Gitiles
Code Review
Sign In
git01.mediatek.com
/
haproxy
/
97c2ae13bc0d7961a348102d6719fbcaf34d46d5
/
src
/
ssl_sock.c
32af203
REORG: cli: move ssl CLI functions to ssl_sock.c
by William Lallemand
· 8 years ago
8e0bb0a
MINOR: connection: add names for transport and data layers
by Willy Tarreau
· 8 years ago
ff13c06
CLEANUP: ssl: Fix bind keywords name in comments
by Bertrand Jacquin
· 8 years ago
5424ee0
BUG/MINOR: ssl: Print correct filename when error occurs reading OCSP
by Bertrand Jacquin
· 8 years ago
3342309
BUG/MEDIUM: ssl: Store certificate filename in a variable
by Bertrand Jacquin
· 8 years ago
1866d6d
MEDIUM: ssl: Add support for OpenSSL 1.1.0
by Dirkjan Bussink
· 8 years ago
07c3d78
BUG/MINOR: ssl: prevent multiple entries for the same certificate
by Thierry FOURNIER / OZON.IO
· 8 years ago
7a3bd3b
BUG/MINOR: ssl: Check malloc return code
by Thierry FOURNIER / OZON.IO
· 8 years ago
d44ea3f
BUILD/CLEANUP: ssl: Check BIO_reset() return code
by Thierry FOURNIER / OZON.IO
· 8 years ago
8b068c2
MINOR: ssl: add debug traces
by Thierry FOURNIER / OZON.IO
· 8 years ago
c7e1263
BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
by Remi Gacogne
· 8 years ago
90fd35c
Revert "BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()"
by Willy Tarreau
· 8 years ago
16aa015
BUG/MINOR: ssl: close ssl key file on error
by mildis
· 8 years ago
24b892f
BUILD: ssl: fix typo causing a build failure in the multicert patch
by Willy Tarreau
· 8 years ago
5e0e6e4
MINOR: ssl: crt-list parsing factor
by Emmanuel Hocdet
· 9 years ago
d294aea
MEDIUM: ssl: support SNI filters with multicerts
by Emmanuel Hocdet
· 9 years ago
0ea4c23
BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
by Roberto Guimaraes
· 8 years ago
bb137a8
BUG/MEDIUM: ssl: rewind the BIO when reading certificates
by Willy Tarreau
· 9 years ago
02779b6
CLEANUP: uniformize last argument of malloc/calloc
by Vincent Bernat
· 9 years ago
3c2f2f2
CLEANUP: remove unneeded casts
by Vincent Bernat
· 9 years ago
1789115
BUG/MEDIUM: Fix RFC5077 resumption when more than TLS_TICKETS_NO are present
by Nenad Merdanovic
· 9 years ago
e237fe1
BUG/MINOR: ssl: fix usage of the various sample fetch functions
by Willy Tarreau
· 9 years ago
be508f1
BUG/MAJOR: samples: check smp->strm before using it
by Willy Tarreau
· 9 years ago
23d19d6
BUG/MEDIUM: cfgparse: wrong argument offset after parsing server "sni" keyword
by Cyril Bonté
· 9 years ago
3724da1
BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
by Willy Tarreau
· 9 years ago
bef6091
BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
by Marcoen Hirschberg
· 9 years ago
635c0ad
BUG/MINOR: ssl: Be sure to use unique serial for regenerated certificates
by Christopher Faulet
· 9 years ago
30da7ad
BUILD: ssl: set SSL_SOCK_NUM_KEYTYPES with openssl < 1.0.2
by Willy Tarreau
· 9 years ago
be2774d
MEDIUM: ssl: Added support for Multi-Cert OCSP Stapling
by yanbzhu
· 9 years ago
63ea846
MEDIUM: ssl: Added multi cert support for loading crt directories
by yanbzhu
· 9 years ago
1b04e5b
MINOR: ssl: Added multi cert support for crt-list config keyword
by yanbzhu
· 9 years ago
08ce6ab
MEDIUM: ssl: Added support for creating SSL_CTX with multiple certs
by yanbzhu
· 9 years ago
488a4d2
MINOR: ssl: Added cert_key_and_chain struct
by yanbzhu
· 9 years ago
54ffb91
BUILD: check for libressl to be able to build against it
by Daniel Jakots
· 9 years ago
e7db216
BUILD: ssl: fix build error introduced in commit 7969a3 with OpenSSL < 1.0.0
by Christopher Faulet
· 9 years ago
2f63ef4
BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is disabled
by Willy Tarreau
· 9 years ago
85b5a1a
MINOR: ssl: Add callbacks to set DH/ECDH params for generated certificates
by Christopher Faulet
· 9 years ago
7969a33
MINOR: ssl: Add support for EC for the CA used to sign generated certificates
by Christopher Faulet
· 9 years ago
c6f02fb
MINOR: ssl: Read the file used to generate certificates in any order
by Christopher Faulet
· 9 years ago
a84c267
BUILD: ssl: fix build error introduced by recent commit
by Willy Tarreau
· 9 years ago
77fe80c
MINOR: ssl: Release Servers SSL context when HAProxy is shut down
by Christopher Faulet
· 9 years ago
d2cab92
BUG/MINOR: ssl: fix management of the cache where forged certificates are stored
by Christopher Faulet
· 9 years ago
bc96534
DOC: ssl: missing LF
by Thierry FOURNIER
· 9 years ago
136f9d3
MINOR: samples: rename union from "data" to "u"
by Thierry FOURNIER
· 9 years ago
8c542ca
MEDIUM: samples: Use the "struct sample_data" in the "struct sample"
by Thierry FOURNIER
· 9 years ago
cc79b00
BUG/MINOR: ssl: TLS Ticket Key rotation broken via socket command
by Pradeep Jindal
· 9 years ago
17c3f62
BUILD: ssl: Allow building against libssl without SSLv3.
by Jérémie Courrèges-Anglas
· 9 years ago
bf65cd4
MAJOR: arg: converts uint and sint in sint
by Thierry FOURNIER
· 9 years ago
07ee64e
MAJOR: sample: converts uint and sint in 64 bits signed integer
by Thierry FOURNIER
· 9 years ago
732eac4
MEDIUM: ssl: add sni support on the server lines
by Willy Tarreau
· 9 years ago
6307641
MINOR: ssl: provide ia function to set the SNI extension on a connection
by Willy Tarreau
· 9 years ago
fc017fe
CLEANUP: ssl: make ssl_sock_generate_certificate() use ssl_sock_generated_cert_serial()
by Willy Tarreau
· 9 years ago
646b864
CLEANUP: ssl: make ssl_sock_generated_cert_serial() take a const
by Willy Tarreau
· 9 years ago
f672145
MINOR: ssl: make self-generated certs also work with raw IPv6 addresses
by Willy Tarreau
· 9 years ago
745d412
BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id
by Willy Tarreau
· 9 years ago
c8ad3be
BUILD: ssl: fix recent build breakage on older SSL libs
by Willy Tarreau
· 9 years ago
3054880
MINOR: ssl: Export functions to manipulate generated certificates
by Christopher Faulet
· 9 years ago
31af49d
MEDIUM: ssl: Add options to forge SSL certificates
by Christopher Faulet
· 9 years ago
d3a341a
MEDIUM: ssl: replace standards DH groups with custom ones
by Remi Gacogne
· 9 years ago
47783ef
MEDIUM: ssl: add the possibility to use a global DH parameters file
by Remi Gacogne
· 9 years ago
d3a23c3
MINOR: ssl: add a destructor to free allocated SSL ressources
by Remi Gacogne
· 9 years ago
4f902b8
BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten
by Remi Gacogne
· 9 years ago
26ea822
MINOR: Add sample fetch which identifies if the SSL session has been resumed
by Nenad Merdanovic
· 10 years ago
200b0fa
MEDIUM: Add support for updating TLS ticket keys via socket
by Nenad Merdanovic
· 10 years ago
146defa
MINOR: Add TLS ticket keys reference and use it in the listener struct
by Nenad Merdanovic
· 10 years ago
e26bf05
BUILD/MINOR: ssl: fix build failure introduced by recent patch
by Willy Tarreau
· 10 years ago
0786d05
MEDIUM: sample: change the prototype of sample-fetches functions
by Thierry FOURNIER
· 10 years ago
0a9a2b8
MEDIUM: sample change the prototype of sample-fetches and converters functions
by Thierry FOURNIER
· 10 years ago
fc65af0
BUG/MINOR: ssl: Display correct filename in error message
by Alexander Rigbo
· 10 years ago
192252e
MAJOR: sample: pass a pointer to the session to each sample fetch function
by Willy Tarreau
· 10 years ago
15e91e1
MAJOR: sample: don't pass l7 anymore to sample fetch functions
by Willy Tarreau
· 10 years ago
53c9b4d
CLEANUP: sample: remove useless tests in fetch functions for l4 != NULL
by Willy Tarreau
· 10 years ago
9ad7bd4
MEDIUM: session: use the pointer to the origin instead of s->si[0].end
by Willy Tarreau
· 10 years ago
87b0966
REORG/MAJOR: session: rename the "session" entity to "stream"
by Willy Tarreau
· 10 years ago
d85c485
REORG: connection: move conn_drain() to connection.c and rename it
by Willy Tarreau
· 10 years ago
2c701b5
MEDIUM: ssl: Certificate Transparency support
by Janusz Dziemidowicz
· 10 years ago
f41a809
MINOR: sample: add private argument to the struct sample_fetch
by Thierry FOURNIER
· 10 years ago
622317d
BUILD/CLEANUP: ssl: avoid a warning due to mixed code and declaration
by Willy Tarreau
· 10 years ago
05552d4
MEDIUM: Add support for configurable TLS ticket keys
by Nenad Merdanovic
· 10 years ago
2a3fb1c
MINOR: ssl/server: add the "no-ssl-reuse" server option
by Willy Tarreau
· 10 years ago
3180f7b
MINOR: ssl: load certificates in alphabetical order
by Cyril Bonté
· 10 years ago
d92aa5c
MINOR: global: report information about the cost of SSL connections
by Willy Tarreau
· 10 years ago
fce0311
MINOR: global: always export some SSL-specific metrics
by Willy Tarreau
· 10 years ago
e4e30f7
BUILD: ssl: use OPENSSL_NO_OCSP to detect OCSP support
by Lukas Tribus
· 10 years ago
9ce1311
BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks
by Cyril Bonté
· 10 years ago
396a186
MEDIUM: ssl: add support for smaller SSL records
by Willy Tarreau
· 10 years ago
fba03cd
BUG/MEDIUM: ssl: force a full GC in case of memory shortage
by Willy Tarreau
· 10 years ago
5547615
BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM.
by Emeric Brun
· 10 years ago
0bed994
BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates
by Emeric Brun
· 10 years ago
2c86cbf
MINOR: ssl: add statement to force some ssl options in global.
by Emeric Brun
· 10 years ago
43e7958
MINOR: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER formatted certs
by Emeric Brun
· 10 years ago
a616ba6
BUILD/MINOR: ssl: de-constify "ciphers" to avoid a warning on openssl-0.9.8
by Willy Tarreau
· 10 years ago
23d5d37
MINOR: ssl: use SSL_get_ciphers() instead of directly accessing the cipher list.
by Remi Gacogne
· 10 years ago
328fb58
MEDIUM: connection: add new bit in Proxy Protocol V2
by Dave McCowan
· 10 years ago
9013272
MINOR: ssl: don't use boringssl's cipher_list
by Lukas Tribus
· 10 years ago
4c0d45a
BUILD: ssl: don't call get_rfc2409_prime when using boringssl
by Lukas Tribus
· 10 years ago
656c5fa
BUILD: ssl: disable OCSP when using boringssl
by Lukas Tribus
· 10 years ago
8de5415
BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange
by Remi Gacogne
· 10 years ago
0abf836
BUG/MINOR: ssl: Fix external function in order not to return a pointer on an internal trash buffer.
by Emeric Brun
· 10 years ago
1d3865b
BUG/MINOR: ssl: Fix OCSP resp update fails with the same certificate configured twice.
by Emeric Brun
· 10 years ago
Next »