Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / c985cb167db6283ac5edf87e144e96998b1ed7db / src / ssl_ckch.c
  1. 9bf3a1f BUG/MINOR: ssl: Fix crash when no private key is found in pem by Remi Tricot-Le Breton · Mon May 09 11:07:13 2022 +0200
  2. 0698c80 CLEANUP: applet: remove the unneeded appctx->owner by Willy Tarreau · Wed May 11 14:09:57 2022 +0200
  3. 444d702 BUG/MINOR: ssl: Fix typos in crl-file related CLI commands by Remi Tricot-Le Breton · Thu May 05 17:18:40 2022 +0200
  4. e4b93eb MINOR: ssl: ignore dotfiles when loading a dir w/ ca-file by William Lallemand · Mon May 09 09:29:00 2022 +0200
  5. 1d6dd80 CLEANUP: ssl/cli: stop using appctx->st2 for "commit ssl ca/crl" by Willy Tarreau · Thu May 05 08:17:29 2022 +0200
  6. dec23dc CLEANUP: ssl/cli: use a local context for "commit ssl {ca|crl}file" by Willy Tarreau · Wed May 04 20:25:05 2022 +0200
  7. a06b9a5 CLEANUP: ssl/cli: use a local context for "set ssl crlfile" by Willy Tarreau · Wed May 04 20:33:03 2022 +0200
  8. a37693f CLEANUP: ssl/cli: use a local context for "set ssl cafile" by Willy Tarreau · Wed May 04 20:12:55 2022 +0200
  9. 329f4b4 CLEANUP: ssl/cli: use a local context for "set ssl cert" by Willy Tarreau · Wed May 04 20:05:55 2022 +0200
  10. cb1b4ed CLEANUP: ssl/cli: stop using appctx->st2 for "commit ssl cert" by Willy Tarreau · Thu May 05 08:15:27 2022 +0200
  11. a645b6a CLEANUP: ssl/cli: use a local context for "commit ssl cert" by Willy Tarreau · Wed May 04 19:58:00 2022 +0200
  12. 96c9a6c CLEANUP: ssl/cli: use a local context for "show ssl cert" by Willy Tarreau · Wed May 04 19:51:37 2022 +0200
  13. f3e8b3e CLEANUP: ssl/cli: use a local context for "show crlfile" by Willy Tarreau · Wed May 04 19:38:57 2022 +0200
  14. 50c2f1e CLEANUP: ssl/cli: use a local context for "show cafile" by Willy Tarreau · Wed May 04 19:26:59 2022 +0200
  15. 4fd9b4d BUG/MINOR: ssl/cli: fix "show ssl cert" not to mix cli+ssl contexts by Willy Tarreau · Wed May 04 16:11:50 2022 +0200
  16. 4cf3ef8 BUG/MINOR: ssl/cli: fix "show ssl crl-file" not to mix cli+ssl contexts by Willy Tarreau · Wed May 04 16:01:24 2022 +0200
  17. 0630579 BUG/MINOR: ssl/cli: fix "show ssl ca-file <name>" not to mix cli+ssl contexts by Willy Tarreau · Wed May 04 15:57:30 2022 +0200
  18. 821c3b0 BUG/MINOR: ssl/cli: fix "show ssl ca-file/crl-file" not to mix cli+ssl contexts by Willy Tarreau · Wed May 04 15:47:39 2022 +0200
  19. 03a32e5 BUG/MEDIUM: ssl/cli: fix yielding in show_cafile_detail by William Lallemand · Tue Apr 26 18:17:15 2022 +0200
  20. 4cfbf3c BUG/MINOR: ssl: memory leak when trying to load a directory with ca-file by William Lallemand · Tue Apr 26 15:57:33 2022 +0200
  21. b0c4827 BUG/MINOR: ssl: free the cafile entries on deinit by William Lallemand · Tue Apr 26 15:44:53 2022 +0200
  22. 6b0a0fb CLEANUP: tree-wide: Remove any ref to stream-interfaces by Christopher Faulet · Mon Apr 04 11:29:28 2022 +0200
  23. a0bdec3 MEDIUM: stream-int/conn-stream: Move blocking flags from SI to CS by Christopher Faulet · Mon Apr 04 07:51:21 2022 +0200
  24. 908628c MEDIUM: tree-wide: Use CS util functions instead of SI ones by Christopher Faulet · Fri Mar 25 16:43:49 2022 +0100
  25. e8041fe BUG/MINOR: ssl/cli: Remove empty lines from CLI output by Remi Tricot-Le Breton · Tue Apr 05 16:44:21 2022 +0200
  26. 80296b4 BUG/MINOR: ssl: handle X509_get_default_cert_dir() returning NULL by William Lallemand · Tue Apr 05 10:19:30 2022 +0200
  27. c6b1763 MINOR: ssl: ca-file @system-ca loads the system trusted CA by William Lallemand · Fri Apr 01 23:39:37 2022 +0200
  28. 4f6ca32 BUG/MINOR: ssl: continue upon error when opening a directory w/ ca-file by William Lallemand · Fri Apr 01 23:36:05 2022 +0200
  29. 87fd994 MEDIUM: ssl: allow loading of a directory with the ca-file directive by William Lallemand · Fri Apr 01 20:12:03 2022 +0200
  30. 30fcca1 MINOR: ssl/lua: CertCache.set() allows to update an SSL certificate file by William Lallemand · Wed Mar 30 12:03:12 2022 +0200
  31. 26654e7 MINOR: ssl: add "crt" in the cert_exts array by William Lallemand · Wed Mar 30 12:01:32 2022 +0200
  32. e60c7d6 MINOR: ssl: export ckch_inst_rebuild() by William Lallemand · Wed Mar 30 11:26:15 2022 +0200
  33. ff8bf98 MINOR: ssl: simplify the certificate extensions array by William Lallemand · Tue Mar 29 10:44:23 2022 +0200
  34. aaacc7e MINOR: ssl: move the cert_exts and the CERT_TYPE enum by William Lallemand · Thu Mar 24 17:48:40 2022 +0100
  35. 3b5a3a6 MINOR: ssl: split the cert commit io handler by William Lallemand · Tue Mar 29 14:29:31 2022 +0200
  36. 86e1c33 MEDIUM: applet: Set the conn-stream as appctx owner instead of the stream-int by Christopher Faulet · Mon Dec 20 17:09:39 2021 +0100
  37. a9a591a BUG/MINOR: ssl: Add missing return value check in ssl_ocsp_response_print by Remi Tricot-Le Breton · Wed Feb 16 14:42:22 2022 +0100
  38. c76c3c4 MEDIUM: ssl: Replace all DH objects by EVP_PKEY on OpenSSLv3 (via HASSL_DH type) by Remi Tricot-Le Breton · Fri Feb 11 12:04:55 2022 +0100
  39. ce99033 BUG/MINOR: ssl: free correctly the sni in the backend SSL cache by William Lallemand · Tue Nov 23 15:15:09 2021 +0100
  40. e18d4e8 BUG/MEDIUM: ssl: backend TLS resumption with sni and TLSv1.3 by William Lallemand · Wed Nov 17 02:59:21 2021 +0100
  41. 025b93e CLEANUP: Apply ha_free.cocci by Tim Duesterhus · Thu Nov 04 21:03:52 2021 +0100
  42. 74f2456 BUILD: ssl_ckch: include ebpttree.h in ssl_ckch.c by Willy Tarreau · Wed Oct 06 17:54:12 2021 +0200
  43. b11ad9e MINOR: ssl: fix typo in usage for 'new ssl ca-file' by Amaury Denoyelle · Fri May 21 11:01:10 2021 +0200
  44. 3faf0cb BUILD: ssl: Fix compilation with BoringSSL by Remi Tricot-Le Breton · Thu Jun 10 18:10:32 2021 +0200
  45. 6056e61 MINOR: ssl: Add the "show ssl cert foo.pem.ocsp" CLI command by Remi Tricot-Le Breton · Thu Jun 10 13:51:15 2021 +0200
  46. da968f6 MINOR: ssl: Add the OCSP entry key when displaying the details of a certificate by Remi Tricot-Le Breton · Thu Jun 10 13:51:14 2021 +0200
  47. a6b2784 CLEANUP: ssl: Fix coverity issues found in CA file hot update code by Remi Tricot-Le Breton · Tue May 18 10:06:00 2021 +0200
  48. 18c7d83 BUILD/MINOR: ssl: Fix compilation with OpenSSL 1.0.2 by Remi Tricot-Le Breton · Mon May 17 18:38:34 2021 +0200
  49. d75b99e BUILD/MINOR: ssl: Fix compilation with SSL enabled by Remi Tricot-Le Breton · Mon May 17 11:45:55 2021 +0200
  50. 51e28b6 MEDIUM: ssl: Add "show ssl crl-file" CLI command by Remi Tricot-Le Breton · Tue Apr 20 17:58:01 2021 +0200
  51. eef8e7b MINOR: ssl: Add "abort ssl crl-file" CLI command by Remi Tricot-Le Breton · Tue Apr 20 17:42:02 2021 +0200
  52. 720e3b9 MEDIUM: ssl: Add "new+del crl-file" CLI commands by Remi Tricot-Le Breton · Mon Apr 26 11:00:42 2021 +0200
  53. a51b339 MEDIUM: ssl: Add "set+commit ssl crl-file" CLI commands by Remi Tricot-Le Breton · Tue Apr 20 17:38:14 2021 +0200
  54. f81c70c MINOR: ssl: Chain instances in ca-file entries by Remi Tricot-Le Breton · Tue Apr 20 16:54:21 2021 +0200
  55. c3a8477 MINOR: ssl: Add "del ssl ca-file" CLI command by Remi Tricot-Le Breton · Thu Mar 25 18:13:57 2021 +0100
  56. 9f40fe0 MEDIUM: ssl: Add "new ssl ca-file" CLI command by Remi Tricot-Le Breton · Tue Mar 16 16:21:27 2021 +0100
  57. 2a22e16 MEDIUM: ssl: Add "show ssl ca-file" CLI command by Remi Tricot-Le Breton · Tue Mar 16 11:19:33 2021 +0100
  58. 523f0e4 MINOR: ssl: Refactorize the "show certificate details" code by Remi Tricot-Le Breton · Tue Mar 16 10:11:44 2021 +0100
  59. 0bb4824 MINOR: ssl: Add a cafile_entry type field by Remi Tricot-Le Breton · Fri Apr 16 17:59:23 2021 +0200
  60. d5fd09d MINOR: ssl: Add "abort ssl ca-file" CLI command by Remi Tricot-Le Breton · Thu Mar 11 10:22:52 2021 +0100
  61. a32a68b MEDIUM: ssl: Add "set+commit ssl ca-file" CLI commands by Remi Tricot-Le Breton · Wed Feb 24 17:35:43 2021 +0100
  62. bfadc02 MINOR: ssl: Ckch instance rebuild and cleanup factorization in CLI handler by Remi Tricot-Le Breton · Wed Feb 24 12:20:48 2021 +0100
  63. 38c999b MINOR: ssl: Add helper function to add cafile entries by Remi Tricot-Le Breton · Tue Feb 23 16:28:43 2021 +0100
  64. 383fb14 MEDIUM: ssl: Add a way to load a ca-file content from memory by Remi Tricot-Le Breton · Mon Feb 22 18:26:14 2021 +0100
  65. 5daff3c MINOR: ssl: Add helper functions to create/delete cafile entries by Remi Tricot-Le Breton · Mon Feb 22 15:54:55 2021 +0100
  66. 4458b97 MEDIUM: ssl: Chain ckch instances in ca-file entries by Remi Tricot-Le Breton · Fri Feb 19 17:41:55 2021 +0100
  67. 9f0c936 MINOR: ssl: Allow duplicated entries in the cafile_tree by Remi Tricot-Le Breton · Fri Feb 19 15:06:28 2021 +0100
  68. af8820a CLEANUP: ssl: Move ssl_store related code to ssl_ckch.c by Remi Tricot-Le Breton · Tue Apr 13 10:10:37 2021 +0200
  69. b205bfd CLEANUP: cli/tree-wide: properly re-align the CLI commands' help messages by Willy Tarreau · Fri May 07 11:38:37 2021 +0200
  70. 5ba80d6 BUG/MINOR: ssl/cli: fix a lock leak when no memory available by William Lallemand · Tue May 04 16:17:27 2021 +0200
  71. 43899ec BUG/MINOR: ssl: ssl_sock_prepare_ssl_ctx does not return an error code by Remi Tricot-Le Breton · Wed Apr 21 15:32:46 2021 +0200
  72. 2b71810 CLEANUP: lists/tree-wide: rename some list operations to avoid some confusion by Willy Tarreau · Wed Apr 21 07:32:39 2021 +0200
  73. 61cfdf4 CLEANUP: tree-wide: replace free(x);x=NULL with ha_free(&x) by Willy Tarreau · Sat Feb 20 10:46:51 2021 +0100
  74. 6ac61e3 BUG/MINOR: ssl: potential null pointer dereference in ckchs_dup() by Eric Salama · Tue Feb 23 16:50:57 2021 +0100
  75. 6c09614 BUG/MINOR: ssl/cli: potential null pointer dereference in "set ssl cert" by William Lallemand · Tue Feb 23 14:45:45 2021 +0100
  76. c47d676 BUILD: ssl: introduce fine guard for OpenSSL specific SCTL functions by Ilya Shipitsin · Sat Feb 13 11:45:33 2021 +0500
  77. 3ce6eed MEDIUM: ssl: add a rwlock for SSL server session cache by William Lallemand · Mon Feb 08 10:43:44 2021 +0100
  78. acf8459 CLEANUP: assorted typo fixes in the code and comments by Ilya Shipitsin · Sat Feb 06 22:29:08 2021 +0500
  79. e0de0a6 MINOR: ssl/cli: flush the server session cache upon 'commit ssl cert' by William Lallemand · Wed Feb 03 18:51:01 2021 +0100
  80. 8695ce0 BUG/MEDIUM: ssl/cli: abort ssl cert is freeing the old store by William Lallemand · Mon Feb 01 15:31:00 2021 +0100
  81. 8d67394 BUG/MINOR: ssl: init tmp chunk correctly in ssl_sock_load_sctl_from_file() by William Lallemand · Wed Jan 27 14:58:51 2021 +0100
  82. 795bd9b CLEANUP: ssl: remove SSL_CTX function parameter by William Lallemand · Tue Jan 26 11:27:42 2021 +0100
  83. 1dedb0a CLEANUP: ssl/cli: rework free in cli_io_handler_commit_cert() by William Lallemand · Tue Jan 26 10:18:57 2021 +0100
  84. f3eedfe MEDIUM: ssl: Enable backend certificate hot update by Remi Tricot-Le Breton · Mon Jan 25 17:19:44 2021 +0100
  85. d817dc7 MEDIUM: ssl: Load client certificates in a ckch for backend servers by Remi Tricot-Le Breton · Mon Jan 25 17:19:43 2021 +0100
  86. e5ff141 CLEANUP: Compare the return value of `XXXcmp()` functions with zero by Tim Duesterhus · Sat Jan 02 22:31:53 2021 +0100
  87. a55685b BUG/MEDIUM: ssl/crt-list: bad behavior with "commit ssl cert" by William Lallemand · Tue Dec 15 14:57:46 2020 +0100
  88. 089c138 MEDIUM: ssl: ssl-load-extra-del-ext work only with .crt by William Lallemand · Fri Oct 23 17:35:12 2020 +0200
  89. 8e8581e MINOR: ssl: 'ssl-load-extra-del-ext' removes the certificate extension by William Lallemand · Tue Oct 20 17:36:46 2020 +0200
  90. 5685ccf CLEANUP: ssl/cli: remove test on 'multi' variable in CLI functions by William Lallemand · Wed Sep 16 16:12:25 2020 +0200
  91. bd8e6ed CLEANUP: ssl: remove test on "multi" variable in ckch functions by William Lallemand · Wed Sep 16 16:08:08 2020 +0200
  92. 95fefa1 MEDIUM: ssl/cli: remove support for multi certificates bundle by William Lallemand · Wed Sep 09 12:01:33 2020 +0200
  93. 46a030c CLEANUP: assorted typo fixes in the code and comments by Ilya Shipitsin · Sun Jul 05 16:36:08 2020 +0500
  94. a941952 BUG/MEDIUM: ssl/cli: 'commit ssl cert' crashes when no private key by William Lallemand · Wed Jun 24 16:26:41 2020 +0200
  95. ee8530c MINOR: ssl: free the crtlist and the ckch during the deinit() by William Lallemand · Tue Jun 23 18:19:42 2020 +0200
  96. b255105 CLEANUP: include: tree-wide alphabetical sort of include files by Willy Tarreau · Tue Jun 09 09:07:15 2020 +0200
  97. aeed4a8 REORG: include: move log.h to haproxy/log{,-t}.h by Willy Tarreau · Thu Jun 04 22:01:04 2020 +0200
  98. f1d32c4 REORG: include: move channel.h to haproxy/channel{,-t}.h by Willy Tarreau · Thu Jun 04 21:07:02 2020 +0200
  99. 5e539c9 REORG: include: move stream_interface.h to haproxy/stream_interface{,-t}.h by Willy Tarreau · Thu Jun 04 20:45:39 2020 +0200
  100. 209108d REORG: include: move ssl_sock.h to haproxy/ssl_sock{,-t}.h by Willy Tarreau · Thu Jun 04 20:30:20 2020 +0200