· 9 years ago
d2cab92
BUG/MINOR: ssl: fix management of the cache where forged certificates are stored
by Christopher Faulet
· 9 years ago
bc96534
DOC: ssl: missing LF
by Thierry FOURNIER
· 9 years ago
136f9d3
MINOR: samples: rename union from "data" to "u"
by Thierry FOURNIER
· 9 years ago
8c542ca
MEDIUM: samples: Use the "struct sample_data" in the "struct sample"
by Thierry FOURNIER
· 9 years ago
cc79b00
BUG/MINOR: ssl: TLS Ticket Key rotation broken via socket command
by Pradeep Jindal
· 9 years ago
17c3f62
BUILD: ssl: Allow building against libssl without SSLv3.
by Jérémie Courrèges-Anglas
· 9 years ago
bf65cd4
MAJOR: arg: converts uint and sint in sint
by Thierry FOURNIER
· 9 years ago
07ee64e
MAJOR: sample: converts uint and sint in 64 bits signed integer
by Thierry FOURNIER
· 9 years ago
732eac4
MEDIUM: ssl: add sni support on the server lines
by Willy Tarreau
· 9 years ago
6307641
MINOR: ssl: provide ia function to set the SNI extension on a connection
by Willy Tarreau
· 9 years ago
fc017fe
CLEANUP: ssl: make ssl_sock_generate_certificate() use ssl_sock_generated_cert_serial()
by Willy Tarreau
· 9 years ago
646b864
CLEANUP: ssl: make ssl_sock_generated_cert_serial() take a const
by Willy Tarreau
· 9 years ago
f672145
MINOR: ssl: make self-generated certs also work with raw IPv6 addresses
by Willy Tarreau
· 9 years ago
745d412
BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id
by Willy Tarreau
· 9 years ago
c8ad3be
BUILD: ssl: fix recent build breakage on older SSL libs
by Willy Tarreau
· 9 years ago
3054880
MINOR: ssl: Export functions to manipulate generated certificates
by Christopher Faulet
· 9 years ago
31af49d
MEDIUM: ssl: Add options to forge SSL certificates
by Christopher Faulet
· 9 years ago
d3a341a
MEDIUM: ssl: replace standards DH groups with custom ones
by Remi Gacogne
· 9 years ago
47783ef
MEDIUM: ssl: add the possibility to use a global DH parameters file
by Remi Gacogne
· 9 years ago
d3a23c3
MINOR: ssl: add a destructor to free allocated SSL ressources
by Remi Gacogne
· 9 years ago
4f902b8
BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten
by Remi Gacogne
· 9 years ago
26ea822
MINOR: Add sample fetch which identifies if the SSL session has been resumed
by Nenad Merdanovic
· 10 years ago
200b0fa
MEDIUM: Add support for updating TLS ticket keys via socket
by Nenad Merdanovic
· 10 years ago
146defa
MINOR: Add TLS ticket keys reference and use it in the listener struct
by Nenad Merdanovic
· 10 years ago
e26bf05
BUILD/MINOR: ssl: fix build failure introduced by recent patch
by Willy Tarreau
· 10 years ago
0786d05
MEDIUM: sample: change the prototype of sample-fetches functions
by Thierry FOURNIER
· 10 years ago
0a9a2b8
MEDIUM: sample change the prototype of sample-fetches and converters functions
by Thierry FOURNIER
· 10 years ago
fc65af0
BUG/MINOR: ssl: Display correct filename in error message
by Alexander Rigbo
· 10 years ago
192252e
MAJOR: sample: pass a pointer to the session to each sample fetch function
by Willy Tarreau
· 10 years ago
15e91e1
MAJOR: sample: don't pass l7 anymore to sample fetch functions
by Willy Tarreau
· 10 years ago
53c9b4d
CLEANUP: sample: remove useless tests in fetch functions for l4 != NULL
by Willy Tarreau
· 10 years ago
9ad7bd4
MEDIUM: session: use the pointer to the origin instead of s->si[0].end
by Willy Tarreau
· 10 years ago
87b0966
REORG/MAJOR: session: rename the "session" entity to "stream"
by Willy Tarreau
· 10 years ago
d85c485
REORG: connection: move conn_drain() to connection.c and rename it
by Willy Tarreau
· 10 years ago
2c701b5
MEDIUM: ssl: Certificate Transparency support
by Janusz Dziemidowicz
· 10 years ago
f41a809
MINOR: sample: add private argument to the struct sample_fetch
by Thierry FOURNIER
· 10 years ago
622317d
BUILD/CLEANUP: ssl: avoid a warning due to mixed code and declaration
by Willy Tarreau
· 10 years ago
05552d4
MEDIUM: Add support for configurable TLS ticket keys
by Nenad Merdanovic
· 10 years ago
2a3fb1c
MINOR: ssl/server: add the "no-ssl-reuse" server option
by Willy Tarreau
· 10 years ago
3180f7b
MINOR: ssl: load certificates in alphabetical order
by Cyril Bonté
· 10 years ago
d92aa5c
MINOR: global: report information about the cost of SSL connections
by Willy Tarreau
· 10 years ago
fce0311
MINOR: global: always export some SSL-specific metrics
by Willy Tarreau
· 10 years ago
e4e30f7
BUILD: ssl: use OPENSSL_NO_OCSP to detect OCSP support
by Lukas Tribus
· 10 years ago
9ce1311
BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks
by Cyril Bonté
· 10 years ago
396a186
MEDIUM: ssl: add support for smaller SSL records
by Willy Tarreau
· 10 years ago
fba03cd
BUG/MEDIUM: ssl: force a full GC in case of memory shortage
by Willy Tarreau
· 10 years ago
5547615
BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM.
by Emeric Brun
· 10 years ago
0bed994
BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates
by Emeric Brun
· 10 years ago
2c86cbf
MINOR: ssl: add statement to force some ssl options in global.
by Emeric Brun
· 10 years ago
43e7958
MINOR: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER formatted certs
by Emeric Brun
· 10 years ago
a616ba6
BUILD/MINOR: ssl: de-constify "ciphers" to avoid a warning on openssl-0.9.8
by Willy Tarreau
· 10 years ago
23d5d37
MINOR: ssl: use SSL_get_ciphers() instead of directly accessing the cipher list.
by Remi Gacogne
· 10 years ago
328fb58
MEDIUM: connection: add new bit in Proxy Protocol V2
by Dave McCowan
· 10 years ago
9013272
MINOR: ssl: don't use boringssl's cipher_list
by Lukas Tribus
· 10 years ago
4c0d45a
BUILD: ssl: don't call get_rfc2409_prime when using boringssl
by Lukas Tribus
· 10 years ago
656c5fa
BUILD: ssl: disable OCSP when using boringssl
by Lukas Tribus
· 10 years ago
8de5415
BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange
by Remi Gacogne
· 10 years ago
0abf836
BUG/MINOR: ssl: Fix external function in order not to return a pointer on an internal trash buffer.
by Emeric Brun
· 10 years ago
1d3865b
BUG/MINOR: ssl: Fix OCSP resp update fails with the same certificate configured twice.
by Emeric Brun
· 10 years ago
4f3c87a
BUG/MEDIUM: ssl: Fix to not serve expired OCSP responses.
by Emeric Brun
· 10 years ago
13a6b48
BUG/MINOR: ssl: rejects OCSP response without nextupdate.
by Emeric Brun
· 10 years ago
c8b27b6
MEDIUM: ssl: add 300s supported time skew on OCSP response update.
by Emeric Brun
· 10 years ago
4147b2e
MEDIUM: ssl: basic OCSP stapling support.
by Emeric Brun
· 10 years ago
2aab722
MEDIUM: ssl: ignored file names ending as '.issuer' or '.ocsp'.
by Emeric Brun
· 10 years ago
c1eab8c
MEDIUM: ssl: fix detection of ephemeral diffie-hellman key exchange by using the cipher description.
by Remi Gacogne
· 10 years ago
f46cd6e
MEDIUM: ssl: Add the option to use standardized DH parameters >= 1024 bits
by Remi Gacogne
· 10 years ago
0c9c272
MINOR: stats: report SSL key computations per second
by Willy Tarreau
· 10 years ago
af5c3da
MINOR: ssl: SSL_CTX_set_options() and SSL_CTX_set_mode() take a long, not an int
by Remi Gacogne
· 10 years ago
afb7683
MEDIUM: connection: Implement and extented PROXY Protocol V2
by David S
· 11 years ago
5cbe4ef
BUILD: ssl: SSL_CTX_set_msg_callback() needs openssl >= 0.9.7
by Willy Tarreau
· 11 years ago
b73a9b0
MINOR: ssl: convert to binary ssl_fc_unique_id and ssl_bc_unique_id.
by Emeric Brun
· 11 years ago
55f4fa8
MINOR: ssl: adds ssl_f_sha1 fetch to return frontend's certificate fingerprint
by Emeric Brun
· 11 years ago
ba841a1
MINOR: ssl: merge client's and frontend's certificate functions.
by Emeric Brun
· 11 years ago
645ae79
MINOR: ssl: adds fetchs and ACLs for ssl back connection.
by Emeric Brun
· 11 years ago
5bd99b4
MINOR: ssl: clean unused ACLs declarations
by Emeric Brun
· 11 years ago
aeed672
MINOR: ssl: finally catch the heartbeats missing the padding
by Willy Tarreau
· 11 years ago
3b2fdb6
BUG/MINOR: ssl: really block OpenSSL's response to heartbleed attack
by Willy Tarreau
· 11 years ago
8481500
BUILD: ssl: avoid a warning about conn not used with OpenSSL < 1.0.1
by Willy Tarreau
· 11 years ago
6e774b4
BUG/MEDIUM: Revert "MEDIUM: ssl: Add standardized DH parameters >= 1024 bits"
by Willy Tarreau
· 11 years ago
f51c698
MEDIUM: ssl: implement a workaround for the OpenSSL heartbleed attack
by Willy Tarreau
· 11 years ago
29f037d
MEDIUM: ssl: explicitly log failed handshakes after a heartbeat
by Emeric Brun
· 11 years ago
b75d692
BUILD/MINOR: ssl: remove one call to sprintf()
by Willy Tarreau
· 11 years ago
9ece05f
MEDIUM: ssl: Add standardized DH parameters >= 1024 bits
by Remi Gacogne
· 11 years ago
073edf3
BUILD: ssl: previous patch failed
by Willy Tarreau
· 11 years ago
c1ad52e
MINOR: ssl: add ssl_fc_unique_id to fetch TLS Unique ID
by David S
· 11 years ago
c5a4e98
MEDIUM: acl: Change the acl register struct
by Thierry FOURNIER
· 11 years ago
e369ca2
MEDIUM: pattern_find_smp: functions find_smp uses the pat_ref_elt to find the element to be removed
by Thierry FOURNIER
· 11 years ago
7acca4b
MEDIUM: pattern: delete() function uses the pat_ref_elt to find the element to be removed
by Thierry FOURNIER
· 11 years ago
55d0b10
MEDIUM: pattern: add sample lookup function.
by Thierry FOURNIER
· 11 years ago
6f7203d
MEDIUM: pattern: add prune function
by Thierry FOURNIER
· 11 years ago
b113650
MEDIUM: pattern: add delete functions
by Thierry FOURNIER
· 11 years ago
7654c9f
MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags
by Thierry FOURNIER
· 11 years ago
b9b0846
MEDIUM: pattern: add indexation function.
by Thierry FOURNIER
· 11 years ago
518cedd
BUG/MEDIUM: ssl: always send a full buffer after EAGAIN
by Willy Tarreau
· 11 years ago
48f1c4e
MEDIUM: ssl: Use ALPN support as it will be available in OpenSSL 1.0.2
by Dirkjan Bussink
· 11 years ago
Next »