Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / refs/heads/next-2.8 / src / ssl_sock.c
  1. f45355e BUG/MEDIUM: ssl_sock: fix deadlock in ssl_sock_load_ocsp() on error path by Valentine Krasnobaeva · 4 months ago
  2. 3f54384 MEDIUM: ssl: initialize the SSL stack explicitely by William Lallemand · 9 months ago
  3. 5c7595a BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration by William Lallemand · 6 months ago
  4. 8bd45d9 BUG/MINOR: ssl/ocsp: init callback func ptr as NULL by Valentine Krasnobaeva · 6 months ago
  5. fa15af6 CLEANUP: ssl/ocsp: readable ifdef in ssl_sock_load_ocsp by Valentine Krasnobaeva · 6 months ago
  6. 8b8d18f BUG/MINOR: ssl: Detect more 'ocsp-update' incompatibilities by Remi Tricot-Le Breton · 8 months ago
  7. 60289bf BUG/MAJOR: ssl/ocsp: crash with ocsp when old process exit or using ocsp CLI by William Lallemand · 9 months ago
  8. ad488ae BUG/MINOR: ssl: Reenable ocsp auto-update after an "add ssl crt-list" by Remi Tricot-Le Breton · 10 months ago
  9. f5a90c4 BUG/MEDIUM: ocsp: Separate refcount per instance and per store by Remi Tricot-Le Breton · 10 months ago
  10. 5e7e42d BUG/MINOR: ssl: Fix error message after ssl_sock_load_ocsp call by Remi Tricot-Le Breton · 10 months ago
  11. a0b31bd BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions by Olivier Houchard · 10 months ago
  12. 5e28c3a BUG/MINOR: quic: Missing call to TLS message callbacks by Frédéric Lécaille · 11 months ago
  13. 57359b9 BUG/MINOR: ssl: Double free of OCSP Certificate ID by Frédéric Lécaille · 12 months ago
  14. 40ff02b BUG/MEDIUM: ssl: segfault when cipher is NULL by William Lallemand · 1 year, 1 month ago
  15. 3f1e6f0 BUG/MINOR: ssl: suboptimal certificate selection with TLSv1.3 and dual ECDSA/RSA by William Lallemand · 1 year, 1 month ago
  16. ca1cedf BUG/MINOR: ssl: use a thread-safe sslconns increment by Amaury Denoyelle · 1 year, 1 month ago
  17. 36e1e8c MINOR: quic: Call the keylog callback for QUIC openssl wrapper from SSL_CTX_keylog() by Frédéric Lécaille · 1 year, 6 months ago
  18. 23937b7 MINOR: quic: Initialize TLS contexts for QUIC openssl wrapper by Frédéric Lécaille · 1 year, 6 months ago
  19. 94d7f8a BUG/MINOR: ssl_sock: fix possible memory leak on OOM by Willy Tarreau · 1 year, 3 months ago
  20. 5feb35d BUG/MINOR: ssl: OCSP callback only registered for first SSL_CTX by Remi Tricot-Le Breton · 1 year, 4 months ago
  21. 15c3d20 BUG/MINOR: ssl_sock: add check for ha_meth by eaglegai · 1 year, 6 months ago
  22. 930afdf BUILD: ssl: buggy -Werror=dangling-pointer since gcc 13.0 by William Lallemand · 1 year, 7 months ago
  23. b6ae2aa MINOR: ssl: allow to change the signature algorithm for client authentication by William Lallemand · 1 year, 7 months ago
  24. 1d3c822 MINOR: ssl: allow to change the server signature algorithm by William Lallemand · 1 year, 7 months ago
  25. 64a77e3 MINOR: ssl: disable CRL checks with WolfSSL when no CRL file by William Lallemand · 1 year, 7 months ago
  26. a2a0955 MINOR: ssl: do not set ALPN callback with the empty string by Willy Tarreau · 1 year, 7 months ago
  27. a21ca74 MINOR: ssl: remove OpenSSL 1.0.2 mention into certificate loading error by William Lallemand · 1 year, 7 months ago
  28. 2ca0158 CLEANUP: use "offsetof" where appropriate by Ilya Shipitsin · 1 year, 8 months ago
  29. 6d4c0c2 CLEANUP: ocsp: do no use strpcy() to copy a path! by Willy Tarreau · 1 year, 8 months ago
  30. 07be66d CLEANUP: assorted typo fixes in the code and comments by Ilya Shipitsin · 1 year, 8 months ago
  31. b39c24b BUG/MINOR: ssl: Stop leaking `err` in ssl_sock_load_ocsp() by Tim Duesterhus · 1 year, 8 months ago
  32. ac78c4f MINOR: ssl-sock: pass the CO_SFL_MSG_MORE info down the stack by Willy Tarreau · 1 year, 9 months ago
  33. 3a7b539 BUG/MEDIUM: connection: Preserve flags when a conn is removed from an idle list by Christopher Faulet · 1 year, 9 months ago
  34. f19c639 DEBUG: ssl-sock/show_fd: Display SSL error code by Christopher Faulet · 1 year, 9 months ago
  35. a6c0a59 MINOR: ssl: Use ocsp update task for "update ssl ocsp-response" command by Remi Tricot-Le Breton · 1 year, 9 months ago
  36. 86d1e0b BUG/MINOR: ssl: Fix ocsp-update when using "add ssl crt-list" by Remi Tricot-Le Breton · 1 year, 9 months ago
  37. 5843237 MINOR: ssl: Add global options to modify ocsp update min/max delay by Remi Tricot-Le Breton · 1 year, 9 months ago
  38. 0c96ee4 MINOR: ssl: Add certificate's path to certificate_ocsp structure by Remi Tricot-Le Breton · 1 year, 9 months ago
  39. af25a69 MEDIUM: quic: Remove qc_conn_finalize() from the ClientHello TLS callbacks by Frédéric Lécaille · 1 year, 10 months ago
  40. 222e5a2 BUG/MEDIUM: ssl: wrong eviction from the session cache tree by William Lallemand · 1 year, 10 months ago
  41. 6e1bbc4 REORG: channel: Rename CF_READ_NULL to CF_READ_EVENT by Christopher Faulet · 2 years ago
  42. 648c83e MINOR: ssl: Limit ocsp_uri buffer size to minimum by Remi Tricot-Le Breton · 1 year, 11 months ago
  43. 2d1daa8 BUG/MINOR: ssl: Fix OCSP_CERTID leak when same certificate is used multiple times by Remi Tricot-Le Breton · 1 year, 11 months ago
  44. 112b16a MINOR: ssl: Only set ocsp->issuer if issuer not in cert chain by Remi Tricot-Le Breton · 1 year, 11 months ago
  45. c8d814e MINOR: ssl: Move OCSP code to a dedicated source file by Remi Tricot-Le Breton · 2 years ago
  46. aff8277 MEDIUM: ssl: Start update task if at least one ocsp-update option is set to on by Remi Tricot-Le Breton · 2 years ago
  47. 6477bbd MEDIUM: ssl: Add ocsp update task main function by Remi Tricot-Le Breton · 2 years ago
  48. b55be8c MEDIUM: ssl: Insert ocsp responses in update tree when needed by Remi Tricot-Le Breton · 2 years ago
  49. bdd3c79 MINOR: ssl: Add ocsp_update_tree and helper functions by Remi Tricot-Le Breton · 2 years ago
  50. cc34667 MEDIUM: ssl: Add ocsp_certid in ckch structure and discard ocsp buffer early by Remi Tricot-Le Breton · 2 years ago
  51. eeaa29b MINOR: ssl: Add "update ssl ocsp-response" cli command by Remi Tricot-Le Breton · 2 years ago
  52. c0b4058 MINOR: ssl: Add helper function that checks the validity of an OCSP response by Remi Tricot-Le Breton · 2 years ago
  53. e09d2ae MINOR: ssl: Add OCSP request helper function by Remi Tricot-Le Breton · 2 years ago
  54. 47a4f12 MINOR: ssl: Add helper function that extracts an OCSP URI from a certificate by Remi Tricot-Le Breton · 2 years ago
  55. 2b96364 MINOR: ssl: Add a lock to the OCSP response tree by Remi Tricot-Le Breton · 2 years ago
  56. 4cf0d3f BUG/MINOR: ssl: Fix memory leak of find_chain in ssl_sock_load_cert_chain by Remi Tricot-Le Breton · 2 years ago
  57. e3d5f9a MINOR: ssl: Remove unnecessary alloc'ed trash chunk in show ocsp-response by Remi Tricot-Le Breton · 2 years ago
  58. 9334843 MINOR: ssl: Remove unneeded buffer allocation in show ocsp-response by Remi Tricot-Le Breton · 2 years ago
  59. 04007cb CLEANUP: ssl: remove check on srv->proxy by William Lallemand · 2 years ago
  60. 0adafb3 BUG/MINOR: startup: don't use internal proxies to compute the maxconn by William Lallemand · 2 years ago
  61. 52ddd99 MEDIUM: ssl: rename the struct "cert_key_and_chain" to "ckch_data" by William Lallemand · 2 years ago
  62. 3cbf09e MEDIUM: ssl: add minimal WolfSSL support with OpenSSL compatibility mode by Uriah Pollock · 2 years ago
  63. 881cce9 BUILD: ssl-sock: Silent error about NULL deref in ssl_sock_bind_verifycbk() by Christopher Faulet · 2 years ago
  64. b60a77b BUG/MINOR: ssl: don't initialize the keylog callback when not required by William Lallemand · 2 years ago
  65. 45fed2c MINOR: ssl: ssl_sock_load_cert_chain() display error strings by William Lallemand · 2 years ago
  66. a551f4f BUILD: ssl: use __fallthrough in cli_io_handler_tlskeys_files() by Willy Tarreau · 2 years ago
  67. 4639689 BUG/MINOR: ssl: bind_conf is uncorrectly accessed when using QUIC by William Lallemand · 2 years, 1 month ago
  68. 9b25982 BUG/MEDIUM: ssl: Verify error codes can exceed 63 by Remi Tricot-Le Breton · 2 years, 1 month ago
  69. aa529f7 BUG/MINOR: ssl: ocsp structure not freed properly in case of error by Remi Tricot-Le Breton · 2 years, 1 month ago
  70. 1621dc1 BUG/MINOR: ssl: Memory leak of AUTHORITY_KEYID struct when loading issuer by Remi Tricot-Le Breton · 2 years, 1 month ago
  71. a2c21db BUG/MINOR: ssl: Memory leak of DH BIGNUM fields by Remi Tricot-Le Breton · 2 years, 1 month ago
  72. 5de4951 MINOR: ssl: dump the SSL string error when SSL_CTX_use_PrivateKey() failed. by William Lallemand · 2 years, 1 month ago
  73. ba303de BUILD: ssl_sock: fix null dereference for QUIC build by Amaury Denoyelle · 2 years, 1 month ago
  74. 48e46f9 BUILD: ssl_sock: bind_conf uninitialized in ssl_sock_bind_verifycbk() by Frédéric Lécaille · 2 years, 1 month ago
  75. 92fa63f CLEANUP: quic: create a dedicated quic_conn module by Amaury Denoyelle · 2 years, 2 months ago
  76. 8522348 BUG/MAJOR: conn-idle: fix hash indexing issues on idle conns by Willy Tarreau · 2 years, 2 months ago
  77. a94bedc CLEANUP: quic,ssl: fix tiny typos in C comments by cui fliter · 2 years, 3 months ago
  78. 70a6e63 MINOR: quic: add QUIC support when no client_hello_cb by William Lallemand · 2 years, 3 months ago
  79. 4b7938d BUILD: ssl: fix the ifdef mess in ssl_sock_initial_ctx by William Lallemand · 2 years, 3 months ago
  80. 844009d BUILD: ssl: fix ssl_sock_switchtx_cbk when no client_hello_cb by William Lallemand · 2 years, 3 months ago
  81. 2be0ac5 BUG/MINOR: quic: Possible crash when verifying certificates by Frédéric Lécaille · 2 years, 3 months ago
  82. 6aec1f3 BUG/MINOR: quic: Possible crash with "tls-ticket-keys" on QUIC bind lines by Frédéric Lécaille · 2 years, 3 months ago
  83. 52f2ff5 BUG/MEDIUM: fix DH length when EC key is used by Ilya Shipitsin · 2 years, 4 months ago
  84. 27a3245 MEDIUM: fd: make fd_insert() take local thread masks by Willy Tarreau · 2 years, 5 months ago
  85. 9464bb1 MEDIUM: fd: add the tgid to the fd and pass it to fd_insert() by Willy Tarreau · 2 years, 5 months ago
  86. 7d392a5 BUG/MEDIUM: ssl/fd: unexpected fd close using async engine by Emeric Brun · 2 years, 5 months ago
  87. b8dec4a CLEANUP: pool/tree-wide: remove suffix "_pool" from certain pool names by Willy Tarreau · 2 years, 5 months ago
  88. 301425b MEDIUM: quic: Compatible version negotiation implementation (draft-08) by Frédéric Lécaille · 2 years, 6 months ago
  89. 748ece6 MINOR: quic: QUIC transport parameters split. by Frédéric Lécaille · 2 years, 6 months ago
  90. b52d4d2 CLEANUP: sslsock: remove only occurrence of local variable "cs" by Willy Tarreau · 2 years, 6 months ago
  91. cb086c6 REORG: stconn: rename conn_stream.{c,h} to stconn.{c,h} by Willy Tarreau · 2 years, 6 months ago
  92. 5edca2f REORG: rename cs_utils.h to sc_strm.h by Willy Tarreau · 2 years, 6 months ago
  93. d0a06d5 CLEANUP: applet: use applet_put*() everywhere possible by Willy Tarreau · 2 years, 6 months ago
  94. 7cb9e6c CLEANUP: stream: rename "csf" and "csb" to "scf" and "scb" by Willy Tarreau · 2 years, 6 months ago
  95. 4596fe2 CLEANUP: conn_stream: tree-wide rename to stconn (stream connector) by Willy Tarreau · 2 years, 6 months ago
  96. b605c42 CLEANUP: conn_stream: rename the stream endpoint flags CS_EP_* to SE_FL_* by Willy Tarreau · 2 years, 6 months ago
  97. 0cfcc40 CLEANUP: conn_stream: apply cs_endp_flags.cocci tree-wide by Willy Tarreau · 2 years, 6 months ago
  98. 1ea6e6a CLEANUP: listener: replace bind_conf->generate_cers with BC_O_GENERATE_CERTS by Willy Tarreau · 2 years, 6 months ago
  99. 11ba404 CLEANUP: listener: replace all uses of bind_conf->is_ssl with BC_O_USE_SSL by Willy Tarreau · 2 years, 6 months ago
  100. 1746a38 MINOR: ssl: Add 'ssl-provider' global option by Remi Tricot-Le Breton · 2 years, 7 months ago