Mercurial > hg > nginx

log src/event/ngx_event_openssl.c @ 7694:09fb2135a589

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
less more | (0) -120 tip
age author description
Mon, 10 Aug 2020 18:52:09 +0300 Maxim Dounin SSL: fixed shutdown handling.
Mon, 29 Jun 2020 17:15:51 +0300 Maxim Dounin SSL: fixed unexpected certificate requests (ticket #2008).
Wed, 03 Jun 2020 19:11:32 +0300 Maxim Dounin SSL: added verify callback to ngx_ssl_trusted_certificate().
Fri, 22 May 2020 17:30:12 +0300 Roman Arutyunyan SSL: client certificate validation with OCSP (ticket #1534).
Fri, 27 Dec 2019 19:43:01 +0300 Maxim Dounin SSL: reworked posted next events again.
Tue, 24 Dec 2019 17:24:59 +0300 Maxim Dounin SSL: reworked posted next events.
Thu, 17 Oct 2019 16:02:24 +0300 Maxim Dounin SSL: available bytes handling (ticket #1431).
Thu, 17 Oct 2019 16:02:13 +0300 Maxim Dounin SSL: improved ngx_ssl_recv_chain() to stop if c->read->ready is 0.
Fri, 16 Aug 2019 18:16:21 +0300 Maxim Dounin SSL: lowered log level for WSAECONNABORTED errors on Windows.
Mon, 11 Apr 2016 15:46:36 +0300 Sergey Kandaurov SSL: removed OpenSSL 0.9.7 compatibility.
Tue, 26 Mar 2019 09:33:57 +0300 Nikolay Morozov SSL: missing free calls in $ssl_client_s_dn and $ssl_client_i_dn.
Sat, 09 Mar 2019 03:03:56 +0300 Maxim Dounin SSL: support for parsing PEM certificates from memory.
Sat, 09 Mar 2019 02:55:43 +0300 Maxim Dounin SSL: removed redundant "pkey" variable.
Sun, 03 Mar 2019 16:49:02 +0300 Maxim Dounin SSL: use of the SSL_OP_NO_CLIENT_RENEGOTIATION option.
Sun, 03 Mar 2019 16:48:06 +0300 Maxim Dounin SSL: server name callback changed to return fatal errors.
Mon, 25 Feb 2019 16:42:54 +0300 Maxim Dounin SSL: adjusted session id context with dynamic certificates.
Mon, 25 Feb 2019 16:42:23 +0300 Maxim Dounin SSL: passwords support for dynamic certificate loading.
Mon, 25 Feb 2019 16:41:44 +0300 Maxim Dounin SSL: loading of connection-specific certificates.
Mon, 25 Feb 2019 16:41:28 +0300 Maxim Dounin SSL: reworked ngx_ssl_certificate().
Mon, 25 Feb 2019 16:41:15 +0300 Maxim Dounin SSL: removed logging of empty "(SSL:)" in ngx_ssl_error().
Thu, 07 Feb 2019 19:39:35 +0300 Sergey Kandaurov SSL: fixed EVP_DigestFinal_ex() error message.
Thu, 31 Jan 2019 19:36:51 +0300 Maxim Dounin SSL: separate checks for errors in ngx_ssl_read_password_file().
Thu, 31 Jan 2019 19:28:07 +0300 Ruslan Ermilov SSL: explicitly zero out session ticket keys.
Tue, 18 Dec 2018 15:15:15 +0300 Sergey Kandaurov SSL: avoid reading on pending SSL_write_early_data().
Tue, 23 Oct 2018 22:11:48 +0300 Maxim Dounin SSL: explicitly set maximum version (ticket #1654). stable-1.14
Tue, 07 Aug 2018 02:15:28 +0300 Maxim Dounin SSL: enabled TLSv1.3 with BoringSSL. stable-1.14
Tue, 25 Sep 2018 14:00:04 +0300 Maxim Dounin SSL: logging level of "no suitable signature algorithm". stable-1.14
Tue, 25 Sep 2018 13:59:53 +0300 Maxim Dounin SSL: logging level of "no suitable key share". stable-1.14
Mon, 16 Jul 2018 17:47:20 +0300 Maxim Dounin SSL: fixed SSL_clear_options() usage with OpenSSL 1.1.0+. stable-1.14
Mon, 16 Jul 2018 17:47:18 +0300 Maxim Dounin SSL: logging levels of "unsupported protocol", "version too low". stable-1.14
Thu, 05 Jul 2018 20:45:29 +0300 Maxim Dounin SSL: logging level of "https proxy request" errors. stable-1.14
Thu, 15 Nov 2018 21:28:02 +0300 Maxim Dounin Core: ngx_explicit_memzero().
Tue, 23 Oct 2018 22:11:48 +0300 Maxim Dounin SSL: explicitly set maximum version (ticket #1654).
Tue, 25 Sep 2018 14:07:59 +0300 Ruslan Ermilov SSL: fixed unlocked access to sess_id->len.
Tue, 25 Sep 2018 14:00:04 +0300 Maxim Dounin SSL: logging level of "no suitable signature algorithm".
Tue, 25 Sep 2018 13:59:53 +0300 Maxim Dounin SSL: logging level of "no suitable key share".
Fri, 21 Sep 2018 20:49:12 +0300 Sergey Kandaurov SSL: support for TLSv1.3 early data with OpenSSL.
Fri, 21 Sep 2018 20:31:32 +0300 Maxim Dounin SSL: disabled renegotiation checks with SSL_OP_NO_RENEGOTIATION.
Mon, 10 Sep 2018 18:57:39 +0300 Maxim Dounin SSL: restore handlers after blocking.
Mon, 10 Sep 2018 18:57:19 +0300 Maxim Dounin SSL: corrected SSL_ERROR_WANT_WRITE / SSL_ERROR_WANT_READ logging.
Tue, 07 Aug 2018 02:16:07 +0300 Maxim Dounin SSL: support for TLSv1.3 early data with BoringSSL.
Tue, 07 Aug 2018 02:15:28 +0300 Maxim Dounin SSL: enabled TLSv1.3 with BoringSSL.
Tue, 17 Jul 2018 12:53:23 +0300 Sergey Kandaurov SSL: save sessions for upstream peers using a callback function.
Mon, 16 Jul 2018 17:47:48 +0300 Maxim Dounin SSL: use of the SSL_OP_NO_RENEGOTIATION option (ticket #1376).
Mon, 16 Jul 2018 17:47:20 +0300 Maxim Dounin SSL: fixed SSL_clear_options() usage with OpenSSL 1.1.0+.
Mon, 16 Jul 2018 17:47:18 +0300 Maxim Dounin SSL: logging levels of "unsupported protocol", "version too low".
Thu, 05 Jul 2018 20:45:29 +0300 Maxim Dounin SSL: logging level of "https proxy request" errors.
Wed, 06 Jun 2018 13:31:05 +0300 Sergey Kandaurov SSL: removed extra prototype.
Tue, 22 Aug 2017 17:36:12 +0300 Maxim Dounin SSL: fixed possible use-after-free in $ssl_server_name.
Tue, 22 Aug 2017 15:18:10 +0300 Maxim Dounin SSL: the $ssl_client_escaped_cert variable (ticket #857).
Wed, 09 Aug 2017 15:03:27 +0300 Sergey Kandaurov Fixed calls to ngx_open_file() in certain places.
Wed, 09 Aug 2017 14:59:46 +0300 Sergey Kandaurov Style.
Tue, 25 Jul 2017 17:21:59 +0300 Sergey Kandaurov SSL: fixed typo in the error message.
Wed, 03 May 2017 15:15:56 +0300 Sergey Kandaurov SSL: allowed renegotiation in client mode with OpenSSL < 1.1.0.
Tue, 18 Apr 2017 16:08:46 +0300 Sergey Kandaurov SSL: compatibility with OpenSSL master branch.
Tue, 18 Apr 2017 16:08:44 +0300 Sergey Kandaurov SSL: disabled renegotiation detection in client mode.
Tue, 18 Apr 2017 15:12:38 +0300 Sergey Kandaurov SSL: added support for TLSv1.3 in ssl_protocols directive.
Mon, 06 Feb 2017 18:38:06 +0300 Sergey Kandaurov SSL: clear error queue after OPENSSL_init_ssl().
Fri, 23 Dec 2016 17:28:20 +0300 Maxim Dounin SSL: support AES256 encryption of tickets.
Thu, 15 Dec 2016 19:00:23 +0300 Maxim Dounin SSL: backed out changeset e7cb5deb951d, reimplemented properly.
Tue, 13 Dec 2016 14:19:30 -0800 Piotr Sikora SSL: fix call to BIO_get_mem_data().
Mon, 05 Dec 2016 22:23:23 +0300 Maxim Dounin SSL: $ssl_curves (ticket #1088).
Mon, 05 Dec 2016 22:23:23 +0300 Maxim Dounin SSL: $ssl_ciphers (ticket #870).
Mon, 05 Dec 2016 22:23:23 +0300 Maxim Dounin SSL: $ssl_client_v_start, $ssl_client_v_end, $ssl_client_v_remain.
Mon, 05 Dec 2016 22:23:22 +0300 Maxim Dounin SSL: $ssl_client_verify extended with a failure reason.
Mon, 05 Dec 2016 22:23:22 +0300 Maxim Dounin OCSP stapling: added certificate name to warnings.
Fri, 21 Oct 2016 16:28:39 +0300 Dmitry Volyntsev SSL: RFC2253 compliant $ssl_client_s_dn and $ssl_client_i_dn.
Tue, 18 Oct 2016 20:46:06 +0300 Valentin Bartenev SSL: overcame possible buffer over-read in ngx_ssl_error().
Tue, 18 Oct 2016 17:25:38 +0300 Maxim Dounin SSL: default DH parameters compatible with OpenSSL 1.1.0. stable-1.10
Mon, 22 Aug 2016 18:53:21 +0300 Sergey Kandaurov SSL: adopted session ticket handling for OpenSSL 1.1.0. stable-1.10
Mon, 08 Aug 2016 13:44:49 +0300 Sergey Kandaurov SSL: guarded SSL_R_NO_CIPHERS_PASSED not present in OpenSSL 1.1.0. stable-1.10
Tue, 04 Oct 2016 17:26:45 +0300 Maxim Dounin SSL: use X509_check_host() with LibreSSL.
Tue, 20 Sep 2016 15:07:16 +0300 Valentin Bartenev Fixed log levels of configuration parsing errors.
Mon, 12 Sep 2016 18:57:42 +0300 Sergey Kandaurov SSL: improved session ticket callback error handling.
Mon, 12 Sep 2016 18:57:42 +0300 Sergey Kandaurov SSL: factored out digest and cipher in session ticket callback.
Mon, 22 Aug 2016 18:53:21 +0300 Sergey Kandaurov SSL: adopted session ticket handling for OpenSSL 1.1.0.
Thu, 18 Aug 2016 14:49:48 -0700 Piotr Sikora SSL: remove no longer needed workaround for BoringSSL.
Mon, 08 Aug 2016 13:44:49 +0300 Sergey Kandaurov SSL: guarded SSL_R_NO_CIPHERS_PASSED not present in OpenSSL 1.1.0.
Wed, 15 Jun 2016 21:05:30 +0100 Tim Taubert SSL: ngx_ssl_ciphers() to set list of ciphers.
Thu, 19 May 2016 14:46:32 +0300 Maxim Dounin SSL: removed default DH parameters.
Thu, 19 May 2016 14:46:32 +0300 Maxim Dounin SSL: support for multiple curves (ticket #885).
Thu, 19 May 2016 14:46:32 +0300 Maxim Dounin SSL: style.
Thu, 19 May 2016 14:46:32 +0300 Maxim Dounin SSL: error messages style.
Thu, 19 May 2016 14:46:32 +0300 Maxim Dounin SSL: support for multiple certificates (ticket #814).
Thu, 19 May 2016 14:46:32 +0300 Maxim Dounin SSL: support for per-certificate chains.
Thu, 19 May 2016 14:46:32 +0300 Maxim Dounin SSL: made it possible to iterate though all certificates.
Thu, 19 May 2016 14:46:32 +0300 Maxim Dounin OCSP stapling: staple now stored in certificate, not SSL context.
Thu, 31 Mar 2016 23:38:36 +0300 Sergey Kandaurov SSL: EVP_MD_CTX was made opaque in OpenSSL 1.1.0.
Thu, 31 Mar 2016 23:38:34 +0300 Maxim Dounin SSL: RSA_generate_key() is deprecated in OpenSSL 1.1.0.
Thu, 31 Mar 2016 23:38:33 +0300 Maxim Dounin SSL: initialization changes for OpenSSL 1.1.0.
Thu, 31 Mar 2016 23:38:32 +0300 Maxim Dounin SSL: get_session callback changed in OpenSSL 1.1.0.
Thu, 31 Mar 2016 23:38:31 +0300 Maxim Dounin SSL: guarded error codes not present in OpenSSL 1.1.0.
Thu, 31 Mar 2016 23:38:29 +0300 Maxim Dounin SSL: reasonable version for LibreSSL.
Thu, 31 Mar 2016 02:33:57 +0300 Sergey Kandaurov Fixed logging.
Wed, 30 Mar 2016 11:52:16 +0300 Ruslan Ermilov Style.
Fri, 19 Feb 2016 17:27:30 +0300 Maxim Dounin SSL: avoid calling SSL_shutdown() during handshake (ticket #901).
Fri, 19 Feb 2016 17:27:23 +0300 Maxim Dounin SSL: fixed SSL_shutdown() comment.
Mon, 19 Oct 2015 21:22:38 +0300 Maxim Dounin SSL: preserve default server context in connection (ticket #235). stable-1.8
Mon, 19 Oct 2015 21:22:38 +0300 Maxim Dounin SSL: preserve default server context in connection (ticket #235).
Wed, 07 Oct 2015 22:19:42 +0300 Vladimir Homutov SSL: handled long string truncation in ngx_ssl_error().
Thu, 24 Sep 2015 17:19:08 +0300 Maxim Dounin SSL: compatibility with OpenSSL master branch.
Mon, 17 Nov 2014 16:38:48 +0300 Maxim Dounin SSL: logging level of "inappropriate fallback" (ticket #662). stable-1.6
Mon, 23 Mar 2015 02:42:35 +0300 Maxim Dounin SSL: use of SSL_MODE_NO_AUTO_CHAIN.
Mon, 23 Mar 2015 02:42:32 +0300 Maxim Dounin SSL: clear protocol options.
Tue, 24 Feb 2015 23:52:47 +0300 Ruslan Ermilov SSL: account sent bytes in ngx_ssl_write().
Wed, 17 Dec 2014 15:12:50 +0100 Lukas Tribus SSL: safeguard use of SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS.
Mon, 04 Aug 2014 11:03:20 +0400 Dmitrii Pichulin SSL: loading certificate keys via ENGINE_load_private_key().
Mon, 17 Nov 2014 16:38:48 +0300 Maxim Dounin SSL: logging level of "inappropriate fallback" (ticket #662).
Fri, 24 Oct 2014 04:28:00 -0700 Sergey Kandaurov SSL: simplified ssl_password_file error handling.
Tue, 28 Oct 2014 12:29:58 +0300 Roman Arutyunyan Core: added limit to recv_chain().
Mon, 15 Sep 2014 17:59:47 +0400 Maxim Dounin SSL: session id context now includes certificate hash. stable-1.6
Mon, 15 Sep 2014 17:59:47 +0400 Maxim Dounin SSL: session id context now includes certificate hash.
Wed, 03 Sep 2014 14:49:55 -0700 Piotr Sikora SSL: guard use of all SSL options for bug workarounds.
Wed, 30 Jul 2014 04:32:16 -0700 Piotr Sikora SSL: let it build against LibreSSL.
Wed, 30 Jul 2014 04:32:15 -0700 Piotr Sikora SSL: let it build against BoringSSL.
Mon, 28 Jul 2014 12:27:57 -0700 Piotr Sikora SSL: fix build with OPENSSL_NO_ENGINE and/or OPENSSL_NO_OCSP.
Mon, 28 Jul 2014 18:30:18 +0400 Maxim Dounin SSL: misplaced space in debug message.
Wed, 09 Jul 2014 12:27:15 -0700 Piotr Sikora SSL: fix build with recent OpenSSL.
Tue, 08 Jul 2014 03:03:14 -0700 Piotr Sikora Style: use ngx_memcpy() instead of memcpy().
Sun, 06 Jul 2014 16:41:14 -0700 Piotr Sikora SSL: stop accessing SSL_SESSION's fields directly.
less more | (0) -120 tip