Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / f75cc5468a6d4febf2b2263e3e193eeb179a5867 / src / ssl_ckch.c
  1. 78c7a06 MINOR: ssl: reintroduce ERR_GET_LIB(ret) == ERR_LIB_PEM in ssl_sock_load_pem_into_ckch() by William Lallemand · Tue Nov 15 17:12:03 2022 +0100
  2. 6fcc86b BUILD: ssl: use __fallthrough in cli_io_handler_commit_{cert,cafile_crlfile}() by Willy Tarreau · Mon Nov 14 07:05:31 2022 +0100
  3. 1ef1b85 CLEANUP: ssl: remove dead code in ssl_sock_load_pem_into_ckch() by William Lallemand · Sun Oct 30 19:00:06 2022 +0100
  4. 432cd1a MEDIUM: ssl: be stricter about chain error by William Lallemand · Tue Oct 25 15:55:13 2022 +0200
  5. a538452 MINOR: ssl: add the SSL error string before the chain by William Lallemand · Tue Oct 25 15:53:01 2022 +0200
  6. f784b90 MINOR: ssl: add the SSL error string when failing to load a certificate by William Lallemand · Tue Oct 25 12:31:39 2022 +0200
  7. e0fa91f BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() v2 by William Lallemand · Wed Aug 31 14:26:49 2022 +0200
  8. 0bfa3e7 BUG/MINOR: ssl: revert two wrong fixes with ckhi_link by William Lallemand · Tue Aug 30 17:32:38 2022 +0200
  9. ddd480c BUG/MEDIUM: ssl: Fix a UAF when old ckch instances are released by Christopher Faulet · Tue Aug 30 16:27:49 2022 +0200
  10. 056ad01 BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() by William Lallemand · Mon Aug 29 18:53:34 2022 +0200
  11. 946580e BUG/MINOR: ssl: fix deinit of the ca-file tree by William Lallemand · Mon Aug 29 18:36:18 2022 +0200
  12. 62c0b99 MINOR: ssl/cli: implement "add ssl ca-file" by William Lallemand · Fri Jul 29 17:50:58 2022 +0200
  13. d4774d3 MINOR: ssl: handle ca-file appending in cafile_entry by William Lallemand · Fri Jul 29 17:08:02 2022 +0200
  14. ec7eb59 BUG/MINOR: ssl/cli: error when the ca-file is empty by William Lallemand · Thu Aug 18 15:53:02 2022 +0200
  15. 0f17ab2 MINOR: ssl: enhance ca-file error emitting by William Lallemand · Tue Jul 19 18:03:16 2022 +0200
  16. 4348232 BUG/MINOR: ssl: allow duplicate certificates in ca-file directories by William Lallemand · Mon Jul 18 18:42:52 2022 +0200
  17. 1bad7db BUG/MINOR: ssl: Do not look for key in extra files if already in pem by Remi Tricot-Le Breton · Tue Jun 07 16:29:44 2022 +0200
  18. d543ae0 BUILD: ssl_ckch: fix "maybe-uninitialized" build error on gcc-9.4 + ARM by Willy Tarreau · Wed Jun 22 05:40:25 2022 +0200
  19. 1f90f33 BUG/MINOR: ssl_ckch: Fix another possible uninitialized value by Christopher Faulet · Fri Jun 03 16:34:30 2022 +0200
  20. ea2c8c6 BUILD: ssl_ckch: Fix build error about a possible uninitialized value by Christopher Faulet · Fri Jun 03 16:37:31 2022 +0200
  21. 88041b3 BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_crlfile I/O handler by Christopher Faulet · Fri Jun 03 16:26:56 2022 +0200
  22. 677cb4f BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cafile I/O handler by Christopher Faulet · Fri Jun 03 16:25:35 2022 +0200
  23. d1d2e4d BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cert I/O handler by Christopher Faulet · Fri Jun 03 16:24:02 2022 +0200
  24. d6c66f0 MINOR: ssl_ckch: Remove service context for "set ssl crl-file" command by Christopher Faulet · Fri Jun 03 11:59:10 2022 +0200
  25. 132c595 MINOR: ssl_ckch: Remove service context for "set ssl ca-file" command by Christopher Faulet · Fri Jun 03 11:56:26 2022 +0200
  26. 24a20b9 MINOR: ssl_ckch: Remove service context for "set ssl cert" command by Christopher Faulet · Fri Jun 03 11:50:40 2022 +0200
  27. 6af2fc6 MINOR: ssl_ckch: Simplify structure used to commit changes on CA/CRL entries by Christopher Faulet · Fri Jun 03 11:42:38 2022 +0200
  28. dd0c483 CLEANUP: ssl_ckch: Remove unused field in commit_cacrlfile_ctx structure by Christopher Faulet · Fri Jun 03 11:35:37 2022 +0200
  29. f814c4a BUG/MINOR: ssl_ckch: Init right field when parsing "commit ssl crl-file" cmd by Christopher Faulet · Fri Jun 03 11:32:05 2022 +0200
  30. 3e94f5d BUG/MINOR: ssl_ckch: Dump cert transaction only once if show command yield by Christopher Faulet · Fri Jun 03 10:46:40 2022 +0200
  31. 5a2154b BUG/MINOR: ssl_ckch: Dump CA transaction only once if show command yield by Christopher Faulet · Fri Jun 03 10:42:48 2022 +0200
  32. 9a99e54 BUG/MINOR: ssl_ckch: Dump CRL transaction only once if show command yield by Christopher Faulet · Fri Jun 03 10:32:18 2022 +0200
  33. 51095ee BUG/MINOR: ssl_ckch: Use right type for old entry in show_crlfile_ctx by Christopher Faulet · Fri Jun 03 10:21:27 2022 +0200
  34. ddc8e1c MINOR: ssl_ckch: Simplify I/O handler to commit changes on CA/CRL entry by Christopher Faulet · Fri Jun 03 09:00:09 2022 +0200
  35. 14df913 CLEANUP: ssl_ckch: Use corresponding enum for commit_cacrlfile_ctx.cafile_type by Christopher Faulet · Fri Jun 03 09:17:09 2022 +0200
  36. e9c3bd1 BUG/MEDIUM: ssl_ckch: Rework 'commit ssl ca-file' to handle full buffer cases by Christopher Faulet · Tue May 31 17:51:06 2022 +0200
  37. 9d56e24 BUG/MEDIUM: ssl_ckch: Rework 'commit ssl cert' to handle full buffer cases by Christopher Faulet · Tue May 31 16:37:01 2022 +0200
  38. 1e00c7e BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a CA/CRL entry by Christopher Faulet · Tue May 31 18:10:19 2022 +0200
  39. e2ef4dd BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a cert entry by Christopher Faulet · Tue May 31 18:07:59 2022 +0200
  40. 1f08fa4 BUG/MEDIUM: ssl_ckch: Don't delete CA/CRL entry if it is being modified by Christopher Faulet · Tue May 31 18:06:30 2022 +0200
  41. 926fefc BUG/MEDIUM: ssl_ckch: Don't delete a cert entry if it is being modified by Christopher Faulet · Tue May 31 18:04:25 2022 +0200
  42. 4329dcc BUG/MINOR: ssl_ckch: Free error msg if commit changes on a CA/CRL entry fails by Christopher Faulet · Tue May 31 18:03:26 2022 +0200
  43. 01a09e2 BUG/MINOR: ssl_ckch: Free error msg if commit changes on a cert entry fails by Christopher Faulet · Tue May 31 18:02:30 2022 +0200
  44. c12b321 CLEANUP: applet: rename appctx_cs() to appctx_sc() by Willy Tarreau · Fri May 27 11:08:15 2022 +0200
  45. 475e463 CLEANUP: cli: rename all occurrences of stconn "cs" to "sc" by Willy Tarreau · Fri May 27 10:26:46 2022 +0200
  46. cb086c6 REORG: stconn: rename conn_stream.{c,h} to stconn.{c,h} by Willy Tarreau · Fri May 27 09:47:12 2022 +0200
  47. 5edca2f REORG: rename cs_utils.h to sc_strm.h by Willy Tarreau · Fri May 27 09:25:10 2022 +0200
  48. 4164eb9 MINOR: stconn: start to rename cs_rx_endp_{more,done}() to se_have_{no_,}more_data() by Willy Tarreau · Wed May 25 15:42:03 2022 +0200
  49. 40a9c32 CLEANUP: stconn: rename cs_{i,o}{b,c} to sc_{i,o}{b,c} by Willy Tarreau · Wed May 18 15:55:18 2022 +0200
  50. d0a06d5 CLEANUP: applet: use applet_put*() everywhere possible by Willy Tarreau · Wed May 18 15:07:19 2022 +0200
  51. 4596fe2 CLEANUP: conn_stream: tree-wide rename to stconn (stream connector) by Willy Tarreau · Tue May 17 19:07:51 2022 +0200
  52. 9bf3a1f BUG/MINOR: ssl: Fix crash when no private key is found in pem by Remi Tricot-Le Breton · Mon May 09 11:07:13 2022 +0200
  53. 0698c80 CLEANUP: applet: remove the unneeded appctx->owner by Willy Tarreau · Wed May 11 14:09:57 2022 +0200
  54. 444d702 BUG/MINOR: ssl: Fix typos in crl-file related CLI commands by Remi Tricot-Le Breton · Thu May 05 17:18:40 2022 +0200
  55. e4b93eb MINOR: ssl: ignore dotfiles when loading a dir w/ ca-file by William Lallemand · Mon May 09 09:29:00 2022 +0200
  56. 1d6dd80 CLEANUP: ssl/cli: stop using appctx->st2 for "commit ssl ca/crl" by Willy Tarreau · Thu May 05 08:17:29 2022 +0200
  57. dec23dc CLEANUP: ssl/cli: use a local context for "commit ssl {ca|crl}file" by Willy Tarreau · Wed May 04 20:25:05 2022 +0200
  58. a06b9a5 CLEANUP: ssl/cli: use a local context for "set ssl crlfile" by Willy Tarreau · Wed May 04 20:33:03 2022 +0200
  59. a37693f CLEANUP: ssl/cli: use a local context for "set ssl cafile" by Willy Tarreau · Wed May 04 20:12:55 2022 +0200
  60. 329f4b4 CLEANUP: ssl/cli: use a local context for "set ssl cert" by Willy Tarreau · Wed May 04 20:05:55 2022 +0200
  61. cb1b4ed CLEANUP: ssl/cli: stop using appctx->st2 for "commit ssl cert" by Willy Tarreau · Thu May 05 08:15:27 2022 +0200
  62. a645b6a CLEANUP: ssl/cli: use a local context for "commit ssl cert" by Willy Tarreau · Wed May 04 19:58:00 2022 +0200
  63. 96c9a6c CLEANUP: ssl/cli: use a local context for "show ssl cert" by Willy Tarreau · Wed May 04 19:51:37 2022 +0200
  64. f3e8b3e CLEANUP: ssl/cli: use a local context for "show crlfile" by Willy Tarreau · Wed May 04 19:38:57 2022 +0200
  65. 50c2f1e CLEANUP: ssl/cli: use a local context for "show cafile" by Willy Tarreau · Wed May 04 19:26:59 2022 +0200
  66. 4fd9b4d BUG/MINOR: ssl/cli: fix "show ssl cert" not to mix cli+ssl contexts by Willy Tarreau · Wed May 04 16:11:50 2022 +0200
  67. 4cf3ef8 BUG/MINOR: ssl/cli: fix "show ssl crl-file" not to mix cli+ssl contexts by Willy Tarreau · Wed May 04 16:01:24 2022 +0200
  68. 0630579 BUG/MINOR: ssl/cli: fix "show ssl ca-file <name>" not to mix cli+ssl contexts by Willy Tarreau · Wed May 04 15:57:30 2022 +0200
  69. 821c3b0 BUG/MINOR: ssl/cli: fix "show ssl ca-file/crl-file" not to mix cli+ssl contexts by Willy Tarreau · Wed May 04 15:47:39 2022 +0200
  70. 03a32e5 BUG/MEDIUM: ssl/cli: fix yielding in show_cafile_detail by William Lallemand · Tue Apr 26 18:17:15 2022 +0200
  71. 4cfbf3c BUG/MINOR: ssl: memory leak when trying to load a directory with ca-file by William Lallemand · Tue Apr 26 15:57:33 2022 +0200
  72. b0c4827 BUG/MINOR: ssl: free the cafile entries on deinit by William Lallemand · Tue Apr 26 15:44:53 2022 +0200
  73. 6b0a0fb CLEANUP: tree-wide: Remove any ref to stream-interfaces by Christopher Faulet · Mon Apr 04 11:29:28 2022 +0200
  74. a0bdec3 MEDIUM: stream-int/conn-stream: Move blocking flags from SI to CS by Christopher Faulet · Mon Apr 04 07:51:21 2022 +0200
  75. 908628c MEDIUM: tree-wide: Use CS util functions instead of SI ones by Christopher Faulet · Fri Mar 25 16:43:49 2022 +0100
  76. e8041fe BUG/MINOR: ssl/cli: Remove empty lines from CLI output by Remi Tricot-Le Breton · Tue Apr 05 16:44:21 2022 +0200
  77. 80296b4 BUG/MINOR: ssl: handle X509_get_default_cert_dir() returning NULL by William Lallemand · Tue Apr 05 10:19:30 2022 +0200
  78. c6b1763 MINOR: ssl: ca-file @system-ca loads the system trusted CA by William Lallemand · Fri Apr 01 23:39:37 2022 +0200
  79. 4f6ca32 BUG/MINOR: ssl: continue upon error when opening a directory w/ ca-file by William Lallemand · Fri Apr 01 23:36:05 2022 +0200
  80. 87fd994 MEDIUM: ssl: allow loading of a directory with the ca-file directive by William Lallemand · Fri Apr 01 20:12:03 2022 +0200
  81. 30fcca1 MINOR: ssl/lua: CertCache.set() allows to update an SSL certificate file by William Lallemand · Wed Mar 30 12:03:12 2022 +0200
  82. 26654e7 MINOR: ssl: add "crt" in the cert_exts array by William Lallemand · Wed Mar 30 12:01:32 2022 +0200
  83. e60c7d6 MINOR: ssl: export ckch_inst_rebuild() by William Lallemand · Wed Mar 30 11:26:15 2022 +0200
  84. ff8bf98 MINOR: ssl: simplify the certificate extensions array by William Lallemand · Tue Mar 29 10:44:23 2022 +0200
  85. aaacc7e MINOR: ssl: move the cert_exts and the CERT_TYPE enum by William Lallemand · Thu Mar 24 17:48:40 2022 +0100
  86. 3b5a3a6 MINOR: ssl: split the cert commit io handler by William Lallemand · Tue Mar 29 14:29:31 2022 +0200
  87. 86e1c33 MEDIUM: applet: Set the conn-stream as appctx owner instead of the stream-int by Christopher Faulet · Mon Dec 20 17:09:39 2021 +0100
  88. a9a591a BUG/MINOR: ssl: Add missing return value check in ssl_ocsp_response_print by Remi Tricot-Le Breton · Wed Feb 16 14:42:22 2022 +0100
  89. c76c3c4 MEDIUM: ssl: Replace all DH objects by EVP_PKEY on OpenSSLv3 (via HASSL_DH type) by Remi Tricot-Le Breton · Fri Feb 11 12:04:55 2022 +0100
  90. ce99033 BUG/MINOR: ssl: free correctly the sni in the backend SSL cache by William Lallemand · Tue Nov 23 15:15:09 2021 +0100
  91. e18d4e8 BUG/MEDIUM: ssl: backend TLS resumption with sni and TLSv1.3 by William Lallemand · Wed Nov 17 02:59:21 2021 +0100
  92. 025b93e CLEANUP: Apply ha_free.cocci by Tim Duesterhus · Thu Nov 04 21:03:52 2021 +0100
  93. 74f2456 BUILD: ssl_ckch: include ebpttree.h in ssl_ckch.c by Willy Tarreau · Wed Oct 06 17:54:12 2021 +0200
  94. b11ad9e MINOR: ssl: fix typo in usage for 'new ssl ca-file' by Amaury Denoyelle · Fri May 21 11:01:10 2021 +0200
  95. 3faf0cb BUILD: ssl: Fix compilation with BoringSSL by Remi Tricot-Le Breton · Thu Jun 10 18:10:32 2021 +0200
  96. 6056e61 MINOR: ssl: Add the "show ssl cert foo.pem.ocsp" CLI command by Remi Tricot-Le Breton · Thu Jun 10 13:51:15 2021 +0200
  97. da968f6 MINOR: ssl: Add the OCSP entry key when displaying the details of a certificate by Remi Tricot-Le Breton · Thu Jun 10 13:51:14 2021 +0200
  98. a6b2784 CLEANUP: ssl: Fix coverity issues found in CA file hot update code by Remi Tricot-Le Breton · Tue May 18 10:06:00 2021 +0200
  99. 18c7d83 BUILD/MINOR: ssl: Fix compilation with OpenSSL 1.0.2 by Remi Tricot-Le Breton · Mon May 17 18:38:34 2021 +0200
  100. d75b99e BUILD/MINOR: ssl: Fix compilation with SSL enabled by Remi Tricot-Le Breton · Mon May 17 11:45:55 2021 +0200