Gitiles
Code Review
Sign In
git01.mediatek.com
/
haproxy
/
b8038996e914ce4070ba502f79ea89d2ebf8465d
/
src
/
ssl_ckch.c
7faac7c
MINOR: tree-wide: Simplifiy some tests on SHUT flags by accessing SCs directly
by Christopher Faulet
· Tue Apr 04 10:05:27 2023 +0200
87633c3
MEDIUM: tree-wide: Move flags about shut from the channel to the SC
by Christopher Faulet
· Mon Apr 03 18:32:50 2023 +0200
11fddb9
MINOR: ssl-ckch: Stop to test CF_WRITE_ERROR to commit CA/CRL file
by Christopher Faulet
· Thu Jan 26 08:03:39 2023 +0100
da89e9b
MINOR: channel/applets: Stop to test CF_WRITE_ERROR flag if CF_SHUTW is enough
by Christopher Faulet
· Wed Jan 04 14:11:10 2023 +0100
cc34667
MEDIUM: ssl: Add ocsp_certid in ckch structure and discard ocsp buffer early
by Remi Tricot-Le Breton
· Tue Dec 20 11:11:08 2022 +0100
52ddd99
MEDIUM: ssl: rename the struct "cert_key_and_chain" to "ckch_data"
by William Lallemand
· Tue Nov 22 11:51:53 2022 +0100
0a2d632
BUG/MINOR: ssl: shut the ca-file errors emitted during httpclient init
by William Lallemand
· Thu Nov 24 19:14:19 2022 +0100
3992f55
MINOR: ssl: forgotten newline in error messages on ca-file
by William Lallemand
· Thu Nov 24 18:45:28 2022 +0100
3cbf09e
MEDIUM: ssl: add minimal WolfSSL support with OpenSSL compatibility mode
by Uriah Pollock
· Wed Nov 23 16:41:25 2022 +0100
78c7a06
MINOR: ssl: reintroduce ERR_GET_LIB(ret) == ERR_LIB_PEM in ssl_sock_load_pem_into_ckch()
by William Lallemand
· Tue Nov 15 17:12:03 2022 +0100
6fcc86b
BUILD: ssl: use __fallthrough in cli_io_handler_commit_{cert,cafile_crlfile}()
by Willy Tarreau
· Mon Nov 14 07:05:31 2022 +0100
1ef1b85
CLEANUP: ssl: remove dead code in ssl_sock_load_pem_into_ckch()
by William Lallemand
· Sun Oct 30 19:00:06 2022 +0100
432cd1a
MEDIUM: ssl: be stricter about chain error
by William Lallemand
· Tue Oct 25 15:55:13 2022 +0200
a538452
MINOR: ssl: add the SSL error string before the chain
by William Lallemand
· Tue Oct 25 15:53:01 2022 +0200
f784b90
MINOR: ssl: add the SSL error string when failing to load a certificate
by William Lallemand
· Tue Oct 25 12:31:39 2022 +0200
e0fa91f
BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() v2
by William Lallemand
· Wed Aug 31 14:26:49 2022 +0200
0bfa3e7
BUG/MINOR: ssl: revert two wrong fixes with ckhi_link
by William Lallemand
· Tue Aug 30 17:32:38 2022 +0200
ddd480c
BUG/MEDIUM: ssl: Fix a UAF when old ckch instances are released
by Christopher Faulet
· Tue Aug 30 16:27:49 2022 +0200
056ad01
BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free()
by William Lallemand
· Mon Aug 29 18:53:34 2022 +0200
946580e
BUG/MINOR: ssl: fix deinit of the ca-file tree
by William Lallemand
· Mon Aug 29 18:36:18 2022 +0200
62c0b99
MINOR: ssl/cli: implement "add ssl ca-file"
by William Lallemand
· Fri Jul 29 17:50:58 2022 +0200
d4774d3
MINOR: ssl: handle ca-file appending in cafile_entry
by William Lallemand
· Fri Jul 29 17:08:02 2022 +0200
ec7eb59
BUG/MINOR: ssl/cli: error when the ca-file is empty
by William Lallemand
· Thu Aug 18 15:53:02 2022 +0200
0f17ab2
MINOR: ssl: enhance ca-file error emitting
by William Lallemand
· Tue Jul 19 18:03:16 2022 +0200
4348232
BUG/MINOR: ssl: allow duplicate certificates in ca-file directories
by William Lallemand
· Mon Jul 18 18:42:52 2022 +0200
1bad7db
BUG/MINOR: ssl: Do not look for key in extra files if already in pem
by Remi Tricot-Le Breton
· Tue Jun 07 16:29:44 2022 +0200
d543ae0
BUILD: ssl_ckch: fix "maybe-uninitialized" build error on gcc-9.4 + ARM
by Willy Tarreau
· Wed Jun 22 05:40:25 2022 +0200
1f90f33
BUG/MINOR: ssl_ckch: Fix another possible uninitialized value
by Christopher Faulet
· Fri Jun 03 16:34:30 2022 +0200
ea2c8c6
BUILD: ssl_ckch: Fix build error about a possible uninitialized value
by Christopher Faulet
· Fri Jun 03 16:37:31 2022 +0200
88041b3
BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_crlfile I/O handler
by Christopher Faulet
· Fri Jun 03 16:26:56 2022 +0200
677cb4f
BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cafile I/O handler
by Christopher Faulet
· Fri Jun 03 16:25:35 2022 +0200
d1d2e4d
BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cert I/O handler
by Christopher Faulet
· Fri Jun 03 16:24:02 2022 +0200
d6c66f0
MINOR: ssl_ckch: Remove service context for "set ssl crl-file" command
by Christopher Faulet
· Fri Jun 03 11:59:10 2022 +0200
132c595
MINOR: ssl_ckch: Remove service context for "set ssl ca-file" command
by Christopher Faulet
· Fri Jun 03 11:56:26 2022 +0200
24a20b9
MINOR: ssl_ckch: Remove service context for "set ssl cert" command
by Christopher Faulet
· Fri Jun 03 11:50:40 2022 +0200
6af2fc6
MINOR: ssl_ckch: Simplify structure used to commit changes on CA/CRL entries
by Christopher Faulet
· Fri Jun 03 11:42:38 2022 +0200
dd0c483
CLEANUP: ssl_ckch: Remove unused field in commit_cacrlfile_ctx structure
by Christopher Faulet
· Fri Jun 03 11:35:37 2022 +0200
f814c4a
BUG/MINOR: ssl_ckch: Init right field when parsing "commit ssl crl-file" cmd
by Christopher Faulet
· Fri Jun 03 11:32:05 2022 +0200
3e94f5d
BUG/MINOR: ssl_ckch: Dump cert transaction only once if show command yield
by Christopher Faulet
· Fri Jun 03 10:46:40 2022 +0200
5a2154b
BUG/MINOR: ssl_ckch: Dump CA transaction only once if show command yield
by Christopher Faulet
· Fri Jun 03 10:42:48 2022 +0200
9a99e54
BUG/MINOR: ssl_ckch: Dump CRL transaction only once if show command yield
by Christopher Faulet
· Fri Jun 03 10:32:18 2022 +0200
51095ee
BUG/MINOR: ssl_ckch: Use right type for old entry in show_crlfile_ctx
by Christopher Faulet
· Fri Jun 03 10:21:27 2022 +0200
ddc8e1c
MINOR: ssl_ckch: Simplify I/O handler to commit changes on CA/CRL entry
by Christopher Faulet
· Fri Jun 03 09:00:09 2022 +0200
14df913
CLEANUP: ssl_ckch: Use corresponding enum for commit_cacrlfile_ctx.cafile_type
by Christopher Faulet
· Fri Jun 03 09:17:09 2022 +0200
e9c3bd1
BUG/MEDIUM: ssl_ckch: Rework 'commit ssl ca-file' to handle full buffer cases
by Christopher Faulet
· Tue May 31 17:51:06 2022 +0200
9d56e24
BUG/MEDIUM: ssl_ckch: Rework 'commit ssl cert' to handle full buffer cases
by Christopher Faulet
· Tue May 31 16:37:01 2022 +0200
1e00c7e
BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a CA/CRL entry
by Christopher Faulet
· Tue May 31 18:10:19 2022 +0200
e2ef4dd
BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a cert entry
by Christopher Faulet
· Tue May 31 18:07:59 2022 +0200
1f08fa4
BUG/MEDIUM: ssl_ckch: Don't delete CA/CRL entry if it is being modified
by Christopher Faulet
· Tue May 31 18:06:30 2022 +0200
926fefc
BUG/MEDIUM: ssl_ckch: Don't delete a cert entry if it is being modified
by Christopher Faulet
· Tue May 31 18:04:25 2022 +0200
4329dcc
BUG/MINOR: ssl_ckch: Free error msg if commit changes on a CA/CRL entry fails
by Christopher Faulet
· Tue May 31 18:03:26 2022 +0200
01a09e2
BUG/MINOR: ssl_ckch: Free error msg if commit changes on a cert entry fails
by Christopher Faulet
· Tue May 31 18:02:30 2022 +0200
c12b321
CLEANUP: applet: rename appctx_cs() to appctx_sc()
by Willy Tarreau
· Fri May 27 11:08:15 2022 +0200
475e463
CLEANUP: cli: rename all occurrences of stconn "cs" to "sc"
by Willy Tarreau
· Fri May 27 10:26:46 2022 +0200
cb086c6
REORG: stconn: rename conn_stream.{c,h} to stconn.{c,h}
by Willy Tarreau
· Fri May 27 09:47:12 2022 +0200
5edca2f
REORG: rename cs_utils.h to sc_strm.h
by Willy Tarreau
· Fri May 27 09:25:10 2022 +0200
4164eb9
MINOR: stconn: start to rename cs_rx_endp_{more,done}() to se_have_{no_,}more_data()
by Willy Tarreau
· Wed May 25 15:42:03 2022 +0200
40a9c32
CLEANUP: stconn: rename cs_{i,o}{b,c} to sc_{i,o}{b,c}
by Willy Tarreau
· Wed May 18 15:55:18 2022 +0200
d0a06d5
CLEANUP: applet: use applet_put*() everywhere possible
by Willy Tarreau
· Wed May 18 15:07:19 2022 +0200
4596fe2
CLEANUP: conn_stream: tree-wide rename to stconn (stream connector)
by Willy Tarreau
· Tue May 17 19:07:51 2022 +0200
9bf3a1f
BUG/MINOR: ssl: Fix crash when no private key is found in pem
by Remi Tricot-Le Breton
· Mon May 09 11:07:13 2022 +0200
0698c80
CLEANUP: applet: remove the unneeded appctx->owner
by Willy Tarreau
· Wed May 11 14:09:57 2022 +0200
444d702
BUG/MINOR: ssl: Fix typos in crl-file related CLI commands
by Remi Tricot-Le Breton
· Thu May 05 17:18:40 2022 +0200
e4b93eb
MINOR: ssl: ignore dotfiles when loading a dir w/ ca-file
by William Lallemand
· Mon May 09 09:29:00 2022 +0200
1d6dd80
CLEANUP: ssl/cli: stop using appctx->st2 for "commit ssl ca/crl"
by Willy Tarreau
· Thu May 05 08:17:29 2022 +0200
dec23dc
CLEANUP: ssl/cli: use a local context for "commit ssl {ca|crl}file"
by Willy Tarreau
· Wed May 04 20:25:05 2022 +0200
a06b9a5
CLEANUP: ssl/cli: use a local context for "set ssl crlfile"
by Willy Tarreau
· Wed May 04 20:33:03 2022 +0200
a37693f
CLEANUP: ssl/cli: use a local context for "set ssl cafile"
by Willy Tarreau
· Wed May 04 20:12:55 2022 +0200
329f4b4
CLEANUP: ssl/cli: use a local context for "set ssl cert"
by Willy Tarreau
· Wed May 04 20:05:55 2022 +0200
cb1b4ed
CLEANUP: ssl/cli: stop using appctx->st2 for "commit ssl cert"
by Willy Tarreau
· Thu May 05 08:15:27 2022 +0200
a645b6a
CLEANUP: ssl/cli: use a local context for "commit ssl cert"
by Willy Tarreau
· Wed May 04 19:58:00 2022 +0200
96c9a6c
CLEANUP: ssl/cli: use a local context for "show ssl cert"
by Willy Tarreau
· Wed May 04 19:51:37 2022 +0200
f3e8b3e
CLEANUP: ssl/cli: use a local context for "show crlfile"
by Willy Tarreau
· Wed May 04 19:38:57 2022 +0200
50c2f1e
CLEANUP: ssl/cli: use a local context for "show cafile"
by Willy Tarreau
· Wed May 04 19:26:59 2022 +0200
4fd9b4d
BUG/MINOR: ssl/cli: fix "show ssl cert" not to mix cli+ssl contexts
by Willy Tarreau
· Wed May 04 16:11:50 2022 +0200
4cf3ef8
BUG/MINOR: ssl/cli: fix "show ssl crl-file" not to mix cli+ssl contexts
by Willy Tarreau
· Wed May 04 16:01:24 2022 +0200
0630579
BUG/MINOR: ssl/cli: fix "show ssl ca-file <name>" not to mix cli+ssl contexts
by Willy Tarreau
· Wed May 04 15:57:30 2022 +0200
821c3b0
BUG/MINOR: ssl/cli: fix "show ssl ca-file/crl-file" not to mix cli+ssl contexts
by Willy Tarreau
· Wed May 04 15:47:39 2022 +0200
03a32e5
BUG/MEDIUM: ssl/cli: fix yielding in show_cafile_detail
by William Lallemand
· Tue Apr 26 18:17:15 2022 +0200
4cfbf3c
BUG/MINOR: ssl: memory leak when trying to load a directory with ca-file
by William Lallemand
· Tue Apr 26 15:57:33 2022 +0200
b0c4827
BUG/MINOR: ssl: free the cafile entries on deinit
by William Lallemand
· Tue Apr 26 15:44:53 2022 +0200
6b0a0fb
CLEANUP: tree-wide: Remove any ref to stream-interfaces
by Christopher Faulet
· Mon Apr 04 11:29:28 2022 +0200
a0bdec3
MEDIUM: stream-int/conn-stream: Move blocking flags from SI to CS
by Christopher Faulet
· Mon Apr 04 07:51:21 2022 +0200
908628c
MEDIUM: tree-wide: Use CS util functions instead of SI ones
by Christopher Faulet
· Fri Mar 25 16:43:49 2022 +0100
e8041fe
BUG/MINOR: ssl/cli: Remove empty lines from CLI output
by Remi Tricot-Le Breton
· Tue Apr 05 16:44:21 2022 +0200
80296b4
BUG/MINOR: ssl: handle X509_get_default_cert_dir() returning NULL
by William Lallemand
· Tue Apr 05 10:19:30 2022 +0200
c6b1763
MINOR: ssl: ca-file @system-ca loads the system trusted CA
by William Lallemand
· Fri Apr 01 23:39:37 2022 +0200
4f6ca32
BUG/MINOR: ssl: continue upon error when opening a directory w/ ca-file
by William Lallemand
· Fri Apr 01 23:36:05 2022 +0200
87fd994
MEDIUM: ssl: allow loading of a directory with the ca-file directive
by William Lallemand
· Fri Apr 01 20:12:03 2022 +0200
30fcca1
MINOR: ssl/lua: CertCache.set() allows to update an SSL certificate file
by William Lallemand
· Wed Mar 30 12:03:12 2022 +0200
26654e7
MINOR: ssl: add "crt" in the cert_exts array
by William Lallemand
· Wed Mar 30 12:01:32 2022 +0200
e60c7d6
MINOR: ssl: export ckch_inst_rebuild()
by William Lallemand
· Wed Mar 30 11:26:15 2022 +0200
ff8bf98
MINOR: ssl: simplify the certificate extensions array
by William Lallemand
· Tue Mar 29 10:44:23 2022 +0200
aaacc7e
MINOR: ssl: move the cert_exts and the CERT_TYPE enum
by William Lallemand
· Thu Mar 24 17:48:40 2022 +0100
3b5a3a6
MINOR: ssl: split the cert commit io handler
by William Lallemand
· Tue Mar 29 14:29:31 2022 +0200
86e1c33
MEDIUM: applet: Set the conn-stream as appctx owner instead of the stream-int
by Christopher Faulet
· Mon Dec 20 17:09:39 2021 +0100
a9a591a
BUG/MINOR: ssl: Add missing return value check in ssl_ocsp_response_print
by Remi Tricot-Le Breton
· Wed Feb 16 14:42:22 2022 +0100
c76c3c4
MEDIUM: ssl: Replace all DH objects by EVP_PKEY on OpenSSLv3 (via HASSL_DH type)
by Remi Tricot-Le Breton
· Fri Feb 11 12:04:55 2022 +0100
ce99033
BUG/MINOR: ssl: free correctly the sni in the backend SSL cache
by William Lallemand
· Tue Nov 23 15:15:09 2021 +0100
e18d4e8
BUG/MEDIUM: ssl: backend TLS resumption with sni and TLSv1.3
by William Lallemand
· Wed Nov 17 02:59:21 2021 +0100
Next »