Gitiles
Code Review
Sign In
git01.mediatek.com
/
haproxy
/
8b85246b9547486102e0dd3c68d7ba610c6ca396
/
src
/
ssl_sock.c
d13e925
BUG/MINOR: ssl: fix curve setup with LibreSSL
by Lukas Tribus
· 5 years ago
27c21cd
BUILD/MINOR: ssl: fix compiler warning about useless statement
by Eric Salama
· 5 years ago
26b7b80
BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1
by Emmanuel Hocdet
· 5 years ago
7b34de3
BUG/MINOR: ssl: fix memcpy overlap without consequences.
by Emeric Brun
· 5 years ago
2bbc80d
BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed
by Christopher Faulet
· 5 years ago
d6de151
BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1
by Emeric Brun
· 5 years ago
cfc1afe
CLEANUP: ssl: make ssl_sock_load_dh_params handle errcode/warn
by Emeric Brun
· 5 years ago
394701d
CLEANUP: ssl: make ssl_sock_put_ckch_into_ctx handle errcode/warn
by Emeric Brun
· 5 years ago
b131c87
CLEANUP: ssl: make ssl_sock_load_cert*() return real error codes
by Willy Tarreau
· 5 years ago
c33d83d
BUILD: ssl: wrong #ifdef for SSL engines code
by William Lallemand
· 5 years ago
4801c70
BUG/MINOR: ssl: abort on sni_keytypes allocation failure
by William Lallemand
· 5 years ago
e92c030
BUG/MINOR: ssl: free the sni_keytype nodes
by William Lallemand
· 5 years ago
24e292c
BUG/MINOR: ssl: abort on sni allocation failure
by William Lallemand
· 5 years ago
4517b0c
BUG/MINOR: ssl: always check for ssl connection before getting its XPRT context
by Christopher Faulet
· 5 years ago
87cfd66
BUG/MAJOR: ssl: ssl_sock was not fully initialized.
by Emeric Brun
· 5 years ago
bb8643c
MINOR: ssl: ssl_fc_has_early should work for BoringSSL
by Emmanuel Hocdet
· 5 years ago
510fce5
BUG/MINOR: ssl: fix 0-RTT for BoringSSL
by Emmanuel Hocdet
· 5 years ago
5db881f
BUG/MINOR: ssl: revert empty handshake detection in OpenSSL <= 1.0.2
by Lukas Tribus
· 5 years ago
aa2ecea
BUG/MEDIUM: ssl: Don't attempt to set alpn if we're not using SSL.
by Olivier Houchard
· 5 years ago
a37eb6a
BUG/MEDIUM: ssl: Don't do anything in ssl_subscribe if we have no ctx.
by Olivier Houchard
· 5 years ago
965e84e
BUG/MEDIUM: ssl: Make sure we initiate the handshake after using early data.
by Olivier Houchard
· 5 years ago
3c39a7d
CLEANUP: connection: rename the wait_event.task field to .tasklet
by Willy Tarreau
· 5 years ago
9faebe3
MEDIUM: tools: improve time format error detection
by Willy Tarreau
· 5 years ago
81284e6
BUG/MEDIUM: ssl: Don't forget to initialize ctx->send_recv and ctx->recv_wait.
by Olivier Houchard
· 5 years ago
03abf2d
MEDIUM: connections: Remove CONN_FL_SOCK*
by Olivier Houchard
· 5 years ago
2e05548
MINOR: connections: Add a new xprt method, add_xprt().
by Olivier Houchard
· 5 years ago
5149b59
MINOR: connections: Add a new xprt method, remove_xprt.
by Olivier Houchard
· 5 years ago
000694c
MINOR: ssl: Make ssl_sock_handshake() static.
by Olivier Houchard
· 5 years ago
ea8dd94
MEDIUM: ssl: Handle subscribe by itself.
by Olivier Houchard
· 5 years ago
6567466
MINOR: SSL: add client/server random sample fetches
by Patrick Hemmer
· 5 years ago
839af57
CLEANUP: ssl: remove unneeded defined(OPENSSL_IS_BORINGSSL)
by Emmanuel Hocdet
· 6 years ago
692c1d0
MINOR: ssl: Don't forget to call the close method of the underlying xprt.
by Olivier Houchard
· 5 years ago
19afb27
MINOR: ssl: Make sure the underlying xprt's init method doesn't fail.
by Olivier Houchard
· 5 years ago
0590f44
BUILD: ssl: fix latest LibreSSL reg-test error
by Ilya Shipitsin
· 5 years ago
e242f3d
BUG/MINOR: ssl_sock: Fix memory leak when disabling compression
by Ilya Shipitsin
· 5 years ago
7e1770b
BUG/MAJOR: ssl: segfault upon an heartbeat request
by William Lallemand
· 6 years ago
295d614
CLEANUP: ssl: move all BIO_* definitions to openssl-compat
by Willy Tarreau
· 6 years ago
11b1671
CLEANUP: ssl: remove ifdef around SSL_CTX_get_extra_chain_certs()
by Willy Tarreau
· 6 years ago
366a698
CLEANUP: ssl: move the SSL_OP_* and SSL_MODE_* definitions to openssl-compat
by Willy Tarreau
· 6 years ago
8d164dc
CLEANUP: ssl: never include openssl/*.h outside of openssl-compat.h anymore
by Willy Tarreau
· 6 years ago
9356dac
REORG: ssl: move some OpenSSL defines from ssl_sock to openssl-compat
by Willy Tarreau
· 6 years ago
5599456
REORG: ssl: move openssl-compat from proto to common
by Willy Tarreau
· 6 years ago
df17e0e
BUILD: ssl: fix libressl build again after aes-gcm-enc
by Willy Tarreau
· 6 years ago
86a394e
MINOR: ssl: enable aes_gcm_dec on LibreSSL
by Willy Tarreau
· 6 years ago
5db847a
CLEANUP: ssl: remove 57 occurrences of useless tests on LIBRESSL_VERSION_NUMBER
by Willy Tarreau
· 6 years ago
1d158ab
BUILD: ssl: make libressl use its own version numbers
by Willy Tarreau
· 6 years ago
9a1ab08
CLEANUP: ssl-sock: use HA_OPENSSL_VERSION_NUMBER instead of OPENSSL_VERSION_NUMBER
by Willy Tarreau
· 6 years ago
4cd2af4
BUG/MEDIUM: ssl: Don't attempt to use early data with libressl.
by Olivier Houchard
· 6 years ago
54832b9
BUILD: enable several LibreSSL hacks, including
by Ilya Shipitsin
· 6 years ago
010941f
BUG/MEDIUM: ssl: Use the early_data API the right way.
by Olivier Houchard
· 6 years ago
b51937e
BUG/MEDIUM: ssl: Don't pretend we can retry a recv/send if we got a shutr/w.
by Olivier Houchard
· 6 years ago
a28454e
BUG/MEDIUM: ssl: Return -1 on recv/send if we got EAGAIN.
by Olivier Houchard
· 6 years ago
d0e095c
MINOR: ssl/cli: async fd io-handlers printable on show fd
by Emeric Brun
· 6 years ago
66a7b33
BUILD/medium: ssl: Fix build with OpenSSL < 1.1.0
by Olivier Houchard
· 6 years ago
a8955d5
MEDIUM: ssl: provide our own BIO.
by Olivier Houchard
· 6 years ago
e179d0e
MEDIUM: connections: Provide a xprt_ctx for each xprt method.
by Olivier Houchard
· 6 years ago
df35784
MEDIUM: ssl: provide its own subscribe/unsubscribe function.
by Olivier Houchard
· 6 years ago
7b5fd1e
MEDIUM: connections: Move some fields from struct connection to ssl_sock_ctx.
by Olivier Houchard
· 6 years ago
66ab498
MEDIUM: ssl: Give ssl_sock its own context.
by Olivier Houchard
· 6 years ago
0e492e2
BUILD: address a few cases of "static <type> inline foo()"
by Willy Tarreau
· 6 years ago
2b4edfb
MINOR: ssl: Activate aes_gcm_dec converter for BoringSSL
by Emmanuel Hocdet
· 6 years ago
c31499d
MINOR: ssl: Add aes_gcm_dec converter
by Nenad Merdanovic
· 6 years ago
bc34cd1
BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites
by Pierre Cheynier
· 6 years ago
2be5a4c
MEDIUM: ssl: Use the new _HA_ATOMIC_* macros.
by Olivier Houchard
· 6 years ago
1aabc93
BUG/MINOR: ssl: fix warning about ssl-min/max-ver support
by Lukas Tribus
· 6 years ago
526894f
BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages
by Dirkjan Bussink
· 6 years ago
f24502b
BUG/MEDIUM: connections: Add the CO_FL_CONNECTED flag if a send succeeded.
by Olivier Houchard
· 6 years ago
9e75477
MINOR: ssl: add support of aes256 bits ticket keys on file and cli.
by Emeric Brun
· 6 years ago
09852f7
BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file
by Emeric Brun
· 6 years ago
51088ce
BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.
by Olivier Houchard
· 6 years ago
9215014
MEDIUM: checks: Add check-alpn.
by Olivier Houchard
· 6 years ago
ab28a32
MINOR: ssl: Add ssl_sock_set_alpn().
by Olivier Houchard
· 6 years ago
6818595
BUILD: ssl: Fix compilation without deprecated OpenSSL 1.1 APIs
by Rosen Penev
· 6 years ago
e0f24ee
MINOR: connection: realign empty buffers in muxes, not transport layers
by Willy Tarreau
· 6 years ago
e064a80
BUG/MINOR: fix ssl_fc_alpn and actually add ssl_bc_alpn
by Jérôme Magnin
· 6 years ago
6be139f
BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id
by Baptiste Assmann
· 6 years ago
7706b85
MINOR: ssl: free ctx when libssl doesn't support NPN
by Lukas Tribus
· 6 years ago
8071338
MINOR: initcall: apply initcall to all register_build_opts() calls
by Willy Tarreau
· 6 years ago
86abe44
MEDIUM: init: use self-initializing spinlocks and rwlocks
by Willy Tarreau
· 6 years ago
0108d90
MEDIUM: init: convert all trivial registration calls to initcalls
by Willy Tarreau
· 6 years ago
da95fd9
BUILD/MINOR: ssl: fix build with non-alpn/non-npn libssl
by Lukas Tribus
· 6 years ago
6b77f49
MEDIUM: ssl: Add ssl_bc_alpn and ssl_bc_npn sample fetches.
by Olivier Houchard
· 6 years ago
c756600
MINOR: server: Add "alpn" and "npn" keywords.
by Olivier Houchard
· 6 years ago
017b3da
CLEANUP: fix typos in the ssl_sock subsystem
by Joseph Herlant
· 6 years ago
db39843
MINOR: stream-int: replace si_cant_put() with si_rx_room_{blk,rdy}()
by Willy Tarreau
· 6 years ago
0cd3bd6
MINOR: stream-int: rename si_applet_{want|stop|cant}_{get|put}
by Willy Tarreau
· 6 years ago
4c8aa11
BUG/MINOR: ssl: Wrong usage of shctx_init().
by Frédéric Lécaille
· 6 years ago
b7838af
MINOR: shctx: Add a maximum object size parameter.
by Frédéric Lécaille
· 6 years ago
0bec807
MINOR: shctx: Shared objects block by block allocation.
by Frédéric Lécaille
· 6 years ago
a882552
BUILD: ssl: fix another null-deref warning in ssl_sock_switchctx_cbk()
by Willy Tarreau
· 6 years ago
b729077
BUILD: ssl: fix null-deref warning in ssl_fc_cipherlist_str sample fetch
by Willy Tarreau
· 6 years ago
83a0cd8
MINOR: connections: Introduce an unsubscribe method.
by Olivier Houchard
· 6 years ago
7ad43e7
BUG/MEDIUM: Cur/CumSslConns counters not threadsafe.
by Emeric Brun
· 6 years ago
415150f
MEDIUM: ssl: add support for ciphersuites option for TLSv1.3
by Dirkjan Bussink
· 6 years ago
747ca61
MINOR: ssl: generate-certificates for BoringSSL
by Emmanuel Hocdet
· 6 years ago
a9b8402
MINOR: ssl: cleanup old openssl API call
by Emmanuel Hocdet
· 6 years ago
61c112a
REORG: http: move HTTP rules parsing to http_rules.c
by Willy Tarreau
· 6 years ago
07d94e4
BUILD: ssl_sock: remove build warnings on potential null-derefs
by Willy Tarreau
· 6 years ago
9f9b0c6
BUG/MEDIUM: ECC cert should work with TLS < v1.2 and openssl >= 1.1.1
by Emmanuel Hocdet
· 6 years ago
1c913e4
BUG/MEDIUM: cli/ssl: don't store base64dec() result in the trash's length
by Willy Tarreau
· 6 years ago
Next »