Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / d93e6ec4cc44b48bc5370c724d3661b52ba9976c / src / ssl_sock.c
  1. 77e3b4a CLEANUP: assorted typo fixes in the code and comments by Ilya Shipitsin · Tue Mar 10 12:06:11 2020 +0500
  2. 2d232c2 CLEANUP: ssl: separate the directory loading in a new function by William Lallemand · Fri Mar 06 22:12:35 2020 +0100
  3. 6763016 BUG/MINOR: ssl/cli: sni_ctx' mustn't always be used as filters by William Lallemand · Mon Mar 09 16:56:39 2020 +0100
  4. d04a2a6 BUG/MINOR: ssl-sock: do not return an uninitialized pointer in ckch_inst_sni_ctx_to_sni_filters by Willy Tarreau · Thu Mar 05 16:26:12 2020 +0100
  5. cfca142 MINOR: ssl: reach a ckch_store from a sni_ctx by William Lallemand · Thu Mar 05 10:17:47 2020 +0100
  6. 38df1c8 MINOR: ssl/cli: support crt-list filters by William Lallemand · Wed Dec 04 15:39:35 2019 +0100
  7. f4629a5 BUG/MINOR: connection/debug: do not enforce !event_type on subscribe() anymore by Willy Tarreau · Thu Mar 05 07:41:20 2020 +0100
  8. 842e94e MINOR: ssl: add "ca-verify-file" directive by Emmanuel Hocdet · Mon Dec 16 16:39:17 2019 +0100
  9. 8588857 BUG/MEDIUM: ssl: chain must be initialized with sk_X509_new_null() by William Lallemand · Thu Feb 27 14:48:35 2020 +0100
  10. cf8cf6c MINOR: ssl/cli: "show ssl cert" command should print the "Chain Filename:" by Emmanuel Hocdet · Tue Feb 18 16:06:14 2020 +0100
  11. 6f507c7 MINOR: ssl: resolve ocsp_issuer later by Emmanuel Hocdet · Tue Feb 18 15:56:39 2020 +0100
  12. b90d2cb MINOR: ssl: resolve issuers chain later by Emmanuel Hocdet · Tue Feb 18 15:27:32 2020 +0100
  13. 75a7aa1 MINOR: ssl: move find certificate chain code to its own function by Emmanuel Hocdet · Tue Feb 18 15:19:24 2020 +0100
  14. e0f3fd5 CLEANUP: ssl: move issuer_chain tree and definition by William Lallemand · Tue Feb 25 14:53:06 2020 +0100
  15. a90e593 MINOR: ssl/cli: reorder 'show ssl cert' output by William Lallemand · Tue Feb 25 14:07:58 2020 +0100
  16. bb7288a MINOR: ssl/cli: 'show ssl cert'displays the issuer in the chain by William Lallemand · Tue Feb 25 14:04:33 2020 +0100
  17. 35f4a9d MINOR: ssl/cli: 'show ssl cert' displays the chain by William Lallemand · Tue Feb 25 11:56:32 2020 +0100
  18. 105599c BUG/MEDIUM: ssl: fix several bad pointer aliases in a few sample fetch functions by Willy Tarreau · Tue Feb 25 08:59:23 2020 +0100
  19. ded15b7 BUILD: ssl: only pass unsigned chars to isspace() by Willy Tarreau · Tue Feb 25 07:51:59 2020 +0100
  20. 3f25ae3 BUG/MINOR: ssl: load .key in a directory only after PEM by William Lallemand · Mon Feb 24 16:30:12 2020 +0100
  21. 4c5adbf MINOR: ssl: load the key from a dedicated file by William Lallemand · Mon Feb 24 14:23:22 2020 +0100
  22. e8aa5f2 BUG/MINOR: ssl: Stop passing dynamic strings as format arguments by Tim Duesterhus · Wed Feb 19 11:41:13 2020 +0100
  23. 70df7bf MINOR: ssl: add "issuers-chain-path" directive. by Emmanuel Hocdet · Fri Jan 04 11:08:20 2019 +0100
  24. 696f317 BUG/MEDIUM: ssl/cli: 'commit ssl cert' wrong SSL_CTX init by William Lallemand · Fri Feb 07 20:45:24 2020 +0100
  25. 4dd145a BUG/MINOR: ssl: clear the SSL errors on DH loading failure by William Lallemand · Wed Feb 05 11:46:33 2020 +0100
  26. 731248f BUG/MINOR: ssl: we may only ignore the first 64 errors by Willy Tarreau · Tue Feb 04 14:02:02 2020 +0100
  27. 3af48e7 MINOR: ssl: ssl-load-extra-files configure loading of files by William Lallemand · Mon Feb 03 17:15:52 2020 +0100
  28. a25a19f BUG/MINOR: ssl/cli: fix unused variable with openssl < 1.0.2 by William Lallemand · Wed Jan 29 00:04:24 2020 +0100
  29. efe5e8e BUG/MEDIUM: ssl: Don't forget to free ctx->ssl on failure. by Olivier Houchard · Fri Jan 24 15:17:38 2020 +0100
  30. 6d53cd6 MINOR: ssl: Remove dead code. by Olivier Houchard · Fri Jan 24 15:13:57 2020 +0100
  31. 3139c1b BUG/MINOR: ssl: Possible memleak when allowing the 0RTT data buffer. by Frédéric Lécaille · Fri Jan 24 14:56:18 2020 +0100
  32. 911db9b MEDIUM: connection: use CO_FL_WAIT_XPRT more consistently than L4/L6/HANDSHAKE by Willy Tarreau · Thu Jan 23 16:27:54 2020 +0100
  33. 4450b58 MINOR: connection: remove CO_FL_SSL_WAIT_HS from CO_FL_HANDSHAKE by Willy Tarreau · Thu Jan 23 15:23:13 2020 +0100
  34. 220a26c BUG/MEDIUM: 0rtt: Only consider the SSL handshake. by Olivier Houchard · Thu Jan 23 14:57:36 2020 +0100
  35. c192b0a MEDIUM: connection: remove CO_FL_CONNECTED and only rely on CO_FL_WAIT_* by Willy Tarreau · Thu Jan 23 09:11:58 2020 +0100
  36. 078156d BUG/MINOR: ssl/cli: ocsp_issuer must be set w/ "set ssl cert" by Emmanuel Hocdet · Wed Jan 22 17:02:53 2020 +0100
  37. dad239d BUG/MINOR: ssl: typo in previous patch by William Lallemand · Thu Jan 23 11:59:02 2020 +0100
  38. 5c3c96f BUG/MINOR: ssl: memory leak w/ the ocsp_issuer by William Lallemand · Thu Jan 23 11:53:13 2020 +0100
  39. b829dda BUG/MINOR: ssl: increment issuer refcount if in chain by William Lallemand · Thu Jan 23 11:42:52 2020 +0100
  40. 75b15f7 BUG/MINOR: ssl/cli: free the previous ckch content once a PEM is loaded by William Lallemand · Thu Jan 23 10:56:05 2020 +0100
  41. 477902b MEDIUM: connections: Get ride of the xprt_done callback. by Olivier Houchard · Wed Jan 22 18:08:48 2020 +0100
  42. 6b5b44e BUG/MINOR: ssl: ssl_sock_load_pem_into_ckch is not consistent by Emmanuel Hocdet · Fri Dec 20 17:47:12 2019 +0100
  43. e9ff899 BUILD: ssl: more elegant anti-replay feature presence check by Ilya Shipitsin · Sun Jan 19 12:20:14 2020 +0500
  44. 224a087 BUG/MINOR: ssl: ssl_sock_load_sctl_from_file memory leak by Emmanuel Hocdet · Thu Jan 16 15:15:49 2020 +0100
  45. eb73dc3 BUG/MINOR: ssl: ssl_sock_load_issuer_file_into_ckch memory leak by Emmanuel Hocdet · Thu Jan 16 14:45:00 2020 +0100
  46. 0667fae BUG/MINOR: ssl: ssl_sock_load_ocsp_response_from_file memory leak by Emmanuel Hocdet · Thu Jan 16 14:41:36 2020 +0100
  47. ebf840b MINOR: ssl: accept 'verify' bind option with 'set ssl cert' by Emmanuel Hocdet · Mon Jan 20 17:18:00 2020 +0100
  48. 71f8297 MINOR: ssl: Add support for returning the dn samples from ssl_(c|f)_(i|s)_dn in LDAP v3 (RFC2253) format. by Elliot Otchet · Wed Jan 15 08:12:14 2020 -0500
  49. ee1a6fc MINOR: connection: make the last arg of subscribe() a struct wait_event* by Willy Tarreau · Fri Jan 17 07:52:13 2020 +0100
  50. 113d52b MEDIUM: ssl: merge recv_wait and send_wait in ssl_sock by Willy Tarreau · Fri Jan 10 09:20:26 2020 +0100
  51. 3381bf8 MEDIUM: connection: get rid of CO_FL_CURR_* flags by Willy Tarreau · Fri Jan 17 17:39:35 2020 +0100
  52. 9a8ef7f CLEANUP: ssl: remove opendir call in ssl_sock_load_cert by William Dauchy · Mon Jan 13 17:52:49 2020 +0100
  53. 7f4f7f1 MINOR: ssl: Remove unused variable "need_out". by Olivier Houchard · Sun Jan 05 16:45:14 2020 +0100
  54. a26d1e1 BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility by Lukas Tribus · Fri Dec 20 18:47:18 2019 +0100
  55. 54907bb BUG/MEDIUM: ssl: Revamp the way early data are handled. by Olivier Houchard · Thu Dec 19 15:02:39 2019 +0100
  56. ba22e90 BUG/MINOR: ssl/cli: fix build for openssl < 1.0.2 by William Lallemand · Wed Dec 18 20:36:01 2019 +0100
  57. d4f946c MINOR: ssl/cli: 'show ssl cert' give information on the certificates by William Lallemand · Thu Dec 05 10:26:40 2019 +0100
  58. 545989f BUG/MEDIUM: ssl: Don't set the max early data we can receive too early. by Olivier Houchard · Tue Dec 17 15:39:54 2019 +0100
  59. 3777e3a BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1 by Emmanuel Hocdet · Wed Nov 06 16:05:34 2019 +0100
  60. 920b035 BUG/MINOR: ssl/cli: don't overwrite the filters variable by William Lallemand · Wed Dec 04 15:33:01 2019 +0100
  61. 230662a BUG/MINOR: ssl/cli: 'ssl cert' cmd only usable w/ admin rights by William Lallemand · Tue Dec 03 13:32:54 2019 +0100
  62. 140b64f BUG/MINOR: ssl: fix SSL_CTX_set1_chain compatibility for openssl < 1.0.2 by Emmanuel Hocdet · Thu Oct 24 18:33:10 2019 +0200
  63. b270e81 MINOR: ssl: deduplicate crl-file by Emmanuel Hocdet · Thu Nov 21 19:09:31 2019 +0100
  64. 129d328 MINOR: ssl: compute ca-list from deduplicate ca-file by Emmanuel Hocdet · Thu Oct 24 18:08:51 2019 +0200
  65. d4f9a60 MINOR: ssl: deduplicate ca-file by Emmanuel Hocdet · Thu Oct 24 11:32:47 2019 +0200
  66. 9312853 CLEANUP: ssl: Clean up error handling by Tim Duesterhus · Sat Nov 23 23:45:10 2019 +0100
  67. c8bb153 CLEANUP: ssl: check if a transaction exists once before setting it by William Dauchy · Sun Nov 24 15:04:20 2019 +0100
  68. c0e820c BUG/MINOR: ssl: Stop passing dynamic strings as format arguments by Tim Duesterhus · Sat Nov 23 23:52:30 2019 +0100
  69. d14b49c BUG/MINOR: ssl: fix curve setup with LibreSSL by Lukas Tribus · Sun Nov 24 18:20:40 2019 +0100
  70. 5f1fa7d MINOR: ssl: fix possible null dereference in error handling by William Dauchy · Sat Nov 23 21:14:33 2019 +0100
  71. ed44243 MINOR: ssl/cli: display warning during 'commit ssl cert' by William Lallemand · Thu Nov 21 16:41:07 2019 +0100
  72. 8ef0c2a MEDIUM: ssl/cli: apply SSL configuration on SSL_CTX during commit by William Lallemand · Thu Nov 21 16:30:34 2019 +0100
  73. 8b45391 MINOR: ssl: ssl_sock_prepare_ctx() return an error code by William Lallemand · Thu Nov 21 15:48:10 2019 +0100
  74. 3c8bde8 BUILD/MINOR: ssl: fix compiler warning about useless statement by Eric Salama · Wed Nov 20 11:33:40 2019 +0100
  75. 0bc9c8a MINOR: ssl/cli: 'abort ssl cert' deletes an on-going transaction by William Lallemand · Tue Nov 19 15:51:51 2019 +0100
  76. c5fdf0f BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1 by Emmanuel Hocdet · Mon Nov 04 15:49:46 2019 +0100
  77. c3775d2 BUG/MINOR: ssl: ssl_pkey_info_index ex_data can store a dereferenced pointer by Emmanuel Hocdet · Mon Nov 04 18:19:32 2019 +0100
  78. 21724f0 MINOR: ssl/cli: replace the default_ctx during 'commit ssl cert' by William Lallemand · Mon Nov 04 17:56:13 2019 +0100
  79. 3246d94 BUG/MINOR: ssl/cli: fix an error when a file is not found by William Lallemand · Mon Nov 04 14:02:11 2019 +0100
  80. 37031b8 BUG/MINOR: ssl/cli: unable to update a certificate without bundle extension by William Lallemand · Mon Nov 04 13:38:53 2019 +0100
  81. 8a7fdf0 BUG/MEDIUM: ssl/cli: don't alloc path when cert not found by William Lallemand · Mon Nov 04 10:59:32 2019 +0100
  82. 40f2f1e BUG/MEDIUM: ssl/cli: fix dot research in cli_parse_set_cert by Emmanuel Hocdet · Wed Oct 30 17:31:28 2019 +0100
  83. eaad5cc MINOR: ssl: BoringSSL ocsp_response does not need issuer by Emmanuel Hocdet · Fri Oct 25 12:19:00 2019 +0200
  84. 83cbd3c BUG/MINOR: ssl: double free on error for ckch->{key,cert} by Emmanuel Hocdet · Fri Oct 25 11:55:03 2019 +0200
  85. ed17f47 BUG/MINOR: ssl: ckch->chain must be initialized by Emmanuel Hocdet · Thu Oct 24 18:28:33 2019 +0200
  86. f6ac4fa BUG/MINOR: ssl: segfault in cli_parse_set_cert with old openssl/boringssl by Emmanuel Hocdet · Wed Oct 30 17:41:27 2019 +0100
  87. 33cc76f BUG/MINOR: ssl/cli: check trash allocation in cli_io_handler_commit_cert() by William Lallemand · Thu Oct 31 11:43:45 2019 +0100
  88. beea2a4 CLEANUP: ssl/cli: remove leftovers of bundle/certs (it < 2) by William Lallemand · Wed Oct 30 17:45:33 2019 +0100
  89. bc6ca7c MINOR: ssl/cli: rework 'set ssl cert' as 'set/commit' by William Lallemand · Tue Oct 29 23:48:19 2019 +0100
  90. 0580052 BUILD/MINOR: ssl: shut up a build warning about format truncation by Willy Tarreau · Tue Oct 29 10:48:50 2019 +0100
  91. 430413e MINOR: ssl/cli: rework the 'set ssl cert' IO handler by William Lallemand · Mon Oct 28 14:30:47 2019 +0100
  92. 1212db4 BUG/MINOR: ssl/cli: cleanup on cli_parse_set_cert error by William Lallemand · Mon Oct 28 14:26:56 2019 +0100
  93. f29cdef BUG/MINOR: ssl/cli: out of bounds when built without ocsp/sctl by William Lallemand · Wed Oct 23 15:00:52 2019 +0200
  94. 541a534 BUG/MINOR: ssl/cli: fix build of SCTL and OCSP by William Lallemand · Wed Oct 23 14:11:54 2019 +0200
  95. 8f840d7 MEDIUM: cli/ssl: handle the creation of SSL_CTX in an IO handler by William Lallemand · Wed Oct 23 10:53:05 2019 +0200
  96. 0c3b7d9 MINOR: ssl/cli: assignate a new ckch_store by William Lallemand · Fri Oct 18 11:27:07 2019 +0200
  97. 8c1cdde MINOR: ssl: new functions duplicate and free a ckch_store by William Lallemand · Fri Oct 18 10:58:14 2019 +0200
  98. 8d0f893 MINOR: ssl: copy a ckch from src to dst by William Lallemand · Thu Oct 17 18:03:58 2019 +0200
  99. 455af50 MINOR: ssl: update ssl_sock_free_cert_key_and_chain_contents by William Lallemand · Thu Oct 17 18:04:45 2019 +0200
  100. 44b3532 MINOR: ssl/cli: update ocsp/issuer/sctl file from the CLI by William Lallemand · Thu Oct 17 16:28:40 2019 +0200