Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 6d07fae3c0f8bca9bb91bec44471664b6934dc77 / src / ssl_sock.c
  1. 70bf06e BUILD: fix build with openssl < 1.0.2 since bundle removal by William Lallemand · Wed Sep 16 18:08:14 2020 +0200
  2. e7eb1fe CLEANUP: ssl: remove utility functions for bundle by William Lallemand · Wed Sep 16 16:17:51 2020 +0200
  3. bd8e6ed CLEANUP: ssl: remove test on "multi" variable in ckch functions by William Lallemand · Wed Sep 16 16:08:08 2020 +0200
  4. dfa93be MEDIUM: ssl: emulate multi-cert bundles loading in standard loading by William Lallemand · Wed Sep 16 14:48:52 2020 +0200
  5. a459826 BUG/MEDIUM: ssl: Don't call ssl_sock_io_cb() directly. by Olivier Houchard · Tue Sep 15 22:16:02 2020 +0200
  6. 2d6fd0a BUG/MINOR: ssl: verifyhost is case sensitive by William Lallemand · Mon Sep 14 15:20:10 2020 +0200
  7. e52b6e5 CLEANUP: Do not use a fixed type for 'sizeof' in 'calloc' by Tim Duesterhus · Sat Sep 12 20:26:43 2020 +0200
  8. 6767245 MEDIUM: fd: replace usages of fd_remove() with fd_stop_both() by Willy Tarreau · Wed Aug 26 11:44:17 2020 +0200
  9. a78f3f0 BUG/MEDIUM: ssl: fix ssl_bind_conf double free w/ wildcards by William Lallemand · Wed Aug 26 17:34:44 2020 +0200
  10. adabbfe MINOR: ssl: Support SAN extension for certificate generation by Shimi Gersner · Sun Aug 23 13:58:13 2020 +0300
  11. 5846c49 MEDIUM: ssl: Support certificate chaining for certificate generation by Shimi Gersner · Sun Aug 23 13:58:12 2020 +0300
  12. 30f9e09 BUG/MEDIUM: ssl: crt-list negative filters don't work by William Lallemand · Mon Aug 17 14:31:19 2020 +0200
  13. 5b1d1f6 CLEANUP: ssl: remove poorly readable nested ternary by William Lallemand · Fri Aug 14 15:30:13 2020 +0200
  14. 94bd319 BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate by William Lallemand · Fri Aug 14 14:43:35 2020 +0200
  15. 935d829 BUG/MEDIUM: ssl: never generates the chain from the verify store by William Lallemand · Wed Aug 12 20:02:10 2020 +0200
  16. 9a1d839 BUG/MINOR: ssl: ssl-skip-self-issued-ca requires >= 1.0.2 by William Lallemand · Mon Aug 10 17:28:23 2020 +0200
  17. bf298af BUG/MEDIUM: ssl: fix the ssl-skip-self-issued-ca option by William Lallemand · Mon Aug 10 16:18:45 2020 +0200
  18. 76b4a12 BUG/MEDIUM: ssl: memory leak of ocsp data at SSL_CTX_free() by William Lallemand · Tue Aug 04 17:41:39 2020 +0200
  19. 86e4d63 BUG/MINOR: ssl: fix memory leak at OCSP loading by William Lallemand · Fri Aug 07 00:44:32 2020 +0200
  20. a560c06 BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp() by William Lallemand · Fri Jul 31 11:43:20 2020 +0200
  21. a9d7b76 MINOR: connection: use MT_LIST_ADDQ() to add connections to idle lists by Willy Tarreau · Fri Jul 10 08:28:20 2020 +0200
  22. de4db17 MINOR: lists: rename some MT_LIST operations to clarify them by Willy Tarreau · Fri Jul 10 08:10:29 2020 +0200
  23. 7d42ef5 WIP/MINOR: ssl: add sample fetches for keylog in frontend by William Lallemand · Mon Jul 06 11:41:30 2020 +0200
  24. f278eec BUILD: tree-wide: cast arguments to tolower/toupper to unsigned char by Willy Tarreau · Sun Jul 05 21:46:32 2020 +0200
  25. a74bb7e BUG/MEDIUM: connections: Let the xprt layer know a takeover happened. by Olivier Houchard · Fri Jul 03 14:01:21 2020 +0200
  26. b240869 MINOR: ssl: move the ckch/crtlist deinit to ssl_sock.c by William Lallemand · Wed Jun 24 09:54:29 2020 +0200
  27. 7df5c2d BUG/MEDIUM: ssl: fix ssl_bind_conf double free by William Lallemand · Tue Jun 23 11:02:17 2020 +0200
  28. d0712f3 BUG/MINOR: ssl: fix ssl-{min,max}-ver with openssl < 1.1.0 by William Lallemand · Thu Jun 11 17:34:00 2020 +0200
  29. b255105 CLEANUP: include: tree-wide alphabetical sort of include files by Willy Tarreau · Tue Jun 09 09:07:15 2020 +0200
  30. dfd3de8 REORG: include: move stream.h to haproxy/stream{,-t}.h by Willy Tarreau · Thu Jun 04 23:46:14 2020 +0200
  31. 1e56f92 REORG: include: move server.h to haproxy/server{,-t}.h by Willy Tarreau · Thu Jun 04 23:20:13 2020 +0200
  32. a264d96 REORG: include: move proxy.h to haproxy/proxy{,-t}.h by Willy Tarreau · Thu Jun 04 22:29:18 2020 +0200
  33. aeed4a8 REORG: include: move log.h to haproxy/log{,-t}.h by Willy Tarreau · Thu Jun 04 22:01:04 2020 +0200
  34. c2b1ff0 REORG: include: move http_ana.h to haproxy/http_ana{,-t}.h by Willy Tarreau · Thu Jun 04 21:21:03 2020 +0200
  35. f1d32c4 REORG: include: move channel.h to haproxy/channel{,-t}.h by Willy Tarreau · Thu Jun 04 21:07:02 2020 +0200
  36. 5e539c9 REORG: include: move stream_interface.h to haproxy/stream_interface{,-t}.h by Willy Tarreau · Thu Jun 04 20:45:39 2020 +0200
  37. 209108d REORG: include: move ssl_sock.h to haproxy/ssl_sock{,-t}.h by Willy Tarreau · Thu Jun 04 20:30:20 2020 +0200
  38. 83487a8 REORG: include: move cli.h to haproxy/cli{,-t}.h by Willy Tarreau · Thu Jun 04 20:19:54 2020 +0200
  39. 2eec9b5 REORG: include: move stats.h to haproxy/stats{,-t}.h by Willy Tarreau · Thu Jun 04 19:58:55 2020 +0200
  40. 3f0f82e REORG: move applet.h to haproxy/applet{,-t}.h by Willy Tarreau · Thu Jun 04 19:42:41 2020 +0200
  41. dcc048a REORG: include: move acl.h to haproxy/acl.h{,-t}.h by Willy Tarreau · Thu Jun 04 19:11:43 2020 +0200
  42. 7ea393d REORG: include: move connection.h to haproxy/connection{,-t}.h by Willy Tarreau · Thu Jun 04 18:02:10 2020 +0200
  43. fc77454 REORG: include: move proto_tcp.h to haproxy/proto_tcp.h by Willy Tarreau · Thu Jun 04 17:31:04 2020 +0200
  44. cea0e1b REORG: include: move task.h to haproxy/task{,-t}.h by Willy Tarreau · Thu Jun 04 17:25:40 2020 +0200
  45. f268ee8 REORG: include: split global.h into haproxy/global{,-t}.h by Willy Tarreau · Thu Jun 04 17:05:57 2020 +0200
  46. a171892 REORG: include: move vars.h to haproxy/vars{,-t}.h by Willy Tarreau · Thu Jun 04 16:25:31 2020 +0200
  47. 225a90a REORG: include: move pattern.h to haproxy/pattern{,-t}.h by Willy Tarreau · Thu Jun 04 15:06:28 2020 +0200
  48. 213e990 REORG: include: move listener.h to haproxy/listener{,-t}.h by Willy Tarreau · Thu Jun 04 14:58:24 2020 +0200
  49. 52d8872 REORG: move ssl_crtlist.h to haproxy/ssl_crtlist{,-t}.h by Willy Tarreau · Thu Jun 04 14:29:23 2020 +0200
  50. 47d7f90 REORG: include: move ssl_ckch.h to haproxy/ssl_ckch{,-t}.h by Willy Tarreau · Thu Jun 04 14:25:47 2020 +0200
  51. b2bd865 REORG: include: move ssl_utils.h to haproxy/ssl_utils.h by Willy Tarreau · Thu Jun 04 14:21:22 2020 +0200
  52. c761f84 REORG: include: move http_rules.h to haproxy/http_rules.h by Willy Tarreau · Thu Jun 04 11:40:28 2020 +0200
  53. 762d7a5 REORG: include: move frontend.h to haproxy/frontend.h by Willy Tarreau · Thu Jun 04 11:23:07 2020 +0200
  54. aa74c4e REORG: include: move arg.h to haproxy/arg{,-t}.h by Willy Tarreau · Thu Jun 04 10:19:23 2020 +0200
  55. 0f6ffd6 REORG: include: move fd.h to haproxy/fd{,-t}.h by Willy Tarreau · Wed Jun 03 19:33:00 2020 +0200
  56. 334099c REORG: include: move shctx to haproxy/shctx{,-t}.h by Willy Tarreau · Wed Jun 03 18:38:48 2020 +0200
  57. 48fbcae REORG: tools: split common/standard.h into haproxy/tools{,-t}.h by Willy Tarreau · Wed Jun 03 18:09:46 2020 +0200
  58. c2f7c58 REORG: include: move common/ticks.h to haproxy/ticks.h by Willy Tarreau · Tue Jun 02 18:15:32 2020 +0200
  59. 2741c8c REORG: include: move common/buffer.h to haproxy/dynbuf{,-t}.h by Willy Tarreau · Tue Jun 02 11:28:02 2020 +0200
  60. c13ed53 REORG: include: move common/chunk.h to haproxy/chunk.h by Willy Tarreau · Tue Jun 02 10:22:45 2020 +0200
  61. 6634794 REORG: include: move freq_ctr to haproxy/ by Willy Tarreau · Mon Jun 01 12:18:08 2020 +0200
  62. 92b4f13 REORG: include: move time.h from common/ to haproxy/ by Willy Tarreau · Mon Jun 01 11:05:15 2020 +0200
  63. af613e8 CLEANUP: thread: rename __decl_hathreads() to __decl_thread() by Willy Tarreau · Fri Jun 05 08:40:51 2020 +0200
  64. 58017ee REORG: include: move the BUG_ON() code to haproxy/bug.h by Willy Tarreau · Wed May 27 16:51:33 2020 +0200
  65. 6019fab REORG: include: move openssl-compat.h from common/ to haproxy/ by Willy Tarreau · Wed May 27 16:26:00 2020 +0200
  66. 8d36697 REORG: include: move base64.h, errors.h and hash.h from common to to haproxy/ by Willy Tarreau · Wed May 27 16:10:29 2020 +0200
  67. 4c7e4b7 REORG: include: update all files to use haproxy/api.h or api-t.h if needed by Willy Tarreau · Wed May 27 12:58:42 2020 +0200
  68. 8d2b777 REORG: ebtree: move the include files from ebtree to include/import/ by Willy Tarreau · Wed May 27 10:58:19 2020 +0200
  69. f187ce6 Revert "MINOR: ssl: rework add cert chain to CTX to be libssl independent" by William Lallemand · Tue Jun 02 18:27:20 2020 +0200
  70. 50df1cb MINOR: ssl: set ssl-min-ver in ambiguous configurations by William Lallemand · Tue Jun 02 10:52:24 2020 +0200
  71. 2f44a59 MEDIUM: ssl: use TLSv1.2 as the minimum default on bind lines by William Lallemand · Fri May 29 08:54:33 2020 +0200
  72. 6a66a5e REORG: ssl: move utility functions to src/ssl_utils.c by William Lallemand · Fri May 15 12:01:17 2020 +0200
  73. 15e1694 REORG: ssl: move sample fetches to src/ssl_sample.c by William Lallemand · Fri May 15 00:25:08 2020 +0200
  74. c0cdaff REORG: ssl: move ssl_sock_ctx and fix cross-dependencies issues by William Lallemand · Fri May 15 00:20:53 2020 +0200
  75. ef76107 MINOR: ssl: remove static keyword in some SSL utility functions by William Lallemand · Fri May 15 09:52:16 2020 +0200
  76. dad3105 REORG: ssl: move ssl configuration to cfgparse-ssl.c by William Lallemand · Thu May 14 17:47:32 2020 +0200
  77. da8584c REORG: ssl: move the CLI 'cert' functions to src/ssl_ckch.c by William Lallemand · Thu May 14 10:14:37 2020 +0200
  78. c756bbd REORG: ssl: move the crt-list CLI functions in src/ssl_crtlist.c by William Lallemand · Wed May 13 17:23:59 2020 +0200
  79. fa1d8b4 REORG: ssl: move ckch_inst functions to src/ssl_ckch.c by William Lallemand · Wed May 13 15:46:10 2020 +0200
  80. 03c331c REORG: ssl: move the ckch_store related functions to src/ssl_ckch.c by William Lallemand · Wed May 13 10:10:01 2020 +0200
  81. 6e9556b REORG: ssl: move crtlist functions to src/ssl_crtlist.c by William Lallemand · Tue May 12 17:52:44 2020 +0200
  82. c69973f CLEANUP: ssl: add ckch prototypes in proto/ssl_ckch.h by William Lallemand · Tue May 12 17:42:42 2020 +0200
  83. d4632b2 REORG: ssl: move the ckch structures to types/ssl_ckch.h by William Lallemand · Tue May 12 14:46:24 2020 +0200
  84. 336c4bb CLEANUP: ssl: remove the shsess_* macros by William Lallemand · Thu May 07 15:28:02 2020 +0200
  85. 7fd8b45 REORG: ssl: move macros and structure definitions to ssl_sock.h by William Lallemand · Thu May 07 15:20:43 2020 +0200
  86. 2dec6a3 MEDIUM: ssl: use ssl_sock_get_ssl_object() in fetchers where appropriate by Dragan Dosen · Mon May 11 17:25:19 2020 +0200
  87. eb607fe MINOR: ssl: add a new function ssl_sock_get_ssl_object() by Dragan Dosen · Mon May 11 17:17:06 2020 +0200
  88. 9ac9809 MEDIUM: ssl: split ssl_sock_msgcbk() and use a new callback mechanism by Dragan Dosen · Mon May 11 15:51:45 2020 +0200
  89. 1e7ed04 MEDIUM: ssl: allow to register callbacks for SSL/TLS protocol messages by Dragan Dosen · Fri May 08 18:30:00 2020 +0200
  90. b399bfb MINOR: sample: Move aes_gcm_dec implementation into sample.c by Patrick Gansterer · Sun Jun 17 11:21:11 2018 +0200
  91. 3ba77d2 MEDIUM: ssl: increase default-dh-param to 2048 by Willy Tarreau · Fri May 08 09:31:18 2020 +0200
  92. f98e626 MINOR: checks/sample: Remove unnecessary tests on the sample session by Christopher Faulet · Wed May 06 09:42:04 2020 +0200
  93. d92ea7f MINOR: checks: Add support of server side ssl sample fetches by Christopher Faulet · Thu Apr 30 10:03:55 2020 +0200
  94. f35d69e BUG/MEDIUM: ssl: fix the id length check within smp_fetch_ssl_fc_session_id() by Dragan Dosen · Mon May 04 09:07:28 2020 +0200
  95. a6cd078 CLEANUP: ssl: silence a build warning when threads are disabled by Willy Tarreau · Fri May 01 11:38:39 2020 +0200
  96. d75f57e MINOR: ssl: Export a generic function to parse an alpn string by Christopher Faulet · Mon Apr 20 18:32:29 2020 +0200
  97. 8892e5d BUG/MEDIUM: server/checks: Init server check during config validity check by Christopher Faulet · Thu Mar 26 19:48:20 2020 +0100
  98. f61f33a BUG/MINOR: checks: Respect the no-check-ssl option by Christopher Faulet · Fri Mar 27 18:55:49 2020 +0100
  99. b203ff6 MINOR: config: add a global directive to set default SSL curves by Jerome Magnin · Fri Apr 03 15:28:22 2020 +0200
  100. 2e8d52f BUG/MINOR: ssl: default settings for ssl server options are not used by Jerome Magnin · Wed Apr 22 11:40:18 2020 +0200