Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / f2b02cfd940eec2810590ef15b37631defd11b6b / src / cfgparse-ssl.c
  1. c57fb3b MINOR: cfgparse-ssl: avoid a possible crash on OOM in ssl_bind_parse_npn() by Willy Tarreau · Thu Dec 29 11:11:02 2022 +0100
  2. c8d814e MINOR: ssl: Move OCSP code to a dedicated source file by Remi Tricot-Le Breton · Tue Dec 20 11:11:17 2022 +0100
  3. aff8277 MEDIUM: ssl: Start update task if at least one ocsp-update option is set to on by Remi Tricot-Le Breton · Tue Dec 20 11:11:14 2022 +0100
  4. 03c5fff MINOR: ssl: Add crt-list ocsp-update option by Remi Tricot-Le Breton · Tue Dec 20 11:11:10 2022 +0100
  5. f813dab BUG/MINOR: ssl: crt-ignore-err memory leak with 'all' parameter by William Lallemand · Mon Nov 14 11:36:11 2022 +0100
  6. 380085d CLEANUP: ssl: remove printf in bind_parse_ignore_err by William Lallemand · Mon Nov 14 11:34:07 2022 +0100
  7. 960fb74 MEDIUM: ssl: {ca,crt}-ignore-err can now use error constant name by William Lallemand · Thu Nov 03 16:31:50 2022 +0100
  8. 9b25982 BUG/MEDIUM: ssl: Verify error codes can exceed 63 by Remi Tricot-Le Breton · Thu Nov 10 10:48:58 2022 +0100
  9. 2071a99 MINOR: listener/ssl: set the SSL xprt layer only once the whole config is known by Willy Tarreau · Fri May 20 17:14:31 2022 +0200
  10. 1ea6e6a CLEANUP: listener: replace bind_conf->generate_cers with BC_O_GENERATE_CERTS by Willy Tarreau · Fri May 20 16:03:18 2022 +0200
  11. 11ba404 CLEANUP: listener: replace all uses of bind_conf->is_ssl with BC_O_USE_SSL by Willy Tarreau · Fri May 20 15:56:32 2022 +0200
  12. ccc0355 MINOR: ssl: Add 'ssl-provider-path' global option by Remi Tricot-Le Breton · Tue May 17 15:18:37 2022 +0200
  13. 1746a38 MINOR: ssl: Add 'ssl-provider' global option by Remi Tricot-Le Breton · Mon May 16 16:24:33 2022 +0200
  14. e809765 MINOR: ssl: Add 'ssl-propquery' global option by Remi Tricot-Le Breton · Mon May 16 16:24:32 2022 +0200
  15. 393e42a BUILD: ssl: work around bogus warning in gcc 12's -Wformat-truncation by Willy Tarreau · Mon May 09 10:31:28 2022 +0200
  16. 1024393 MINOR: ssl: add a new global option "tune.ssl.hard-maxrecord" by Thomas Prückl · Wed Apr 27 13:04:54 2022 +0200
  17. 7e2e4f8 CLEANUP: tree-wide: remove 25 occurrences of unneeded fcntl.h by Willy Tarreau · Tue Apr 26 10:30:35 2022 +0200
  18. d7bfbe2 BUILD: ssl: add USE_ENGINE and disable the openssl engine by default by William Lallemand · Mon Apr 11 18:41:24 2022 +0200
  19. 2c776f1 BUG/MEDIUM: ssl: initialize correctly ssl w/ default-server by William Lallemand · Tue Dec 28 18:47:17 2021 +0100
  20. 0d1dd0e BUILD: cfgparse-ssl: add missing errors.h by Willy Tarreau · Wed Oct 06 19:00:49 2021 +0200
  21. 79b90e8 MINOR: server: enable more keywords for ssl checks for dynamic servers by Amaury Denoyelle · Mon Sep 20 15:15:19 2021 +0200
  22. 310a260 MEDIUM: config: Deprecate tune.ssl.capture-cipherlist-size by Marcin Deranek · Tue Jul 13 19:04:24 2021 +0200
  23. 34897d2 MINOR: ssl: support ssl keyword for dynamic servers by Amaury Denoyelle · Wed May 19 09:49:41 2021 +0200
  24. 71f9a06 MINOR: ssl: enable a series of ssl keywords for dynamic servers by Amaury Denoyelle · Thu May 20 15:10:55 2021 +0200
  25. fde8260 MINOR: ssl: support crl arg for dynamic servers by Amaury Denoyelle · Mon Jun 14 10:10:32 2021 +0200
  26. 93be21e MINOR: ssl: support crt arg for dynamic servers by Amaury Denoyelle · Fri May 21 16:22:53 2021 +0200
  27. 4825502 MINOR: ssl: support ca-file arg for dynamic servers by Amaury Denoyelle · Wed May 19 09:46:59 2021 +0200
  28. 7addf56 MINOR: ssl: split parse functions for alpn/check-alpn by Amaury Denoyelle · Fri May 21 16:45:10 2021 +0200
  29. 36aa451 MINOR: ssl: render file-access optional on server crt loading by Amaury Denoyelle · Fri May 21 16:22:11 2021 +0200
  30. 1f9333b MINOR: ssl: check allocation in parse npn/sni by Amaury Denoyelle · Tue Jun 01 11:54:23 2021 +0200
  31. cbbf87f MINOR: ssl: check allocation in parse ciphers/ciphersuites/verifyhost by Amaury Denoyelle · Wed May 19 14:57:04 2021 +0200
  32. 949c94e MINOR: ssl: check allocation in ssl_sock_init_srv by Amaury Denoyelle · Wed May 19 11:52:50 2021 +0200
  33. 722180a BUILD: make tune.ssl.keylog available again by William Lallemand · Wed Jun 09 16:46:12 2021 +0200
  34. 0bb4824 MINOR: ssl: Add a cafile_entry type field by Remi Tricot-Le Breton · Fri Apr 16 17:59:23 2021 +0200
  35. af8820a CLEANUP: ssl: Move ssl_store related code to ssl_ckch.c by Remi Tricot-Le Breton · Tue Apr 13 10:10:37 2021 +0200
  36. cc81eca BUILD: config: cfgparse-ssl.c needs tools.h by Willy Tarreau · Sat May 08 12:54:42 2021 +0200
  37. 2b71810 CLEANUP: lists/tree-wide: rename some list operations to avoid some confusion by Willy Tarreau · Wed Apr 21 07:32:39 2021 +0200
  38. a0fd35b BUILD: ssl: guard ecdh functions with SSL_CTX_set_tmp_ecdh macro by Ilya Shipitsin · Sun Mar 21 12:50:47 2021 +0500
  39. fb00f31 BUG/MINOR: ssl: Prevent disk access when using "add ssl crt-list" by Remi Tricot-Le Breton · Tue Mar 23 16:41:53 2021 +0100
  40. 76e10e7 MINOR: server: prepare parsing for dynamic servers by Amaury Denoyelle · Mon Mar 08 17:08:01 2021 +0100
  41. 0182516 CLEANUP: config: make the cfg_keyword parsers take a const for the defproxy by Willy Tarreau · Tue Mar 09 09:53:46 2021 +0100
  42. 61cfdf4 CLEANUP: tree-wide: replace free(x);x=NULL with ha_free(&x) by Willy Tarreau · Sat Feb 20 10:46:51 2021 +0100
  43. bb470aa MINOR: ssl: Remove client_crt member of the server's ssl context by Remi Tricot-Le Breton · Mon Jan 25 17:19:45 2021 +0100
  44. d817dc7 MEDIUM: ssl: Load client certificates in a ckch for backend servers by Remi Tricot-Le Breton · Mon Jan 25 17:19:43 2021 +0100
  45. e5ff141 CLEANUP: Compare the return value of `XXXcmp()` functions with zero by Tim Duesterhus · Sat Jan 02 22:31:53 2021 +0100
  46. e50afbd MINOR: cfgparse: Do not modify the QUIC xprt when parsing "ssl". by Frédéric Lécaille · Mon Nov 23 11:33:12 2020 +0100
  47. f34ed0b BUILD: SSL: guard TLS13 ciphersuites with HAVE_SSL_CTX_SET_CIPHERSUITES by Ilya Shipitsin · Sat Nov 21 14:37:34 2020 +0500
  48. bdec3ba BUILD: ssl: use SSL_MODE_ASYNC macro instead of OPENSSL_VERSION by Ilya Shipitsin · Sat Nov 14 01:56:34 2020 +0500
  49. f637044 MEDIUM: cli/ssl: configure ssl on server at runtime by William Dauchy · Sat Nov 14 19:25:33 2020 +0100
  50. fc52f52 MINOR: ssl: create common ssl_ctx init by William Dauchy · Sat Nov 14 19:25:32 2020 +0100
  51. 0aa8c29 BUILD: ssl: use feature macros for detecting ec curves manipulation support by Ilya Shipitsin · Wed Nov 04 00:39:07 2020 +0500
  52. 04a5a44 BUILD: ssl: use HAVE_OPENSSL_KEYLOG instead of OpenSSL versions by Ilya Shipitsin · Tue Nov 03 14:15:38 2020 +0500
  53. 8e8581e MINOR: ssl: 'ssl-load-extra-del-ext' removes the certificate extension by William Lallemand · Tue Oct 20 17:36:46 2020 +0200
  54. 9a1d839 BUG/MINOR: ssl: ssl-skip-self-issued-ca requires >= 1.0.2 by William Lallemand · Mon Aug 10 17:28:23 2020 +0200
  55. 7d42ef5 WIP/MINOR: ssl: add sample fetches for keylog in frontend by William Lallemand · Mon Jul 06 11:41:30 2020 +0200
  56. 6be7849 REORG: include: move cfgparse.h to haproxy/cfgparse.h by Willy Tarreau · Fri Jun 05 00:00:29 2020 +0200
  57. 209108d REORG: include: move ssl_sock.h to haproxy/ssl_sock{,-t}.h by Willy Tarreau · Thu Jun 04 20:30:20 2020 +0200
  58. 213e990 REORG: include: move listener.h to haproxy/listener{,-t}.h by Willy Tarreau · Thu Jun 04 14:58:24 2020 +0200
  59. 6019fab REORG: include: move openssl-compat.h from common/ to haproxy/ by Willy Tarreau · Wed May 27 16:26:00 2020 +0200
  60. 8d36697 REORG: include: move base64.h, errors.h and hash.h from common to to haproxy/ by Willy Tarreau · Wed May 27 16:10:29 2020 +0200
  61. 4c7e4b7 REORG: include: update all files to use haproxy/api.h or api-t.h if needed by Willy Tarreau · Wed May 27 12:58:42 2020 +0200
  62. 8177ad9 MINOR: ssl: split config and runtime variable for ssl-{min,max}-ver by William Lallemand · Wed May 20 16:49:02 2020 +0200
  63. 5520d6f BUILD: ssl: fix build without OPENSSL_NO_ENGINE by William Lallemand · Mon May 18 13:42:49 2020 +0200
  64. dad3105 REORG: ssl: move ssl configuration to cfgparse-ssl.c by William Lallemand · Thu May 14 17:47:32 2020 +0200