Gitiles
Code Review
Sign In
git01.mediatek.com
/
haproxy
/
f3241115e7195925a30e41e363536b24111c0cc8
/
src
/
ssl_sock.c
526894f
BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages
by Dirkjan Bussink
· 6 years ago
f24502b
BUG/MEDIUM: connections: Add the CO_FL_CONNECTED flag if a send succeeded.
by Olivier Houchard
· 6 years ago
9e75477
MINOR: ssl: add support of aes256 bits ticket keys on file and cli.
by Emeric Brun
· 6 years ago
09852f7
BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file
by Emeric Brun
· 6 years ago
51088ce
BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.
by Olivier Houchard
· 6 years ago
9215014
MEDIUM: checks: Add check-alpn.
by Olivier Houchard
· 6 years ago
ab28a32
MINOR: ssl: Add ssl_sock_set_alpn().
by Olivier Houchard
· 6 years ago
6818595
BUILD: ssl: Fix compilation without deprecated OpenSSL 1.1 APIs
by Rosen Penev
· 6 years ago
e0f24ee
MINOR: connection: realign empty buffers in muxes, not transport layers
by Willy Tarreau
· 6 years ago
e064a80
BUG/MINOR: fix ssl_fc_alpn and actually add ssl_bc_alpn
by Jérôme Magnin
· 6 years ago
6be139f
BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id
by Baptiste Assmann
· 6 years ago
7706b85
MINOR: ssl: free ctx when libssl doesn't support NPN
by Lukas Tribus
· 6 years ago
8071338
MINOR: initcall: apply initcall to all register_build_opts() calls
by Willy Tarreau
· 6 years ago
86abe44
MEDIUM: init: use self-initializing spinlocks and rwlocks
by Willy Tarreau
· 6 years ago
0108d90
MEDIUM: init: convert all trivial registration calls to initcalls
by Willy Tarreau
· 6 years ago
da95fd9
BUILD/MINOR: ssl: fix build with non-alpn/non-npn libssl
by Lukas Tribus
· 6 years ago
6b77f49
MEDIUM: ssl: Add ssl_bc_alpn and ssl_bc_npn sample fetches.
by Olivier Houchard
· 6 years ago
c756600
MINOR: server: Add "alpn" and "npn" keywords.
by Olivier Houchard
· 6 years ago
017b3da
CLEANUP: fix typos in the ssl_sock subsystem
by Joseph Herlant
· 6 years ago
db39843
MINOR: stream-int: replace si_cant_put() with si_rx_room_{blk,rdy}()
by Willy Tarreau
· 6 years ago
0cd3bd6
MINOR: stream-int: rename si_applet_{want|stop|cant}_{get|put}
by Willy Tarreau
· 6 years ago
4c8aa11
BUG/MINOR: ssl: Wrong usage of shctx_init().
by Frédéric Lécaille
· 6 years ago
b7838af
MINOR: shctx: Add a maximum object size parameter.
by Frédéric Lécaille
· 6 years ago
0bec807
MINOR: shctx: Shared objects block by block allocation.
by Frédéric Lécaille
· 6 years ago
a882552
BUILD: ssl: fix another null-deref warning in ssl_sock_switchctx_cbk()
by Willy Tarreau
· 6 years ago
b729077
BUILD: ssl: fix null-deref warning in ssl_fc_cipherlist_str sample fetch
by Willy Tarreau
· 6 years ago
83a0cd8
MINOR: connections: Introduce an unsubscribe method.
by Olivier Houchard
· 6 years ago
7ad43e7
BUG/MEDIUM: Cur/CumSslConns counters not threadsafe.
by Emeric Brun
· 6 years ago
415150f
MEDIUM: ssl: add support for ciphersuites option for TLSv1.3
by Dirkjan Bussink
· 6 years ago
747ca61
MINOR: ssl: generate-certificates for BoringSSL
by Emmanuel Hocdet
· 6 years ago
a9b8402
MINOR: ssl: cleanup old openssl API call
by Emmanuel Hocdet
· 6 years ago
61c112a
REORG: http: move HTTP rules parsing to http_rules.c
by Willy Tarreau
· 6 years ago
07d94e4
BUILD: ssl_sock: remove build warnings on potential null-derefs
by Willy Tarreau
· 6 years ago
9f9b0c6
BUG/MEDIUM: ECC cert should work with TLS < v1.2 and openssl >= 1.1.1
by Emmanuel Hocdet
· 6 years ago
1c913e4
BUG/MEDIUM: cli/ssl: don't store base64dec() result in the trash's length
by Willy Tarreau
· 6 years ago
a25282b
DOC: ssl: Use consistent naming for TLS protocols
by Bertrand Jacquin
· 6 years ago
e1b4ed4
BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error.
by Emeric Brun
· 6 years ago
eb155b6
BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle.
by Emeric Brun
· 6 years ago
77e8919
BUG/MINOR: ssl: empty connections reported as errors.
by Emeric Brun
· 6 years ago
6ff2039
MINOR: connections/mux: Add a new "subscribe" method.
by Olivier Houchard
· 6 years ago
83061a8
MAJOR: chunks: replace struct chunk with struct buffer
by Willy Tarreau
· 6 years ago
843b7cb
MEDIUM: chunks: make the chunk struct's fields match the buffer struct
by Willy Tarreau
· 6 years ago
acd1403
MINOR: buffer: Use b_add()/bo_add() instead of accessing b->i/b->o.
by Olivier Houchard
· 6 years ago
591d445
MINOR: buffer: use b_orig() to replace most references to b->data
by Willy Tarreau
· 6 years ago
0c7ed5d
MINOR: buffer: replace buffer_empty() with b_empty() or c_empty()
by Willy Tarreau
· 6 years ago
7f3225f
MINOR: connection: add a flags argument to rcv_buf()
by Willy Tarreau
· 6 years ago
bfc4d77
MEDIUM: connection: make xprt->rcv_buf() use size_t for the count
by Willy Tarreau
· 6 years ago
787db9a
MEDIUM: connection: make xprt->snd_buf() take the byte count in argument
by Willy Tarreau
· 6 years ago
0e11d59
MINOR: buffer: remove bo_contig_data()
by Willy Tarreau
· 6 years ago
8f9c72d
MINOR: buffer: remove bi_end()
by Willy Tarreau
· 6 years ago
89faf5d
MINOR: buffer: remove bo_ptr()
by Willy Tarreau
· 6 years ago
17b4aa1
BUG/MINOR: ssl: properly ref-count the tls_keys entries
by Willy Tarreau
· 6 years ago
3448c49
BUG/MEDIUM: ssl: do not store pkinfo with SSL_set_ex_data
by Emmanuel Hocdet
· 6 years ago
28962c9
BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
by Thierry FOURNIER
· 6 years ago
16ff050
BUG/MAJOR: ssl: Random crash with cipherlist capture
by Thierry FOURNIER
· 6 years ago
926594f
MINOR: ssl: set SSL_OP_PRIORITIZE_CHACHA
by Lukas Tribus
· 7 years ago
03f4ec4
BUG/MEDIUM: ssl: properly protect SSL cert generation
by Willy Tarreau
· 7 years ago
e027547
MINOR: ssl: add fetch 'ssl_fc_session_key' and 'ssl_bc_session_key'
by Patrick Hemmer
· 7 years ago
4196677
MINOR: ssl: disable SSL sample fetches when unsupported
by Patrick Hemmer
· 7 years ago
1e0867c
MINOR: ssl: Add payload support to "set ssl ocsp-response"
by Aurélien Nephtali
· 7 years ago
abbf607
MEDIUM: cli: Add payload support
by Aurélien Nephtali
· 7 years ago
9a4da68
MINOR: cli: Ensure the CLI always outputs an error when it should
by Aurélien Nephtali
· 7 years ago
13c53f8
BUILD: ssl: Fix build with OpenSSL without NPN capability
by Bernard Spil
· 7 years ago
6e8a41d
BUG/MINOR: cli: Ensure all command outputs end with a LF
by Aurélien Nephtali
· 7 years ago
76de95a
CLEANUP: ssl: Remove a duplicated #include
by Aurélien Nephtali
· 7 years ago
253c3b7
MINOR: connection: add proxy-v2-options authority
by Emmanuel Hocdet
· 7 years ago
283e004
MINOR: ssl: add ssl_sock_get_cert_sig function
by Emmanuel Hocdet
· 7 years ago
96b7834
MINOR: ssl: add ssl_sock_get_pkey_algo function
by Emmanuel Hocdet
· 7 years ago
ddc090b
MINOR: ssl: extract full pkey info in load_certificate
by Emmanuel Hocdet
· 7 years ago
74f7ffa
MINOR: ssl/sample: adds ssl_bc_is_resumed fetch keyword.
by Emeric Brun
· 7 years ago
eb8def9
BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken.
by Emeric Brun
· 7 years ago
4ac77a9
BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL
by Christopher Faulet
· 7 years ago
16f45c8
BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe
by Christopher Faulet
· 7 years ago
7e2e505
BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable.
by Olivier Houchard
· 7 years ago
25ae45a
MINOR: early data: Never remove the CO_FL_EARLY_DATA flag.
by Olivier Houchard
· 7 years ago
6fa63d9
MINOR: early data: Don't rely on CO_FL_EARLY_DATA to wake up streams.
by Olivier Houchard
· 7 years ago
a9786b6
MINOR: fd: pass the iocb and owner to fd_insert()
by Willy Tarreau
· 7 years ago
99b90af
BUG/MEDIUM: ssl: cache doesn't release shctx blocks
by William Lallemand
· 7 years ago
5d4cafb
BUILD: ssl: silence a warning when building without NPN nor ALPN support
by Willy Tarreau
· 7 years ago
ece0c33
BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically.
by Emeric Brun
· 7 years ago
c61c0b3
BUG/MINOR: ssl: support tune.ssl.cachesize 0 again
by William Lallemand
· 7 years ago
cebd796
BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream
by Emmanuel Hocdet
· 7 years ago
c3cd35f
BUG/MEDIUM: ssl: don't allocate shctx several time
by William Lallemand
· 7 years ago
bafbe01
CLEANUP: pools: rename all pool functions and pointers to remove this "2"
by Willy Tarreau
· 7 years ago
767a84b
CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
by Christopher Faulet
· 7 years ago
ca6a957
MINOR: ssl: Handle early data with BoringSSL
by Emmanuel Hocdet
· 7 years ago
90084a1
MINOR: ssl: Handle reading early data after writing better.
by Olivier Houchard
· 7 years ago
ff3a41e
BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line
by Christopher Faulet
· 7 years ago
424ecfb
MINOR: ssl: Don't disable early data handling if we could not write.
by Olivier Houchard
· 7 years ago
777e4b9
BUG/MINOR: ssl: Always start the handshake if we can't send early data.
by Olivier Houchard
· 7 years ago
e9bed53
MINOR: ssl: Make sure we don't shutw the connection before the handshake.
by Olivier Houchard
· 7 years ago
e6060c5
MINOR: SSL: Store the ASN1 representation of client sessions.
by Olivier Houchard
· 7 years ago
9dcf9b6
MINOR: threads: Use __decl_hathreads to declare locks
by Christopher Faulet
· 7 years ago
522eea7
MINOR: ssl: Handle sending early data to server.
by Olivier Houchard
· 7 years ago
cfdef2e
MINOR: ssl: Spell 0x10101000L correctly.
by Olivier Houchard
· 7 years ago
bd84ac8
MINOR: ssl: Handle session resumption with TLS 1.3
by Olivier Houchard
· 7 years ago
35a63cc
BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf because a SNI is matched.
by Olivier Houchard
· 7 years ago
2a944ee
BUILD: threads: Rename SPIN/RWLOCK macros using HA_ prefix
by Christopher Faulet
· 7 years ago
79a481d
MINOR: ssl: Remove the global allow-0rtt option.
by Olivier Houchard
· 7 years ago
821bb9b
MAJOR: threads/ssl: Make SSL part thread-safe
by Emeric Brun
· 7 years ago
Next »