Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | do not try to send empty packs using TLS. This this has a special meaning ↵ | Nokis Mavrogiannopoulos | 2009-06-13 |
| | | | | and could result in clients closing connections. | ||
* | if private key import fails try as pkcs8 key. | Nokis Mavrogiannopoulos | 2009-05-21 |
| | |||
* | removed limit on ca certificates' number | Nokis Mavrogiannopoulos | 2009-01-24 |
| | |||
* | Added patch to fix issue with mod_proxy. Investigation and patch by Alain Knaff. | Nokis Mavrogiannopoulos | 2009-01-04 |
| | | | | | | | | | | | | | It seems that the reason for this behavior is that the mgs_hook_pre_connection is being called both for incoming and outgoing (mod_proxy) connections. The attached patch (mod_proxy.patch) tries to find out in which case we are, and returns OK without doing anything if it is an outgoing connection. The method of telling both cases apart (namely, checking whether remote address' hostname is set) may seem somewhat hackish, but it does work, even if HostnameLookups is set to On. If ever there is a problem with this method, we might need to check local port instead (whether it is 443), but that would break if a non-standard https port was used. | ||
* | APLOG_EMERG was replaced with APLOG_STARTUP for startup messages. | Nokis Mavrogiannopoulos | 2008-11-02 |
| | |||
* | increased max handshake tries | Nokis Mavrogiannopoulos | 2008-10-16 |
| | |||
* | Allow openpgp-only sites | Nokis Mavrogiannopoulos | 2008-10-01 |
| | |||
* | better logging | Nokis Mavrogiannopoulos | 2008-10-01 |
| | |||
* | updated README file to account for openpgp keys --patch by Jack Bates | Nokis Mavrogiannopoulos | 2008-10-01 |
| | |||
* | use memmove instead of memcpy because buffers might overlap. | Nokis Mavrogiannopoulos | 2008-09-14 |
| | |||
* | added check for invalid context | Nokis Mavrogiannopoulos | 2008-09-14 |
| | |||
* | depend on main libgnutls library (and gnutls 2.4.x) | Nokis Mavrogiannopoulos | 2008-06-29 |
| | |||
* | send database store failure as DEBUG | Nokis Mavrogiannopoulos | 2008-03-05 |
| | |||
* | corrected SRP enable flag, and corrected the DBM hook support. It now free ↵ | Nokis Mavrogiannopoulos | 2008-03-03 |
| | | | | data needed by some DBM providers. | ||
* | added option to disable srp (for distributions that disable it in gnutls) | Nokis Mavrogiannopoulos | 2008-02-20 |
| | |||
* | prepare for an alpha release | Nokis Mavrogiannopoulos | 2008-01-24 |
| | |||
* | (no commit message) | Nokis Mavrogiannopoulos | 2007-12-16 |
| | |||
* | more changes for openpgp support. Seems to be at a workable state. | Nokis Mavrogiannopoulos | 2007-12-16 |
| | |||
* | print error if preconfiguration fails | Nokis Mavrogiannopoulos | 2007-12-15 |
| | |||
* | Initial support for openpgp keys | Nokis Mavrogiannopoulos | 2007-12-15 |
| | |||
* | (no commit message) | Nokis Mavrogiannopoulos | 2007-12-10 |
| | |||
* | (no commit message) | Nokis Mavrogiannopoulos | 2007-12-10 |
| | |||
* | (no commit message) | Nokis Mavrogiannopoulos | 2007-12-09 |
| | |||
* | Do not allow resuming sessions on different servers. | Nokis Mavrogiannopoulos | 2007-12-09 |
| | |||
* | Corrected bug which did not allow the TLS session cache to be used. | Nokis Mavrogiannopoulos | 2007-12-09 |
| | |||
* | Added support for sending more than one certificate. | Nokis Mavrogiannopoulos | 2007-12-08 |
| | |||
* | added more error checks. | Nokis Mavrogiannopoulos | 2007-12-03 |
| | |||
* | better handling of RSAFile and DHFile | Nokis Mavrogiannopoulos | 2007-12-03 |
| | |||
* | report the missing GnuTLSPriorities for the gnutls enabled hosts only. | Nokis Mavrogiannopoulos | 2007-12-02 |
| | |||
* | No more defaults for dhparams, rsaparams. Check for GnuTLSPriorities. | Nokis Mavrogiannopoulos | 2007-12-02 |
| | |||
* | The compatibility mode can now be enabled only using the GnuTLSPriorities ↵ | Nokis Mavrogiannopoulos | 2007-12-02 |
| | | | | string. | ||
* | (no commit message) | Nokis Mavrogiannopoulos | 2007-12-02 |
| | |||
* | added SSL_SERVER/CLIENT_S_TYPE | Nokis Mavrogiannopoulos | 2007-12-02 |
| | |||
* | export the alternative names of the certificate | Nokis Mavrogiannopoulos | 2007-12-02 |
| | |||
* | added SSL_SERVER_M_SERIAL environment variable | Nokis Mavrogiannopoulos | 2007-12-02 |
| | |||
* | more fixes for subject alternative name. | Nokis Mavrogiannopoulos | 2007-12-02 |
| | |||
* | some fixes in alternative name support | Nokis Mavrogiannopoulos | 2007-12-02 |
| | |||
* | Added support for subject alternative names. (untested) | Nokis Mavrogiannopoulos | 2007-12-01 |
| | |||
* | upgraded to 0.4.00.4.0 | Nokis Mavrogiannopoulos | 2007-11-28 |
| | |||
* | Put a limit on the number of times we try to handshake. | Paul Querna | 2005-09-25 |
| | |||
* | start the CA Certificate code. | Paul Querna | 2005-05-24 |
| | |||
* | - add lua to do client verification | Paul Querna | 2005-05-17 |
| | | | | | - only use gcrypt locking when required to | ||
* | Refactor finding the correct server record to fix resumed sessions.0.2.00.2.x | Paul Querna | 2005-04-25 |
| | |||
* | apr_table_setn doesn't copy the data. oops. | Paul Querna | 2005-04-24 |
| | |||
* | We already have a Certificate, use it directly. With SNI, GnuTLS doesn't ↵ | Paul Querna | 2005-04-24 |
| | | | | properly update it's internal state. ick. | ||
* | if there aren't any certs.. still set something. | Paul Querna | 2005-04-24 |
| | |||
* | add SSL_SERVER_S_DN and SSL_SERVER_I_DN | Paul Querna | 2005-04-24 |
| | |||
* | - move hooks to gnutls_hooks.c | Paul Querna | 2005-04-24 |
| | | | | | - use 'mgs_' as the prefix for all symbols, instead of mixed prefixes. | ||
* | move config functions to their own file. | Paul Querna | 2005-04-24 |
| | |||
* | - remove more debug logging. | Paul Querna | 2005-04-22 |
| | | | | | - fix a crash by changing the certificate structure *after* starting the handshake. |