Gitiles
Code Review
Sign In
git01.mediatek.com
/
haproxy
/
a202d1d4c1d73032f01bd7ccf438c5468347cffd
/
src
/
ssl_sock.c
« Previous
83a0cd8
MINOR: connections: Introduce an unsubscribe method.
by Olivier Houchard
· 6 years ago
7ad43e7
BUG/MEDIUM: Cur/CumSslConns counters not threadsafe.
by Emeric Brun
· 6 years ago
415150f
MEDIUM: ssl: add support for ciphersuites option for TLSv1.3
by Dirkjan Bussink
· 6 years ago
747ca61
MINOR: ssl: generate-certificates for BoringSSL
by Emmanuel Hocdet
· 6 years ago
a9b8402
MINOR: ssl: cleanup old openssl API call
by Emmanuel Hocdet
· 6 years ago
61c112a
REORG: http: move HTTP rules parsing to http_rules.c
by Willy Tarreau
· 6 years ago
07d94e4
BUILD: ssl_sock: remove build warnings on potential null-derefs
by Willy Tarreau
· 6 years ago
9f9b0c6
BUG/MEDIUM: ECC cert should work with TLS < v1.2 and openssl >= 1.1.1
by Emmanuel Hocdet
· 6 years ago
1c913e4
BUG/MEDIUM: cli/ssl: don't store base64dec() result in the trash's length
by Willy Tarreau
· 6 years ago
a25282b
DOC: ssl: Use consistent naming for TLS protocols
by Bertrand Jacquin
· 6 years ago
e1b4ed4
BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error.
by Emeric Brun
· 6 years ago
eb155b6
BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle.
by Emeric Brun
· 6 years ago
77e8919
BUG/MINOR: ssl: empty connections reported as errors.
by Emeric Brun
· 6 years ago
6ff2039
MINOR: connections/mux: Add a new "subscribe" method.
by Olivier Houchard
· 6 years ago
83061a8
MAJOR: chunks: replace struct chunk with struct buffer
by Willy Tarreau
· 6 years ago
843b7cb
MEDIUM: chunks: make the chunk struct's fields match the buffer struct
by Willy Tarreau
· 6 years ago
acd1403
MINOR: buffer: Use b_add()/bo_add() instead of accessing b->i/b->o.
by Olivier Houchard
· 6 years ago
591d445
MINOR: buffer: use b_orig() to replace most references to b->data
by Willy Tarreau
· 6 years ago
0c7ed5d
MINOR: buffer: replace buffer_empty() with b_empty() or c_empty()
by Willy Tarreau
· 6 years ago
7f3225f
MINOR: connection: add a flags argument to rcv_buf()
by Willy Tarreau
· 6 years ago
bfc4d77
MEDIUM: connection: make xprt->rcv_buf() use size_t for the count
by Willy Tarreau
· 6 years ago
787db9a
MEDIUM: connection: make xprt->snd_buf() take the byte count in argument
by Willy Tarreau
· 6 years ago
0e11d59
MINOR: buffer: remove bo_contig_data()
by Willy Tarreau
· 6 years ago
8f9c72d
MINOR: buffer: remove bi_end()
by Willy Tarreau
· 6 years ago
89faf5d
MINOR: buffer: remove bo_ptr()
by Willy Tarreau
· 6 years ago
17b4aa1
BUG/MINOR: ssl: properly ref-count the tls_keys entries
by Willy Tarreau
· 6 years ago
3448c49
BUG/MEDIUM: ssl: do not store pkinfo with SSL_set_ex_data
by Emmanuel Hocdet
· 6 years ago
28962c9
BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
by Thierry FOURNIER
· 6 years ago
16ff050
BUG/MAJOR: ssl: Random crash with cipherlist capture
by Thierry FOURNIER
· 6 years ago
926594f
MINOR: ssl: set SSL_OP_PRIORITIZE_CHACHA
by Lukas Tribus
· 6 years ago
03f4ec4
BUG/MEDIUM: ssl: properly protect SSL cert generation
by Willy Tarreau
· 6 years ago
e027547
MINOR: ssl: add fetch 'ssl_fc_session_key' and 'ssl_bc_session_key'
by Patrick Hemmer
· 7 years ago
4196677
MINOR: ssl: disable SSL sample fetches when unsupported
by Patrick Hemmer
· 7 years ago
1e0867c
MINOR: ssl: Add payload support to "set ssl ocsp-response"
by Aurélien Nephtali
· 7 years ago
abbf607
MEDIUM: cli: Add payload support
by Aurélien Nephtali
· 7 years ago
9a4da68
MINOR: cli: Ensure the CLI always outputs an error when it should
by Aurélien Nephtali
· 7 years ago
13c53f8
BUILD: ssl: Fix build with OpenSSL without NPN capability
by Bernard Spil
· 7 years ago
6e8a41d
BUG/MINOR: cli: Ensure all command outputs end with a LF
by Aurélien Nephtali
· 7 years ago
76de95a
CLEANUP: ssl: Remove a duplicated #include
by Aurélien Nephtali
· 7 years ago
253c3b7
MINOR: connection: add proxy-v2-options authority
by Emmanuel Hocdet
· 7 years ago
283e004
MINOR: ssl: add ssl_sock_get_cert_sig function
by Emmanuel Hocdet
· 7 years ago
96b7834
MINOR: ssl: add ssl_sock_get_pkey_algo function
by Emmanuel Hocdet
· 7 years ago
ddc090b
MINOR: ssl: extract full pkey info in load_certificate
by Emmanuel Hocdet
· 7 years ago
74f7ffa
MINOR: ssl/sample: adds ssl_bc_is_resumed fetch keyword.
by Emeric Brun
· 7 years ago
eb8def9
BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken.
by Emeric Brun
· 7 years ago
4ac77a9
BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL
by Christopher Faulet
· 7 years ago
16f45c8
BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe
by Christopher Faulet
· 7 years ago
7e2e505
BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable.
by Olivier Houchard
· 7 years ago
25ae45a
MINOR: early data: Never remove the CO_FL_EARLY_DATA flag.
by Olivier Houchard
· 7 years ago
6fa63d9
MINOR: early data: Don't rely on CO_FL_EARLY_DATA to wake up streams.
by Olivier Houchard
· 7 years ago
a9786b6
MINOR: fd: pass the iocb and owner to fd_insert()
by Willy Tarreau
· 7 years ago
99b90af
BUG/MEDIUM: ssl: cache doesn't release shctx blocks
by William Lallemand
· 7 years ago
5d4cafb
BUILD: ssl: silence a warning when building without NPN nor ALPN support
by Willy Tarreau
· 7 years ago
ece0c33
BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically.
by Emeric Brun
· 7 years ago
c61c0b3
BUG/MINOR: ssl: support tune.ssl.cachesize 0 again
by William Lallemand
· 7 years ago
cebd796
BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream
by Emmanuel Hocdet
· 7 years ago
c3cd35f
BUG/MEDIUM: ssl: don't allocate shctx several time
by William Lallemand
· 7 years ago
bafbe01
CLEANUP: pools: rename all pool functions and pointers to remove this "2"
by Willy Tarreau
· 7 years ago
767a84b
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
by Christopher Faulet
· 7 years ago
ca6a957
MINOR: ssl: Handle early data with BoringSSL
by Emmanuel Hocdet
· 7 years ago
90084a1
MINOR: ssl: Handle reading early data after writing better.
by Olivier Houchard
· 7 years ago
ff3a41e
BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line
by Christopher Faulet
· 7 years ago
424ecfb
MINOR: ssl: Don't disable early data handling if we could not write.
by Olivier Houchard
· 7 years ago
777e4b9
BUG/MINOR: ssl: Always start the handshake if we can't send early data.
by Olivier Houchard
· 7 years ago
e9bed53
MINOR: ssl: Make sure we don't shutw the connection before the handshake.
by Olivier Houchard
· 7 years ago
e6060c5
MINOR: SSL: Store the ASN1 representation of client sessions.
by Olivier Houchard
· 7 years ago
9dcf9b6
MINOR: threads: Use __decl_hathreads to declare locks
by Christopher Faulet
· 7 years ago
522eea7
MINOR: ssl: Handle sending early data to server.
by Olivier Houchard
· 7 years ago
cfdef2e
MINOR: ssl: Spell 0x10101000L correctly.
by Olivier Houchard
· 7 years ago
bd84ac8
MINOR: ssl: Handle session resumption with TLS 1.3
by Olivier Houchard
· 7 years ago
35a63cc
BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf because a SNI is matched.
by Olivier Houchard
· 7 years ago
2a944ee
BUILD: threads: Rename SPIN/RWLOCK macros using HA_ prefix
by Christopher Faulet
· 7 years ago
79a481d
MINOR: ssl: Remove the global allow-0rtt option.
by Olivier Houchard
· 7 years ago
821bb9b
MAJOR: threads/ssl: Make SSL part thread-safe
by Emeric Brun
· 7 years ago
8d8aa0d
MEDIUM: threads/listeners: Make listeners thread-safe
by Christopher Faulet
· 7 years ago
36716a7
MEDIUM: threads/fd: Initialize the process mask during the call to fd_insert
by Christopher Faulet
· 7 years ago
b349e48
MEDIUM: threads/pool: Make pool thread-safe by locking all access to a pool
by Christopher Faulet
· 7 years ago
a3c77cf
MINOR: shctx: rename lock functions
by William Lallemand
· 7 years ago
4f45bb9
MEDIUM: shctx: separate ssl and shctx
by William Lallemand
· 7 years ago
ed0b5ad
REORG: shctx: move ssl functions to ssl_sock.c
by William Lallemand
· 7 years ago
3f85c9a
MEDIUM: shctx: allow the use of multiple shctx
by William Lallemand
· 7 years ago
01da571
MINOR: merge ssl_sock_get calls for log and ppv2
by Emmanuel Hocdet
· 7 years ago
9679ac9
MINOR: ssl: Don't abuse ssl_options.
by Olivier Houchard
· 7 years ago
ccaa7de
MINOR: ssl/proto_http: Add keywords to take care of early data.
by Olivier Houchard
· 7 years ago
c2aae74
MEDIUM: ssl: Handle early data with OpenSSL 1.1.1
by Olivier Houchard
· 7 years ago
253c62b
MINOR: ssl: generated certificate is missing in switchctx early callback
by Emmanuel Hocdet
· 7 years ago
84e417d
MINOR: ssl: support Openssl 1.1.1 early callback for switchctx
by Emmanuel Hocdet
· 7 years ago
48e8755
MEDIUM: ssl: convert CBS (BoringSSL api) usage to neutral code
by Emmanuel Hocdet
· 7 years ago
31d4dbe
MINOR: ssl_sock: make use of CO_FL_WILL_UPDATE
by Willy Tarreau
· 7 years ago
8de70bc
MINOR: ssl: don't abort after sending 16kB
by Willy Tarreau
· 7 years ago
8c6a364
CLEANUP: cli: remove undocumented "set ssl tls-keys" command
by Lukas Tribus
· 7 years ago
f4bbc43
BUG/MINOR: cli: restore "set ssl tls-key" command
by Lukas Tribus
· 7 years ago
ef60705
BUG/MINOR: ssl: OCSP_single_get0_status can return -1
by Emmanuel Hocdet
· 7 years ago
019f9b1
MINOR: ssl: build with recent BoringSSL library
by Emmanuel Hocdet
· 7 years ago
e966e4e
BUILD: ssl: support OPENSSL_NO_ASYNC #define
by Emmanuel Hocdet
· 7 years ago
872085c
BUG/MINOR: ssl: ocsp response with 'revoked' status is correct
by Emmanuel Hocdet
· 7 years ago
06d80a9
REORG: channel: finally rename the last bi_* / bo_* functions
by Willy Tarreau
· 7 years ago
9130a96
MINOR: checks: Add a new keyword to specify a SNI when doing SSL checks.
by Olivier Houchard
· 7 years ago
953917a
BUG/MEDIUM: ssl: fix OCSP expiry calculation
by Frederik Deweerdt
· 7 years ago
f8bb0ce
MINOR: ssl: Remove useless checks on bind_conf or bind_conf->is_ssl
by Christopher Faulet
· 7 years ago
Next »