| Tue, 18 Aug 2020 16:22:00 +0300 |
Roman Arutyunyan |
Merged with the default branch.
quic
|
| Wed, 22 Jul 2020 13:34:48 +0300 |
Roman Arutyunyan |
SSL: fixed compilation without QUIC after 0d2b2664b41c.
quic
|
| Mon, 13 Jul 2020 15:34:22 +0300 |
Sergey Kandaurov |
Merged with the default branch.
quic
|
| Tue, 26 May 2020 20:26:44 +0300 |
Sergey Kandaurov |
Merged with the default branch.
quic
|
| Mon, 23 Mar 2020 20:48:34 +0300 |
Sergey Kandaurov |
Fixed client certificate verification.
quic
|
| Wed, 18 Mar 2020 16:37:16 +0300 |
Roman Arutyunyan |
Moved setting QUIC methods to runtime.
quic
|
| Fri, 28 Feb 2020 16:23:25 +0300 |
Vladimir Homutov |
Moved all QUIC code into ngx_event_quic.c
quic
|
| Fri, 28 Feb 2020 13:09:52 +0300 |
Sergey Kandaurov |
Introduced quic_version macro, uint16/uint32 routines ported.
quic
|
| Fri, 28 Feb 2020 13:09:52 +0300 |
Sergey Kandaurov |
Cleanup.
quic
|
| Wed, 26 Feb 2020 16:56:47 +0300 |
Vladimir Homutov |
Generic function for HKDF expansion.
quic
|
| Fri, 28 Feb 2020 13:09:52 +0300 |
Sergey Kandaurov |
QUIC header protection routines, introduced ngx_quic_tls_hp().
quic
|
| Fri, 28 Feb 2020 13:09:52 +0300 |
Sergey Kandaurov |
AEAD routines, introduced ngx_quic_tls_open()/ngx_quic_tls_seal().
quic
|
| Fri, 28 Feb 2020 13:09:52 +0300 |
Sergey Kandaurov |
Introduced ngx_quic_secret_t.
quic
|
| Fri, 28 Feb 2020 13:09:52 +0300 |
Sergey Kandaurov |
QUIC handshake handler, draft 24 bump.
quic
|
| Fri, 28 Feb 2020 13:09:52 +0300 |
Sergey Kandaurov |
PN-aware AEAD nonce, feeding proper CRYPTO length.
quic
|
| Fri, 28 Feb 2020 13:09:51 +0300 |
Sergey Kandaurov |
OpenSSL compatibility.
quic
|
| Fri, 28 Feb 2020 13:09:51 +0300 |
Sergey Kandaurov |
QUIC add_handshake_data callback, varint routines.
quic
|
| Fri, 28 Feb 2020 13:09:51 +0300 |
Sergey Kandaurov |
QUIC set_encryption_secrets callback.
quic
|
| Fri, 28 Feb 2020 13:09:51 +0300 |
Sergey Kandaurov |
Initial QUIC support in http.
quic
|
| Wed, 08 Mar 2023 22:22:47 +0300 |
Maxim Dounin |
SSL: logging levels of errors observed with BoringSSL.
|
| Wed, 08 Mar 2023 22:22:34 +0300 |
Maxim Dounin |
SSL: logging levels of errors observed with tlsfuzzer and LibreSSL.
|
| Wed, 08 Mar 2023 22:21:59 +0300 |
Maxim Dounin |
SSL: logging levels of various errors reported with tlsfuzzer.
|
| Wed, 08 Mar 2023 22:21:53 +0300 |
Maxim Dounin |
SSL: switched to detect log level based on the last error.
|
| Thu, 01 Dec 2022 04:22:31 +0300 |
Maxim Dounin |
SSL: fixed ngx_ssl_recv() to reset c->read->ready after errors.
|
| Thu, 24 Nov 2022 23:08:30 +0400 |
Sergey Kandaurov |
SSL: fixed debug logging of SSL_sendfile() return value.
|
| Thu, 13 Oct 2022 16:18:56 +0400 |
Sergey Kandaurov |
SSL: removed cast not needed after 5ffd76a9ccf3.
|
| Wed, 12 Oct 2022 20:14:57 +0300 |
Maxim Dounin |
SSL: workaround for session timeout handling with TLSv1.3.
|
| Wed, 12 Oct 2022 20:14:55 +0300 |
Maxim Dounin |
SSL: optimized rotation of session ticket keys.
|
| Wed, 12 Oct 2022 20:14:53 +0300 |
Maxim Dounin |
SSL: automatic rotation of session ticket keys.
|
| Wed, 12 Oct 2022 20:14:51 +0300 |
Maxim Dounin |
SSL: shorter debug messages about session tickets.
|
| Wed, 12 Oct 2022 20:14:49 +0300 |
Maxim Dounin |
SSL: renamed session ticket key functions and data index.
|
| Wed, 12 Oct 2022 20:14:47 +0300 |
Maxim Dounin |
SSL: renamed session ticket key type.
|
| Wed, 12 Oct 2022 20:14:43 +0300 |
Maxim Dounin |
SSL: explicit clearing of expired sessions.
|
| Wed, 12 Oct 2022 20:14:40 +0300 |
Maxim Dounin |
SSL: single allocation in session cache on 32-bit platforms.
|
| Wed, 12 Oct 2022 20:14:39 +0300 |
Maxim Dounin |
SSL: explicit session id length checking.
|
| Wed, 12 Oct 2022 20:14:37 +0300 |
Maxim Dounin |
SSL: updated comment about session sizes.
|
| Wed, 12 Oct 2022 20:14:36 +0300 |
Maxim Dounin |
SSL: reduced logging of session cache failures (ticket #621).
|
| Wed, 12 Oct 2022 20:14:34 +0300 |
Maxim Dounin |
SSL: disabled saving tickets to session cache.
|
| Thu, 08 Sep 2022 13:53:49 +0400 |
Sergey Kandaurov |
SSL: silenced GCC warnings when building with BoringSSL.
|
| Wed, 07 Sep 2022 00:47:17 +0300 |
Maxim Dounin |
Win32: fixed build on Windows with OpenSSL 3.0.x (ticket #2379).
|
| Wed, 07 Sep 2022 00:44:10 +0300 |
Maxim Dounin |
SSL: fixed incorrect usage of #if instead of #ifdef.
|
| Tue, 09 Aug 2022 17:13:46 -0300 |
Murilo Andrade |
SSL: logging level of "bad record type" errors.
|
| Tue, 12 Jul 2022 15:55:22 +0300 |
Maxim Dounin |
SSL: logging levels of various errors added in OpenSSL 1.1.1.
|
| Tue, 08 Feb 2022 17:35:27 +0300 |
Sergey Kandaurov |
SSL: logging level of "application data after close notify".
|
| Mon, 24 Jan 2022 17:18:50 +0300 |
Maxim Dounin |
SSL: always renewing tickets with TLSv1.3 (ticket #1892).
|
| Mon, 17 Jan 2022 17:05:12 +0300 |
Sergey Kandaurov |
SSL: free pkey on SSL_CTX_set0_tmp_dh_pkey() failure.
|
| Mon, 27 Dec 2021 19:49:26 +0300 |
Maxim Dounin |
Support for sendfile(SF_NOCACHE).
|
| Mon, 27 Dec 2021 19:48:42 +0300 |
Maxim Dounin |
SSL: SSL_sendfile(SF_NODISKIO) support.
|
| Mon, 01 Nov 2021 18:09:34 +0300 |
Sergey Kandaurov |
SSL: $ssl_curve (ticket #2135).
|
| Thu, 21 Oct 2021 18:44:07 +0300 |
Maxim Dounin |
SSL: SSL_sendfile() support with kernel TLS.
|
| Thu, 21 Oct 2021 18:43:13 +0300 |
Maxim Dounin |
Style: added missing "static" specifiers.
|
| Tue, 19 Oct 2021 12:19:59 +0300 |
Vladimir Homutov |
Stream: the "ssl_alpn" directive.
|
| Thu, 14 Oct 2021 11:46:23 +0300 |
Vladimir Homutov |
SSL: added $ssl_alpn_protocol variable.
|
| Tue, 10 Aug 2021 23:43:17 +0300 |
Sergey Kandaurov |
SSL: removed use of the SSL_OP_MSIE_SSLV2_RSA_PADDING option.
|
| Tue, 10 Aug 2021 23:43:17 +0300 |
Sergey Kandaurov |
SSL: removed export ciphers support.
|
| Tue, 10 Aug 2021 23:43:17 +0300 |
Sergey Kandaurov |
SSL: use of the SSL_OP_IGNORE_UNEXPECTED_EOF option.
|
| Tue, 10 Aug 2021 23:43:16 +0300 |
Sergey Kandaurov |
SSL: ERR_peek_error_line_data() compatibility with OpenSSL 3.0.
|
| Tue, 10 Aug 2021 23:43:16 +0300 |
Sergey Kandaurov |
SSL: using SSL_CTX_set0_tmp_dh_pkey() with OpenSSL 3.0 in dhparam.
|
| Tue, 10 Aug 2021 23:42:59 +0300 |
Sergey Kandaurov |
SSL: RSA data type is deprecated in OpenSSL 3.0.
|
| Wed, 04 Aug 2021 21:27:51 +0300 |
Sergey Kandaurov |
SSL: SSL_CTX_set_tmp_dh() error handling.
|
| Tue, 03 Aug 2021 20:50:30 +0300 |
Maxim Dounin |
SSL: set events ready flags after handshake.
|
| Tue, 01 Jun 2021 17:37:51 +0300 |
Maxim Dounin |
Fixed SSL logging with lingering close.
|
| Tue, 01 Jun 2021 17:37:49 +0300 |
Maxim Dounin |
SSL: ngx_ssl_shutdown() rework.
|
| Sat, 20 Feb 2021 18:03:04 +0300 |
Maxim Dounin |
SSL: added check for debugging.
|
| Sat, 20 Feb 2021 18:02:54 +0300 |
Maxim Dounin |
SSL: added missed error reporting during variables evaluation.
|
| Sat, 20 Feb 2021 18:02:49 +0300 |
Maxim Dounin |
SSL: X509_NAME_oneline() error handling.
|
| Tue, 08 Dec 2020 01:43:36 +0300 |
Ruslan Ermilov |
SSL: fixed SSL shutdown on lingering close.
|
| Wed, 28 Oct 2020 10:56:11 +0300 |
Vladimir Homutov |
Core: added format specifiers to output binary data as hex.
|
| Thu, 22 Oct 2020 18:02:28 +0300 |
Maxim Dounin |
SSL: ssl_reject_handshake directive (ticket #195).
|
| Thu, 22 Oct 2020 18:00:22 +0300 |
Maxim Dounin |
SSL: ssl_conf_command directive.
|
| Wed, 16 Sep 2020 18:26:25 +0300 |
Maxim Dounin |
SSL: disabled shutdown when there are buffered data.
|
| Wed, 16 Sep 2020 18:26:24 +0300 |
Maxim Dounin |
SSL: disabled shutdown after connection errors.
|
| Wed, 16 Sep 2020 18:26:23 +0300 |
Maxim Dounin |
SSL: fixed event handling during shutdown.
|
| Wed, 16 Sep 2020 18:26:22 +0300 |
Maxim Dounin |
SSL: workaround for incorrect SSL_write() errors in OpenSSL 1.1.1.
|
| Mon, 10 Aug 2020 18:52:09 +0300 |
Maxim Dounin |
SSL: fixed shutdown handling.
|
| Mon, 29 Jun 2020 17:15:51 +0300 |
Maxim Dounin |
SSL: fixed unexpected certificate requests (ticket #2008).
|
| Wed, 03 Jun 2020 19:11:32 +0300 |
Maxim Dounin |
SSL: added verify callback to ngx_ssl_trusted_certificate().
|
| Fri, 22 May 2020 17:30:12 +0300 |
Roman Arutyunyan |
SSL: client certificate validation with OCSP (ticket #1534).
|
| Fri, 27 Dec 2019 19:43:01 +0300 |
Maxim Dounin |
SSL: reworked posted next events again.
|
| Tue, 24 Dec 2019 17:24:59 +0300 |
Maxim Dounin |
SSL: reworked posted next events.
|
| Thu, 17 Oct 2019 16:02:24 +0300 |
Maxim Dounin |
SSL: available bytes handling (ticket #1431).
|
| Thu, 17 Oct 2019 16:02:13 +0300 |
Maxim Dounin |
SSL: improved ngx_ssl_recv_chain() to stop if c->read->ready is 0.
|
| Fri, 16 Aug 2019 18:16:21 +0300 |
Maxim Dounin |
SSL: lowered log level for WSAECONNABORTED errors on Windows.
|
| Mon, 11 Apr 2016 15:46:36 +0300 |
Sergey Kandaurov |
SSL: removed OpenSSL 0.9.7 compatibility.
|
| Tue, 26 Mar 2019 09:33:57 +0300 |
Nikolay Morozov |
SSL: missing free calls in $ssl_client_s_dn and $ssl_client_i_dn.
|
| Sat, 09 Mar 2019 03:03:56 +0300 |
Maxim Dounin |
SSL: support for parsing PEM certificates from memory.
|
| Sat, 09 Mar 2019 02:55:43 +0300 |
Maxim Dounin |
SSL: removed redundant "pkey" variable.
|
| Sun, 03 Mar 2019 16:49:02 +0300 |
Maxim Dounin |
SSL: use of the SSL_OP_NO_CLIENT_RENEGOTIATION option.
|
| Sun, 03 Mar 2019 16:48:06 +0300 |
Maxim Dounin |
SSL: server name callback changed to return fatal errors.
|
| Mon, 25 Feb 2019 16:42:54 +0300 |
Maxim Dounin |
SSL: adjusted session id context with dynamic certificates.
|
| Mon, 25 Feb 2019 16:42:23 +0300 |
Maxim Dounin |
SSL: passwords support for dynamic certificate loading.
|
| Mon, 25 Feb 2019 16:41:44 +0300 |
Maxim Dounin |
SSL: loading of connection-specific certificates.
|
| Mon, 25 Feb 2019 16:41:28 +0300 |
Maxim Dounin |
SSL: reworked ngx_ssl_certificate().
|
| Mon, 25 Feb 2019 16:41:15 +0300 |
Maxim Dounin |
SSL: removed logging of empty "(SSL:)" in ngx_ssl_error().
|
| Thu, 07 Feb 2019 19:39:35 +0300 |
Sergey Kandaurov |
SSL: fixed EVP_DigestFinal_ex() error message.
|
| Thu, 31 Jan 2019 19:36:51 +0300 |
Maxim Dounin |
SSL: separate checks for errors in ngx_ssl_read_password_file().
|
| Thu, 31 Jan 2019 19:28:07 +0300 |
Ruslan Ermilov |
SSL: explicitly zero out session ticket keys.
|
| Tue, 18 Dec 2018 15:15:15 +0300 |
Sergey Kandaurov |
SSL: avoid reading on pending SSL_write_early_data().
|
| Tue, 23 Oct 2018 22:11:48 +0300 |
Maxim Dounin |
SSL: explicitly set maximum version (ticket #1654).
stable-1.14
|
| Tue, 07 Aug 2018 02:15:28 +0300 |
Maxim Dounin |
SSL: enabled TLSv1.3 with BoringSSL.
stable-1.14
|
| Tue, 25 Sep 2018 14:00:04 +0300 |
Maxim Dounin |
SSL: logging level of "no suitable signature algorithm".
stable-1.14
|
| Tue, 25 Sep 2018 13:59:53 +0300 |
Maxim Dounin |
SSL: logging level of "no suitable key share".
stable-1.14
|
| Mon, 16 Jul 2018 17:47:20 +0300 |
Maxim Dounin |
SSL: fixed SSL_clear_options() usage with OpenSSL 1.1.0+.
stable-1.14
|
| Mon, 16 Jul 2018 17:47:18 +0300 |
Maxim Dounin |
SSL: logging levels of "unsupported protocol", "version too low".
stable-1.14
|
| Thu, 05 Jul 2018 20:45:29 +0300 |
Maxim Dounin |
SSL: logging level of "https proxy request" errors.
stable-1.14
|
| Thu, 15 Nov 2018 21:28:02 +0300 |
Maxim Dounin |
Core: ngx_explicit_memzero().
|
| Tue, 23 Oct 2018 22:11:48 +0300 |
Maxim Dounin |
SSL: explicitly set maximum version (ticket #1654).
|
| Tue, 25 Sep 2018 14:07:59 +0300 |
Ruslan Ermilov |
SSL: fixed unlocked access to sess_id->len.
|
| Tue, 25 Sep 2018 14:00:04 +0300 |
Maxim Dounin |
SSL: logging level of "no suitable signature algorithm".
|
| Tue, 25 Sep 2018 13:59:53 +0300 |
Maxim Dounin |
SSL: logging level of "no suitable key share".
|
| Fri, 21 Sep 2018 20:49:12 +0300 |
Sergey Kandaurov |
SSL: support for TLSv1.3 early data with OpenSSL.
|
| Fri, 21 Sep 2018 20:31:32 +0300 |
Maxim Dounin |
SSL: disabled renegotiation checks with SSL_OP_NO_RENEGOTIATION.
|
| Mon, 10 Sep 2018 18:57:39 +0300 |
Maxim Dounin |
SSL: restore handlers after blocking.
|
| Mon, 10 Sep 2018 18:57:19 +0300 |
Maxim Dounin |
SSL: corrected SSL_ERROR_WANT_WRITE / SSL_ERROR_WANT_READ logging.
|
| Tue, 07 Aug 2018 02:16:07 +0300 |
Maxim Dounin |
SSL: support for TLSv1.3 early data with BoringSSL.
|
| Tue, 07 Aug 2018 02:15:28 +0300 |
Maxim Dounin |
SSL: enabled TLSv1.3 with BoringSSL.
|
| Tue, 17 Jul 2018 12:53:23 +0300 |
Sergey Kandaurov |
SSL: save sessions for upstream peers using a callback function.
|
| Mon, 16 Jul 2018 17:47:48 +0300 |
Maxim Dounin |
SSL: use of the SSL_OP_NO_RENEGOTIATION option (ticket #1376).
|
| Mon, 16 Jul 2018 17:47:20 +0300 |
Maxim Dounin |
SSL: fixed SSL_clear_options() usage with OpenSSL 1.1.0+.
|
| Mon, 16 Jul 2018 17:47:18 +0300 |
Maxim Dounin |
SSL: logging levels of "unsupported protocol", "version too low".
|
| Thu, 05 Jul 2018 20:45:29 +0300 |
Maxim Dounin |
SSL: logging level of "https proxy request" errors.
|
| Wed, 06 Jun 2018 13:31:05 +0300 |
Sergey Kandaurov |
SSL: removed extra prototype.
|
| Tue, 22 Aug 2017 17:36:12 +0300 |
Maxim Dounin |
SSL: fixed possible use-after-free in $ssl_server_name.
|
| Tue, 22 Aug 2017 15:18:10 +0300 |
Maxim Dounin |
SSL: the $ssl_client_escaped_cert variable (ticket #857).
|
| Wed, 09 Aug 2017 15:03:27 +0300 |
Sergey Kandaurov |
Fixed calls to ngx_open_file() in certain places.
|
| Wed, 09 Aug 2017 14:59:46 +0300 |
Sergey Kandaurov |
Style.
|
| Tue, 25 Jul 2017 17:21:59 +0300 |
Sergey Kandaurov |
SSL: fixed typo in the error message.
|
| Wed, 03 May 2017 15:15:56 +0300 |
Sergey Kandaurov |
SSL: allowed renegotiation in client mode with OpenSSL < 1.1.0.
|
| Tue, 18 Apr 2017 16:08:46 +0300 |
Sergey Kandaurov |
SSL: compatibility with OpenSSL master branch.
|
| Tue, 18 Apr 2017 16:08:44 +0300 |
Sergey Kandaurov |
SSL: disabled renegotiation detection in client mode.
|
| Tue, 18 Apr 2017 15:12:38 +0300 |
Sergey Kandaurov |
SSL: added support for TLSv1.3 in ssl_protocols directive.
|
| Mon, 06 Feb 2017 18:38:06 +0300 |
Sergey Kandaurov |
SSL: clear error queue after OPENSSL_init_ssl().
|
| Fri, 23 Dec 2016 17:28:20 +0300 |
Maxim Dounin |
SSL: support AES256 encryption of tickets.
|
| Thu, 15 Dec 2016 19:00:23 +0300 |
Maxim Dounin |
SSL: backed out changeset e7cb5deb951d, reimplemented properly.
|
| Tue, 13 Dec 2016 14:19:30 -0800 |
Piotr Sikora |
SSL: fix call to BIO_get_mem_data().
|
| Mon, 05 Dec 2016 22:23:23 +0300 |
Maxim Dounin |
SSL: $ssl_curves (ticket #1088).
|
| Mon, 05 Dec 2016 22:23:23 +0300 |
Maxim Dounin |
SSL: $ssl_ciphers (ticket #870).
|
| Mon, 05 Dec 2016 22:23:23 +0300 |
Maxim Dounin |
SSL: $ssl_client_v_start, $ssl_client_v_end, $ssl_client_v_remain.
|
| Mon, 05 Dec 2016 22:23:22 +0300 |
Maxim Dounin |
SSL: $ssl_client_verify extended with a failure reason.
|
| Mon, 05 Dec 2016 22:23:22 +0300 |
Maxim Dounin |
OCSP stapling: added certificate name to warnings.
|
| Fri, 21 Oct 2016 16:28:39 +0300 |
Dmitry Volyntsev |
SSL: RFC2253 compliant $ssl_client_s_dn and $ssl_client_i_dn.
|
| Tue, 18 Oct 2016 20:46:06 +0300 |
Valentin Bartenev |
SSL: overcame possible buffer over-read in ngx_ssl_error().
|
| Tue, 18 Oct 2016 17:25:38 +0300 |
Maxim Dounin |
SSL: default DH parameters compatible with OpenSSL 1.1.0.
stable-1.10
|
| Mon, 22 Aug 2016 18:53:21 +0300 |
Sergey Kandaurov |
SSL: adopted session ticket handling for OpenSSL 1.1.0.
stable-1.10
|
| Mon, 08 Aug 2016 13:44:49 +0300 |
Sergey Kandaurov |
SSL: guarded SSL_R_NO_CIPHERS_PASSED not present in OpenSSL 1.1.0.
stable-1.10
|
| Tue, 04 Oct 2016 17:26:45 +0300 |
Maxim Dounin |
SSL: use X509_check_host() with LibreSSL.
|
| Tue, 20 Sep 2016 15:07:16 +0300 |
Valentin Bartenev |
Fixed log levels of configuration parsing errors.
|
| Mon, 12 Sep 2016 18:57:42 +0300 |
Sergey Kandaurov |
SSL: improved session ticket callback error handling.
|
| Mon, 12 Sep 2016 18:57:42 +0300 |
Sergey Kandaurov |
SSL: factored out digest and cipher in session ticket callback.
|
| Mon, 22 Aug 2016 18:53:21 +0300 |
Sergey Kandaurov |
SSL: adopted session ticket handling for OpenSSL 1.1.0.
|
| Thu, 18 Aug 2016 14:49:48 -0700 |
Piotr Sikora |
SSL: remove no longer needed workaround for BoringSSL.
|
| Mon, 08 Aug 2016 13:44:49 +0300 |
Sergey Kandaurov |
SSL: guarded SSL_R_NO_CIPHERS_PASSED not present in OpenSSL 1.1.0.
|
| Wed, 15 Jun 2016 21:05:30 +0100 |
Tim Taubert |
SSL: ngx_ssl_ciphers() to set list of ciphers.
|
| Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: removed default DH parameters.
|
| Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: support for multiple curves (ticket #885).
|
| Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: style.
|
| Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: error messages style.
|
| Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: support for multiple certificates (ticket #814).
|
| Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: support for per-certificate chains.
|
| Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: made it possible to iterate though all certificates.
|
| Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
OCSP stapling: staple now stored in certificate, not SSL context.
|
| Thu, 31 Mar 2016 23:38:36 +0300 |
Sergey Kandaurov |
SSL: EVP_MD_CTX was made opaque in OpenSSL 1.1.0.
|
| Thu, 31 Mar 2016 23:38:34 +0300 |
Maxim Dounin |
SSL: RSA_generate_key() is deprecated in OpenSSL 1.1.0.
|
| Thu, 31 Mar 2016 23:38:33 +0300 |
Maxim Dounin |
SSL: initialization changes for OpenSSL 1.1.0.
|
| Thu, 31 Mar 2016 23:38:32 +0300 |
Maxim Dounin |
SSL: get_session callback changed in OpenSSL 1.1.0.
|
| Thu, 31 Mar 2016 23:38:31 +0300 |
Maxim Dounin |
SSL: guarded error codes not present in OpenSSL 1.1.0.
|
| Thu, 31 Mar 2016 23:38:29 +0300 |
Maxim Dounin |
SSL: reasonable version for LibreSSL.
|
| Thu, 31 Mar 2016 02:33:57 +0300 |
Sergey Kandaurov |
Fixed logging.
|
| Wed, 30 Mar 2016 11:52:16 +0300 |
Ruslan Ermilov |
Style.
|
| Fri, 19 Feb 2016 17:27:30 +0300 |
Maxim Dounin |
SSL: avoid calling SSL_shutdown() during handshake (ticket #901).
|
| Fri, 19 Feb 2016 17:27:23 +0300 |
Maxim Dounin |
SSL: fixed SSL_shutdown() comment.
|
| Mon, 19 Oct 2015 21:22:38 +0300 |
Maxim Dounin |
SSL: preserve default server context in connection (ticket #235).
stable-1.8
|
| Mon, 19 Oct 2015 21:22:38 +0300 |
Maxim Dounin |
SSL: preserve default server context in connection (ticket #235).
|
| Wed, 07 Oct 2015 22:19:42 +0300 |
Vladimir Homutov |
SSL: handled long string truncation in ngx_ssl_error().
|
| Thu, 24 Sep 2015 17:19:08 +0300 |
Maxim Dounin |
SSL: compatibility with OpenSSL master branch.
|
| Mon, 17 Nov 2014 16:38:48 +0300 |
Maxim Dounin |
SSL: logging level of "inappropriate fallback" (ticket #662).
stable-1.6
|
| Mon, 23 Mar 2015 02:42:35 +0300 |
Maxim Dounin |
SSL: use of SSL_MODE_NO_AUTO_CHAIN.
|
| Mon, 23 Mar 2015 02:42:32 +0300 |
Maxim Dounin |
SSL: clear protocol options.
|
| Tue, 24 Feb 2015 23:52:47 +0300 |
Ruslan Ermilov |
SSL: account sent bytes in ngx_ssl_write().
|
| Wed, 17 Dec 2014 15:12:50 +0100 |
Lukas Tribus |
SSL: safeguard use of SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS.
|
| Mon, 04 Aug 2014 11:03:20 +0400 |
Dmitrii Pichulin |
SSL: loading certificate keys via ENGINE_load_private_key().
|
| Mon, 17 Nov 2014 16:38:48 +0300 |
Maxim Dounin |
SSL: logging level of "inappropriate fallback" (ticket #662).
|
| Fri, 24 Oct 2014 04:28:00 -0700 |
Sergey Kandaurov |
SSL: simplified ssl_password_file error handling.
|
| Tue, 28 Oct 2014 12:29:58 +0300 |
Roman Arutyunyan |
Core: added limit to recv_chain().
|
| Mon, 15 Sep 2014 17:59:47 +0400 |
Maxim Dounin |
SSL: session id context now includes certificate hash.
stable-1.6
|
| Mon, 15 Sep 2014 17:59:47 +0400 |
Maxim Dounin |
SSL: session id context now includes certificate hash.
|
| Wed, 03 Sep 2014 14:49:55 -0700 |
Piotr Sikora |
SSL: guard use of all SSL options for bug workarounds.
|
| Wed, 30 Jul 2014 04:32:16 -0700 |
Piotr Sikora |
SSL: let it build against LibreSSL.
|
| Wed, 30 Jul 2014 04:32:15 -0700 |
Piotr Sikora |
SSL: let it build against BoringSSL.
|
| Mon, 28 Jul 2014 12:27:57 -0700 |
Piotr Sikora |
SSL: fix build with OPENSSL_NO_ENGINE and/or OPENSSL_NO_OCSP.
|
| Mon, 28 Jul 2014 18:30:18 +0400 |
Maxim Dounin |
SSL: misplaced space in debug message.
|
| Wed, 09 Jul 2014 12:27:15 -0700 |
Piotr Sikora |
SSL: fix build with recent OpenSSL.
|
| Tue, 08 Jul 2014 03:03:14 -0700 |
Piotr Sikora |
Style: use ngx_memcpy() instead of memcpy().
|
| Sun, 06 Jul 2014 16:41:14 -0700 |
Piotr Sikora |
SSL: stop accessing SSL_SESSION's fields directly.
|
| Wed, 09 Jul 2014 04:08:13 +0400 |
Maxim Dounin |
SSL: fixed build with OPENSSL_NO_DEPRECATED defined.
|
| Sun, 06 Jul 2014 16:41:13 -0700 |
Piotr Sikora |
SSL: return temporary RSA key only when the key length matches.
|
| Fri, 04 Jul 2014 22:14:36 +0400 |
Maxim Dounin |
SSL: logging level of "peer closed connection in SSL handshake".
|
| Mon, 16 Jun 2014 19:43:25 +0400 |
Valentin Bartenev |
SSL: the "ssl_password_file" directive.
|
| Tue, 20 May 2014 14:03:03 +0400 |
Sergey Budnevitch |
SSL: $ssl_client_fingerprint variable.
|
| Wed, 23 Apr 2014 20:31:31 +0400 |
Maxim Dounin |
SSL: explicit handling of empty names.
|
| Tue, 22 Apr 2014 14:02:45 +0400 |
Maxim Dounin |
SSL: added explicit check for ngx_strlchr() result.
|
| Fri, 18 Apr 2014 20:13:30 +0400 |
Maxim Dounin |
Upstream: proxy_ssl_verify and friends.
|
| Fri, 18 Apr 2014 20:13:21 +0400 |
Maxim Dounin |
SSL: $ssl_server_name variable.
|
| Fri, 18 Apr 2014 20:13:14 +0400 |
Maxim Dounin |
SSL: fixed misuse of NGX_LOG_DEBUG_HTTP.
|
| Mon, 07 Apr 2014 18:55:57 +0400 |
Maxim Dounin |
Win32: fixed shared ssl_session_cache (ticket #528).
|
| Mon, 31 Mar 2014 21:38:30 +0400 |
Maxim Dounin |
Core: slab log_nomem flag.
|
| Tue, 11 Feb 2014 19:20:25 +0400 |
Maxim Dounin |
SSL: the $ssl_session_reused variable.
|
| Thu, 23 Jan 2014 18:32:26 +0400 |
Maxim Dounin |
SSL: fixed $ssl_session_id possible segfault after 97e3769637a7.
stable-1.4
|
| Wed, 22 Jan 2014 16:05:06 +0400 |
Maxim Dounin |
SSL: fixed $ssl_session_id variable.
stable-1.4
|
| Fri, 29 Nov 2013 17:16:06 +0400 |
Maxim Dounin |
SSL: fixed c->read->ready handling in ngx_ssl_recv().
stable-1.4
|
| Thu, 23 Jan 2014 18:32:26 +0400 |
Maxim Dounin |
SSL: fixed $ssl_session_id possible segfault after 97e3769637a7.
|
| Wed, 22 Jan 2014 16:05:06 +0400 |
Maxim Dounin |
SSL: fixed $ssl_session_id variable.
|
| Fri, 20 Dec 2013 16:18:25 +0400 |
Maxim Dounin |
SSL: ssl_buffer_size directive.
|
| Fri, 29 Nov 2013 17:16:06 +0400 |
Maxim Dounin |
SSL: fixed c->read->ready handling in ngx_ssl_recv().
|
| Fri, 11 Oct 2013 16:05:24 -0700 |
Piotr Sikora |
SSL: added ability to set keys used for Session Tickets (RFC5077).
|
| Mon, 14 Oct 2013 13:59:35 +0400 |
Maxim Dounin |
SSL: SSL_CTX_set_timeout() now always called.
|
| Mon, 14 Oct 2013 13:44:09 +0400 |
Maxim Dounin |
SSL: fixed build with OpenSSL 0.9.7.
|
| Fri, 27 Sep 2013 19:39:33 +0400 |
Maxim Dounin |
SSL: adjust buffer used by OpenSSL during handshake (ticket #413).
|
| Wed, 18 Sep 2013 16:51:30 -0700 |
Piotr Sikora |
SSL: fixed possible memory and file descriptor leak on HUP signal.
|
| Mon, 16 Sep 2013 14:24:38 -0700 |
Piotr Sikora |
SSL: guard use of SSL_OP_MSIE_SSLV2_RSA_PADDING.
|
| Wed, 04 Sep 2013 21:17:02 +0400 |
Maxim Dounin |
SSL: clear error queue after SSL_CTX_load_verify_locations().
|
| Tue, 20 Aug 2013 21:11:19 +0400 |
Maxim Dounin |
Backed out f1a91825730a and 7094bd12c1ff.
|
| Tue, 06 Aug 2013 19:58:40 +0400 |
Valentin Bartenev |
Replaced ngx_conf_full_name() with ngx_get_full_name().
|
| Tue, 21 May 2013 18:45:07 -0700 |
Piotr Sikora |
Style: replace SSL *ssl with ngx_ssl_conn_t *ssl_conn.
|
| Tue, 21 May 2013 18:43:43 -0700 |
Piotr Sikora |
Style: remove unnecessary references to HTTP from non-HTTP modules.
|
| Fri, 29 Mar 2013 17:17:45 +0000 |
Maxim Dounin |
Merge of r5082: SSL: retry "sess_id" and "id" allocations.
stable-1.2
|
| Sat, 23 Feb 2013 11:54:25 +0000 |
Maxim Dounin |
SSL: retry "sess_id" and "id" allocations.
|
| Mon, 11 Feb 2013 15:12:06 +0000 |
Maxim Dounin |
Merge of r5004, r5019-r5025: ssl fixes.
stable-1.2
|
| Fri, 01 Feb 2013 14:37:43 +0000 |
Maxim Dounin |
SSL: fixed ngx_ssl_handshake() with level-triggered event methods.
|
| Mon, 28 Jan 2013 15:41:12 +0000 |
Valentin Bartenev |
SSL: take into account data in the buffer while limiting output.
|
| Mon, 28 Jan 2013 15:40:25 +0000 |
Valentin Bartenev |
SSL: avoid calling SSL_write() with zero data size.
|
| Mon, 28 Jan 2013 15:38:36 +0000 |
Valentin Bartenev |
SSL: calculation of buffer size moved closer to its usage.
|
| Mon, 28 Jan 2013 15:37:11 +0000 |
Valentin Bartenev |
SSL: preservation of flush flag for buffered data.
|
| Mon, 28 Jan 2013 15:35:12 +0000 |
Valentin Bartenev |
SSL: resetting of flush flag after the data was written.
|
| Mon, 28 Jan 2013 15:34:09 +0000 |
Valentin Bartenev |
SSL: removed conditions that always hold true.
|
| Wed, 09 Jan 2013 14:11:48 +0000 |
Maxim Dounin |
SSL: speedup loading of configs with many ssl servers.
|
| Mon, 12 Nov 2012 18:00:32 +0000 |
Maxim Dounin |
Merge of r4868, r4869: SSL minor fixes.
stable-1.2
|
| Mon, 01 Oct 2012 12:50:36 +0000 |
Maxim Dounin |
OCSP stapling: log error data in ngx_ssl_error().
|
| Mon, 01 Oct 2012 12:47:55 +0000 |
Maxim Dounin |
OCSP stapling: loading OCSP responses.
|
| Mon, 01 Oct 2012 12:39:36 +0000 |
Maxim Dounin |
OCSP stapling: ssl_trusted_certificate directive.
|
