aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAge
* set srp username to empty string. Solves ↵Gravatar Nikos Mavrogiannopoulos 2009-06-30
| | | | http://issues.outoforder.cc/view.php?id=92
* Try to avoid bug http://issues.outoforder.cc/view.php?id=102Gravatar Nikos Mavrogiannopoulos 2009-06-30
|
* Allow openpgp certificates that have infinite expiration time. Suggestion by ↵Gravatar Nikos Mavrogiannopoulos 2009-06-30
| | | | MattLoar at http://issues.outoforder.cc/view.php?id=96.
* Applied patch to allow building with Apache 2.4. Patch by Arfrever Frehtes ↵Gravatar Nikos Mavrogiannopoulos 2009-06-30
| | | | Taifersar Arahesis <arfrever.fta@gmail.com>.
* do not try to send empty packs using TLS. This this has a special meaning ↵Gravatar Nikos Mavrogiannopoulos 2009-06-13
| | | | and could result in clients closing connections.
* if private key import fails try as pkcs8 key.Gravatar Nikos Mavrogiannopoulos 2009-05-21
|
* removed limit on ca certificates' numberGravatar Nikos Mavrogiannopoulos 2009-01-24
|
* Added patch to fix issue with mod_proxy. Investigation and patch by Alain Knaff.Gravatar Nikos Mavrogiannopoulos 2009-01-04
| | | | | | | | | | | | | It seems that the reason for this behavior is that the mgs_hook_pre_connection is being called both for incoming and outgoing (mod_proxy) connections. The attached patch (mod_proxy.patch) tries to find out in which case we are, and returns OK without doing anything if it is an outgoing connection. The method of telling both cases apart (namely, checking whether remote address' hostname is set) may seem somewhat hackish, but it does work, even if HostnameLookups is set to On. If ever there is a problem with this method, we might need to check local port instead (whether it is 443), but that would break if a non-standard https port was used.
* APLOG_EMERG was replaced with APLOG_STARTUP for startup messages.Gravatar Nikos Mavrogiannopoulos 2008-11-02
|
* increased max handshake triesGravatar Nikos Mavrogiannopoulos 2008-10-16
|
* Allow openpgp-only sitesGravatar Nikos Mavrogiannopoulos 2008-10-01
|
* better loggingGravatar Nikos Mavrogiannopoulos 2008-10-01
|
* updated README file to account for openpgp keys --patch by Jack BatesGravatar Nikos Mavrogiannopoulos 2008-10-01
|
* use memmove instead of memcpy because buffers might overlap. Gravatar Nikos Mavrogiannopoulos 2008-09-14
|
* added check for invalid contextGravatar Nikos Mavrogiannopoulos 2008-09-14
|
* depend on main libgnutls library (and gnutls 2.4.x)Gravatar Nikos Mavrogiannopoulos 2008-06-29
|
* send database store failure as DEBUGGravatar Nikos Mavrogiannopoulos 2008-03-05
|
* corrected SRP enable flag, and corrected the DBM hook support. It now free ↵Gravatar Nikos Mavrogiannopoulos 2008-03-03
| | | | data needed by some DBM providers.
* added option to disable srp (for distributions that disable it in gnutls)Gravatar Nikos Mavrogiannopoulos 2008-02-20
|
* prepare for an alpha releaseGravatar Nikos Mavrogiannopoulos 2008-01-24
|
* (no commit message)Gravatar Nikos Mavrogiannopoulos 2007-12-16
|
* more changes for openpgp support. Seems to be at a workable state.Gravatar Nikos Mavrogiannopoulos 2007-12-16
|
* print error if preconfiguration failsGravatar Nikos Mavrogiannopoulos 2007-12-15
|
* Initial support for openpgp keysGravatar Nikos Mavrogiannopoulos 2007-12-15
|
* (no commit message)Gravatar Nikos Mavrogiannopoulos 2007-12-10
|
* (no commit message)Gravatar Nikos Mavrogiannopoulos 2007-12-10
|
* (no commit message)Gravatar Nikos Mavrogiannopoulos 2007-12-09
|
* Do not allow resuming sessions on different servers.Gravatar Nikos Mavrogiannopoulos 2007-12-09
|
* Corrected bug which did not allow the TLS session cache to be used.Gravatar Nikos Mavrogiannopoulos 2007-12-09
|
* Added support for sending more than one certificate.Gravatar Nikos Mavrogiannopoulos 2007-12-08
|
* added more error checks.Gravatar Nikos Mavrogiannopoulos 2007-12-03
|
* better handling of RSAFile and DHFileGravatar Nikos Mavrogiannopoulos 2007-12-03
|
* report the missing GnuTLSPriorities for the gnutls enabled hosts only.Gravatar Nikos Mavrogiannopoulos 2007-12-02
|
* No more defaults for dhparams, rsaparams. Check for GnuTLSPriorities.Gravatar Nikos Mavrogiannopoulos 2007-12-02
|
* The compatibility mode can now be enabled only using the GnuTLSPriorities ↵Gravatar Nikos Mavrogiannopoulos 2007-12-02
| | | | string.
* (no commit message)Gravatar Nikos Mavrogiannopoulos 2007-12-02
|
* added SSL_SERVER/CLIENT_S_TYPEGravatar Nikos Mavrogiannopoulos 2007-12-02
|
* export the alternative names of the certificateGravatar Nikos Mavrogiannopoulos 2007-12-02
|
* added SSL_SERVER_M_SERIAL environment variableGravatar Nikos Mavrogiannopoulos 2007-12-02
|
* more fixes for subject alternative name.Gravatar Nikos Mavrogiannopoulos 2007-12-02
|
* some fixes in alternative name supportGravatar Nikos Mavrogiannopoulos 2007-12-02
|
* Added support for subject alternative names. (untested)Gravatar Nikos Mavrogiannopoulos 2007-12-01
|
* upgraded to 0.4.0Gravatar Nikos Mavrogiannopoulos 2007-11-28
|
* Put a limit on the number of times we try to handshake.Gravatar Paul Querna 2005-09-25
|
* start the CA Certificate code.Gravatar Paul Querna 2005-05-24
|
* - add lua to do client verificationGravatar Paul Querna 2005-05-17
| | | | | - only use gcrypt locking when required to
* Refactor finding the correct server record to fix resumed sessions.0.2.00.2.xGravatar Paul Querna 2005-04-25
|
* apr_table_setn doesn't copy the data. oops.Gravatar Paul Querna 2005-04-24
|
* We already have a Certificate, use it directly. With SNI, GnuTLS doesn't ↵Gravatar Paul Querna 2005-04-24
| | | | properly update it's internal state. ick.
* if there aren't any certs.. still set something.Gravatar Paul Querna 2005-04-24
|