Tue, 25 Sep 2018 14:07:59 +0300 |
Ruslan Ermilov |
SSL: fixed unlocked access to sess_id->len.
|
Tue, 25 Sep 2018 14:00:04 +0300 |
Maxim Dounin |
SSL: logging level of "no suitable signature algorithm".
|
Tue, 25 Sep 2018 13:59:53 +0300 |
Maxim Dounin |
SSL: logging level of "no suitable key share".
|
Fri, 21 Sep 2018 20:49:12 +0300 |
Sergey Kandaurov |
SSL: support for TLSv1.3 early data with OpenSSL.
|
Fri, 21 Sep 2018 20:31:32 +0300 |
Maxim Dounin |
SSL: disabled renegotiation checks with SSL_OP_NO_RENEGOTIATION.
|
Mon, 10 Sep 2018 18:57:39 +0300 |
Maxim Dounin |
SSL: restore handlers after blocking.
|
Mon, 10 Sep 2018 18:57:19 +0300 |
Maxim Dounin |
SSL: corrected SSL_ERROR_WANT_WRITE / SSL_ERROR_WANT_READ logging.
|
Tue, 07 Aug 2018 02:16:07 +0300 |
Maxim Dounin |
SSL: support for TLSv1.3 early data with BoringSSL.
|
Tue, 07 Aug 2018 02:15:28 +0300 |
Maxim Dounin |
SSL: enabled TLSv1.3 with BoringSSL.
|
Tue, 17 Jul 2018 12:53:23 +0300 |
Sergey Kandaurov |
SSL: save sessions for upstream peers using a callback function.
|
Mon, 16 Jul 2018 17:47:48 +0300 |
Maxim Dounin |
SSL: use of the SSL_OP_NO_RENEGOTIATION option (ticket #1376).
|
Mon, 16 Jul 2018 17:47:20 +0300 |
Maxim Dounin |
SSL: fixed SSL_clear_options() usage with OpenSSL 1.1.0+.
|
Mon, 16 Jul 2018 17:47:18 +0300 |
Maxim Dounin |
SSL: logging levels of "unsupported protocol", "version too low".
|
Thu, 05 Jul 2018 20:45:29 +0300 |
Maxim Dounin |
SSL: logging level of "https proxy request" errors.
|
Wed, 06 Jun 2018 13:31:05 +0300 |
Sergey Kandaurov |
SSL: removed extra prototype.
|
Tue, 22 Aug 2017 17:36:12 +0300 |
Maxim Dounin |
SSL: fixed possible use-after-free in $ssl_server_name.
|
Tue, 22 Aug 2017 15:18:10 +0300 |
Maxim Dounin |
SSL: the $ssl_client_escaped_cert variable (ticket #857).
|
Wed, 09 Aug 2017 15:03:27 +0300 |
Sergey Kandaurov |
Fixed calls to ngx_open_file() in certain places.
|
Wed, 09 Aug 2017 14:59:46 +0300 |
Sergey Kandaurov |
Style.
|
Tue, 25 Jul 2017 17:21:59 +0300 |
Sergey Kandaurov |
SSL: fixed typo in the error message.
|
Wed, 03 May 2017 15:15:56 +0300 |
Sergey Kandaurov |
SSL: allowed renegotiation in client mode with OpenSSL < 1.1.0.
|
Tue, 18 Apr 2017 16:08:46 +0300 |
Sergey Kandaurov |
SSL: compatibility with OpenSSL master branch.
|
Tue, 18 Apr 2017 16:08:44 +0300 |
Sergey Kandaurov |
SSL: disabled renegotiation detection in client mode.
|
Tue, 18 Apr 2017 15:12:38 +0300 |
Sergey Kandaurov |
SSL: added support for TLSv1.3 in ssl_protocols directive.
|
Mon, 06 Feb 2017 18:38:06 +0300 |
Sergey Kandaurov |
SSL: clear error queue after OPENSSL_init_ssl().
|
Fri, 23 Dec 2016 17:28:20 +0300 |
Maxim Dounin |
SSL: support AES256 encryption of tickets.
|
Thu, 15 Dec 2016 19:00:23 +0300 |
Maxim Dounin |
SSL: backed out changeset e7cb5deb951d, reimplemented properly.
|
Tue, 13 Dec 2016 14:19:30 -0800 |
Piotr Sikora |
SSL: fix call to BIO_get_mem_data().
|
Mon, 05 Dec 2016 22:23:23 +0300 |
Maxim Dounin |
SSL: $ssl_curves (ticket #1088).
|
Mon, 05 Dec 2016 22:23:23 +0300 |
Maxim Dounin |
SSL: $ssl_ciphers (ticket #870).
|
Mon, 05 Dec 2016 22:23:23 +0300 |
Maxim Dounin |
SSL: $ssl_client_v_start, $ssl_client_v_end, $ssl_client_v_remain.
|
Mon, 05 Dec 2016 22:23:22 +0300 |
Maxim Dounin |
SSL: $ssl_client_verify extended with a failure reason.
|
Mon, 05 Dec 2016 22:23:22 +0300 |
Maxim Dounin |
OCSP stapling: added certificate name to warnings.
|
Fri, 21 Oct 2016 16:28:39 +0300 |
Dmitry Volyntsev |
SSL: RFC2253 compliant $ssl_client_s_dn and $ssl_client_i_dn.
|
Tue, 18 Oct 2016 20:46:06 +0300 |
Valentin Bartenev |
SSL: overcame possible buffer over-read in ngx_ssl_error().
|
Tue, 18 Oct 2016 17:25:38 +0300 |
Maxim Dounin |
SSL: default DH parameters compatible with OpenSSL 1.1.0.
stable-1.10
|
Mon, 22 Aug 2016 18:53:21 +0300 |
Sergey Kandaurov |
SSL: adopted session ticket handling for OpenSSL 1.1.0.
stable-1.10
|
Mon, 08 Aug 2016 13:44:49 +0300 |
Sergey Kandaurov |
SSL: guarded SSL_R_NO_CIPHERS_PASSED not present in OpenSSL 1.1.0.
stable-1.10
|
Tue, 04 Oct 2016 17:26:45 +0300 |
Maxim Dounin |
SSL: use X509_check_host() with LibreSSL.
|
Tue, 20 Sep 2016 15:07:16 +0300 |
Valentin Bartenev |
Fixed log levels of configuration parsing errors.
|
Mon, 12 Sep 2016 18:57:42 +0300 |
Sergey Kandaurov |
SSL: improved session ticket callback error handling.
|
Mon, 12 Sep 2016 18:57:42 +0300 |
Sergey Kandaurov |
SSL: factored out digest and cipher in session ticket callback.
|
Mon, 22 Aug 2016 18:53:21 +0300 |
Sergey Kandaurov |
SSL: adopted session ticket handling for OpenSSL 1.1.0.
|
Thu, 18 Aug 2016 14:49:48 -0700 |
Piotr Sikora |
SSL: remove no longer needed workaround for BoringSSL.
|
Mon, 08 Aug 2016 13:44:49 +0300 |
Sergey Kandaurov |
SSL: guarded SSL_R_NO_CIPHERS_PASSED not present in OpenSSL 1.1.0.
|
Wed, 15 Jun 2016 21:05:30 +0100 |
Tim Taubert |
SSL: ngx_ssl_ciphers() to set list of ciphers.
|
Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: removed default DH parameters.
|
Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: support for multiple curves (ticket #885).
|
Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: style.
|
Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: error messages style.
|
Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: support for multiple certificates (ticket #814).
|
Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: support for per-certificate chains.
|
Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
SSL: made it possible to iterate though all certificates.
|
Thu, 19 May 2016 14:46:32 +0300 |
Maxim Dounin |
OCSP stapling: staple now stored in certificate, not SSL context.
|
Thu, 31 Mar 2016 23:38:36 +0300 |
Sergey Kandaurov |
SSL: EVP_MD_CTX was made opaque in OpenSSL 1.1.0.
|
Thu, 31 Mar 2016 23:38:34 +0300 |
Maxim Dounin |
SSL: RSA_generate_key() is deprecated in OpenSSL 1.1.0.
|
Thu, 31 Mar 2016 23:38:33 +0300 |
Maxim Dounin |
SSL: initialization changes for OpenSSL 1.1.0.
|
Thu, 31 Mar 2016 23:38:32 +0300 |
Maxim Dounin |
SSL: get_session callback changed in OpenSSL 1.1.0.
|
Thu, 31 Mar 2016 23:38:31 +0300 |
Maxim Dounin |
SSL: guarded error codes not present in OpenSSL 1.1.0.
|
Thu, 31 Mar 2016 23:38:29 +0300 |
Maxim Dounin |
SSL: reasonable version for LibreSSL.
|
Thu, 31 Mar 2016 02:33:57 +0300 |
Sergey Kandaurov |
Fixed logging.
|
Wed, 30 Mar 2016 11:52:16 +0300 |
Ruslan Ermilov |
Style.
|
Fri, 19 Feb 2016 17:27:30 +0300 |
Maxim Dounin |
SSL: avoid calling SSL_shutdown() during handshake (ticket #901).
|
Fri, 19 Feb 2016 17:27:23 +0300 |
Maxim Dounin |
SSL: fixed SSL_shutdown() comment.
|
Mon, 19 Oct 2015 21:22:38 +0300 |
Maxim Dounin |
SSL: preserve default server context in connection (ticket #235).
stable-1.8
|
Mon, 19 Oct 2015 21:22:38 +0300 |
Maxim Dounin |
SSL: preserve default server context in connection (ticket #235).
|
Wed, 07 Oct 2015 22:19:42 +0300 |
Vladimir Homutov |
SSL: handled long string truncation in ngx_ssl_error().
|
Thu, 24 Sep 2015 17:19:08 +0300 |
Maxim Dounin |
SSL: compatibility with OpenSSL master branch.
|
Mon, 17 Nov 2014 16:38:48 +0300 |
Maxim Dounin |
SSL: logging level of "inappropriate fallback" (ticket #662).
stable-1.6
|
Mon, 23 Mar 2015 02:42:35 +0300 |
Maxim Dounin |
SSL: use of SSL_MODE_NO_AUTO_CHAIN.
|
Mon, 23 Mar 2015 02:42:32 +0300 |
Maxim Dounin |
SSL: clear protocol options.
|
Tue, 24 Feb 2015 23:52:47 +0300 |
Ruslan Ermilov |
SSL: account sent bytes in ngx_ssl_write().
|
Wed, 17 Dec 2014 15:12:50 +0100 |
Lukas Tribus |
SSL: safeguard use of SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS.
|
Mon, 04 Aug 2014 11:03:20 +0400 |
Dmitrii Pichulin |
SSL: loading certificate keys via ENGINE_load_private_key().
|
Mon, 17 Nov 2014 16:38:48 +0300 |
Maxim Dounin |
SSL: logging level of "inappropriate fallback" (ticket #662).
|
Fri, 24 Oct 2014 04:28:00 -0700 |
Sergey Kandaurov |
SSL: simplified ssl_password_file error handling.
|
Tue, 28 Oct 2014 12:29:58 +0300 |
Roman Arutyunyan |
Core: added limit to recv_chain().
|
Mon, 15 Sep 2014 17:59:47 +0400 |
Maxim Dounin |
SSL: session id context now includes certificate hash.
stable-1.6
|
Mon, 15 Sep 2014 17:59:47 +0400 |
Maxim Dounin |
SSL: session id context now includes certificate hash.
|
Wed, 03 Sep 2014 14:49:55 -0700 |
Piotr Sikora |
SSL: guard use of all SSL options for bug workarounds.
|
Wed, 30 Jul 2014 04:32:16 -0700 |
Piotr Sikora |
SSL: let it build against LibreSSL.
|
Wed, 30 Jul 2014 04:32:15 -0700 |
Piotr Sikora |
SSL: let it build against BoringSSL.
|
Mon, 28 Jul 2014 12:27:57 -0700 |
Piotr Sikora |
SSL: fix build with OPENSSL_NO_ENGINE and/or OPENSSL_NO_OCSP.
|
Mon, 28 Jul 2014 18:30:18 +0400 |
Maxim Dounin |
SSL: misplaced space in debug message.
|
Wed, 09 Jul 2014 12:27:15 -0700 |
Piotr Sikora |
SSL: fix build with recent OpenSSL.
|
Tue, 08 Jul 2014 03:03:14 -0700 |
Piotr Sikora |
Style: use ngx_memcpy() instead of memcpy().
|
Sun, 06 Jul 2014 16:41:14 -0700 |
Piotr Sikora |
SSL: stop accessing SSL_SESSION's fields directly.
|
Wed, 09 Jul 2014 04:08:13 +0400 |
Maxim Dounin |
SSL: fixed build with OPENSSL_NO_DEPRECATED defined.
|
Sun, 06 Jul 2014 16:41:13 -0700 |
Piotr Sikora |
SSL: return temporary RSA key only when the key length matches.
|
Fri, 04 Jul 2014 22:14:36 +0400 |
Maxim Dounin |
SSL: logging level of "peer closed connection in SSL handshake".
|
Mon, 16 Jun 2014 19:43:25 +0400 |
Valentin Bartenev |
SSL: the "ssl_password_file" directive.
|
Tue, 20 May 2014 14:03:03 +0400 |
Sergey Budnevitch |
SSL: $ssl_client_fingerprint variable.
|
Wed, 23 Apr 2014 20:31:31 +0400 |
Maxim Dounin |
SSL: explicit handling of empty names.
|
Tue, 22 Apr 2014 14:02:45 +0400 |
Maxim Dounin |
SSL: added explicit check for ngx_strlchr() result.
|
Fri, 18 Apr 2014 20:13:30 +0400 |
Maxim Dounin |
Upstream: proxy_ssl_verify and friends.
|
Fri, 18 Apr 2014 20:13:21 +0400 |
Maxim Dounin |
SSL: $ssl_server_name variable.
|
Fri, 18 Apr 2014 20:13:14 +0400 |
Maxim Dounin |
SSL: fixed misuse of NGX_LOG_DEBUG_HTTP.
|
Mon, 07 Apr 2014 18:55:57 +0400 |
Maxim Dounin |
Win32: fixed shared ssl_session_cache (ticket #528).
|
Mon, 31 Mar 2014 21:38:30 +0400 |
Maxim Dounin |
Core: slab log_nomem flag.
|
Tue, 11 Feb 2014 19:20:25 +0400 |
Maxim Dounin |
SSL: the $ssl_session_reused variable.
|
Thu, 23 Jan 2014 18:32:26 +0400 |
Maxim Dounin |
SSL: fixed $ssl_session_id possible segfault after 97e3769637a7.
stable-1.4
|
Wed, 22 Jan 2014 16:05:06 +0400 |
Maxim Dounin |
SSL: fixed $ssl_session_id variable.
stable-1.4
|
Fri, 29 Nov 2013 17:16:06 +0400 |
Maxim Dounin |
SSL: fixed c->read->ready handling in ngx_ssl_recv().
stable-1.4
|
Thu, 23 Jan 2014 18:32:26 +0400 |
Maxim Dounin |
SSL: fixed $ssl_session_id possible segfault after 97e3769637a7.
|
Wed, 22 Jan 2014 16:05:06 +0400 |
Maxim Dounin |
SSL: fixed $ssl_session_id variable.
|
Fri, 20 Dec 2013 16:18:25 +0400 |
Maxim Dounin |
SSL: ssl_buffer_size directive.
|
Fri, 29 Nov 2013 17:16:06 +0400 |
Maxim Dounin |
SSL: fixed c->read->ready handling in ngx_ssl_recv().
|
Fri, 11 Oct 2013 16:05:24 -0700 |
Piotr Sikora |
SSL: added ability to set keys used for Session Tickets (RFC5077).
|
Mon, 14 Oct 2013 13:59:35 +0400 |
Maxim Dounin |
SSL: SSL_CTX_set_timeout() now always called.
|
Mon, 14 Oct 2013 13:44:09 +0400 |
Maxim Dounin |
SSL: fixed build with OpenSSL 0.9.7.
|
Fri, 27 Sep 2013 19:39:33 +0400 |
Maxim Dounin |
SSL: adjust buffer used by OpenSSL during handshake (ticket #413).
|
Wed, 18 Sep 2013 16:51:30 -0700 |
Piotr Sikora |
SSL: fixed possible memory and file descriptor leak on HUP signal.
|
Mon, 16 Sep 2013 14:24:38 -0700 |
Piotr Sikora |
SSL: guard use of SSL_OP_MSIE_SSLV2_RSA_PADDING.
|
Wed, 04 Sep 2013 21:17:02 +0400 |
Maxim Dounin |
SSL: clear error queue after SSL_CTX_load_verify_locations().
|
Tue, 20 Aug 2013 21:11:19 +0400 |
Maxim Dounin |
Backed out f1a91825730a and 7094bd12c1ff.
|
Tue, 06 Aug 2013 19:58:40 +0400 |
Valentin Bartenev |
Replaced ngx_conf_full_name() with ngx_get_full_name().
|
Tue, 21 May 2013 18:45:07 -0700 |
Piotr Sikora |
Style: replace SSL *ssl with ngx_ssl_conn_t *ssl_conn.
|
Tue, 21 May 2013 18:43:43 -0700 |
Piotr Sikora |
Style: remove unnecessary references to HTTP from non-HTTP modules.
|
Fri, 29 Mar 2013 17:17:45 +0000 |
Maxim Dounin |
Merge of r5082: SSL: retry "sess_id" and "id" allocations.
stable-1.2
|
Sat, 23 Feb 2013 11:54:25 +0000 |
Maxim Dounin |
SSL: retry "sess_id" and "id" allocations.
|
Mon, 11 Feb 2013 15:12:06 +0000 |
Maxim Dounin |
Merge of r5004, r5019-r5025: ssl fixes.
stable-1.2
|
Fri, 01 Feb 2013 14:37:43 +0000 |
Maxim Dounin |
SSL: fixed ngx_ssl_handshake() with level-triggered event methods.
|
Mon, 28 Jan 2013 15:41:12 +0000 |
Valentin Bartenev |
SSL: take into account data in the buffer while limiting output.
|
Mon, 28 Jan 2013 15:40:25 +0000 |
Valentin Bartenev |
SSL: avoid calling SSL_write() with zero data size.
|
Mon, 28 Jan 2013 15:38:36 +0000 |
Valentin Bartenev |
SSL: calculation of buffer size moved closer to its usage.
|
Mon, 28 Jan 2013 15:37:11 +0000 |
Valentin Bartenev |
SSL: preservation of flush flag for buffered data.
|
Mon, 28 Jan 2013 15:35:12 +0000 |
Valentin Bartenev |
SSL: resetting of flush flag after the data was written.
|
Mon, 28 Jan 2013 15:34:09 +0000 |
Valentin Bartenev |
SSL: removed conditions that always hold true.
|
Wed, 09 Jan 2013 14:11:48 +0000 |
Maxim Dounin |
SSL: speedup loading of configs with many ssl servers.
|
Mon, 12 Nov 2012 18:00:32 +0000 |
Maxim Dounin |
Merge of r4868, r4869: SSL minor fixes.
stable-1.2
|
Mon, 01 Oct 2012 12:50:36 +0000 |
Maxim Dounin |
OCSP stapling: log error data in ngx_ssl_error().
|
Mon, 01 Oct 2012 12:47:55 +0000 |
Maxim Dounin |
OCSP stapling: loading OCSP responses.
|
Mon, 01 Oct 2012 12:39:36 +0000 |
Maxim Dounin |
OCSP stapling: ssl_trusted_certificate directive.
|
Thu, 27 Sep 2012 18:01:06 +0000 |
Maxim Dounin |
SSL: added version checks for ssl compression workaround.
|
Thu, 27 Sep 2012 17:59:59 +0000 |
Maxim Dounin |
SSL: fixed compression workaround to remove all methods.
|
Wed, 20 Jun 2012 12:55:28 +0000 |
Igor Sysoev |
Disabled gzip compression in OpenSSL prior to 1.0.0 version.
|
Wed, 30 May 2012 12:43:27 +0000 |
Valentin Bartenev |
Removed mistaken setting of NGX_SSL_BUFFERED flag in ngx_ssl_send_chain()
|
Mon, 14 May 2012 16:30:33 +0000 |
Valentin Bartenev |
Update c->sent in ngx_ssl_send_chain() even if SSL buffer is not used.
|
Tue, 03 Apr 2012 07:37:31 +0000 |
Ruslan Ermilov |
Fixed spelling in multiline C comments.
|
Mon, 05 Mar 2012 18:09:06 +0000 |
Maxim Dounin |
Whitespace fixes.
|
Mon, 05 Mar 2012 13:26:40 +0000 |
Maxim Dounin |
Merge of r4500: fixed spelling in single-line comments.
stable-1.0
|
Mon, 05 Mar 2012 13:17:56 +0000 |
Maxim Dounin |
Merge of r4498:
stable-1.0
|
Tue, 28 Feb 2012 11:31:05 +0000 |
Ruslan Ermilov |
Fixed spelling in single-line comments.
|
Mon, 27 Feb 2012 22:15:39 +0000 |
Maxim Dounin |
Fix of rbtree lookup on hash collisions.
|
Sun, 05 Feb 2012 20:02:59 +0000 |
Maxim Dounin |
Merge of r4406, r4413: copyrights updated.
stable-1.0
|
Sun, 05 Feb 2012 19:15:09 +0000 |
Maxim Dounin |
Merge of r4401, r4415:
stable-1.0
|
Mon, 30 Jan 2012 07:38:27 +0000 |
Maxim Dounin |
Removed ENGINE_load_builtin_engines() call.
|
Wed, 18 Jan 2012 15:07:43 +0000 |
Maxim Konovalov |
Copyright updated.
|
Wed, 11 Jan 2012 11:15:00 +0000 |
Maxim Dounin |
Added support for TLSv1.1, TLSv1.2 in ssl_protocols directive.
|
Tue, 01 Nov 2011 13:00:30 +0000 |
Igor Sysoev |
Merging r4034, r4186, r4187, r4229, r4235, r4237:
stable-1.0
|
Mon, 31 Oct 2011 14:30:03 +0000 |
Igor Sysoev |
Silently ignoring a stale global SSL error left after disabled renegotiation.
|
Tue, 25 Oct 2011 15:04:09 +0000 |
Igor Sysoev |
Decrease of log level of some SSL handshake errors.
|
Fri, 07 Oct 2011 12:15:20 +0000 |
Igor Sysoev |
Releasing memory of idle SSL connection. This saves about 34K per SSL
|
Fri, 07 Oct 2011 10:59:02 +0000 |
Igor Sysoev |
Disabling SSL compression. This saves about 300K per SSL connection.
|
Fri, 30 Sep 2011 13:42:59 +0000 |
Igor Sysoev |
Merging r4010, r4065:
stable-1.0
|
Fri, 30 Sep 2011 13:36:33 +0000 |
Igor Sysoev |
Merging r3933, r4154:
stable-1.0
|
Thu, 01 Sep 2011 13:49:36 +0000 |
Maxim Dounin |
Proper SSL shutdown handling.
|
Mon, 29 Aug 2011 12:35:53 +0000 |
Igor Sysoev |
Merge of r3960, r3961, r3962, r3963, r3965:
stable-1.0
|
Thu, 04 Aug 2011 11:12:30 +0000 |
Igor Sysoev |
A new fix for the case when ssl_session_cache defined, but ssl is not
|
Fri, 22 Jul 2011 12:53:04 +0000 |
Igor Sysoev |
fix SSL connection issues on platforms with 32-bit off_t
|
Fri, 22 Jul 2011 10:43:50 +0000 |
Igor Sysoev |
fix build by gcc46 with -Wunused-value option
|
Wed, 20 Jul 2011 15:42:40 +0000 |
Igor Sysoev |
ECDHE support
|
Wed, 20 Jul 2011 12:59:24 +0000 |
Igor Sysoev |
MSIE export versions are rare now, so RSA 512 key is generated on demand
|
Thu, 20 Jan 2011 12:33:17 +0000 |
Igor Sysoev |
fix building on Fedora 14
|
Mon, 06 Dec 2010 11:17:03 +0000 |
Igor Sysoev |
remove SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG becuase of CVE-2010-4180
|
Thu, 29 Jul 2010 09:30:15 +0000 |
Igor Sysoev |
decrease SSL handshake error level to info
|
Mon, 07 Jun 2010 11:55:20 +0000 |
Igor Sysoev |
merge r3489, r3493:
stable-0.7
|
Mon, 07 Jun 2010 10:09:14 +0000 |
Igor Sysoev |
merge r3456, r3458, r3465:
stable-0.7
|
Fri, 14 May 2010 09:56:37 +0000 |
Igor Sysoev |
ngx_str_set() and ngx_str_null()
|
Thu, 01 Apr 2010 15:18:29 +0000 |
Igor Sysoev |
MSVC8 compatibility with OpenSSL 1.0.0
|
Wed, 03 Mar 2010 16:23:14 +0000 |
Igor Sysoev |
add OpenSSL_add_all_algorithms(), this fixes the error
|
Tue, 02 Mar 2010 08:41:47 +0000 |
Igor Sysoev |
Set SSL session context for "ssl_session_cache none".
|
Fri, 19 Feb 2010 20:54:58 +0000 |
Igor Sysoev |
decrease SSL handshake error level to info
|
Mon, 01 Feb 2010 15:20:43 +0000 |
Igor Sysoev |
merge r3283, r3284:
stable-0.7
|
Mon, 01 Feb 2010 14:39:16 +0000 |
Igor Sysoev |
merge r3155, r3156, r3160, r969, r3191, r3197, r3358:
stable-0.7
|
Mon, 23 Nov 2009 14:09:57 +0000 |
Igor Sysoev |
decrease SSL handshake error level to info
|
Mon, 16 Nov 2009 15:24:39 +0000 |
Igor Sysoev |
r3301 merge:
stable-0.7
|
Wed, 11 Nov 2009 10:59:07 +0000 |
Igor Sysoev |
disable SSL renegotiation (CVE-2009-3555)
|
Tue, 03 Nov 2009 15:38:33 +0000 |
Igor Sysoev |
fix segfault in SSL if limit_rate is used
|
Mon, 26 Oct 2009 16:53:34 +0000 |
Igor Sysoev |
merge r2995, r2996, r2997, r2998, r3003, r3141, r3210, r3211, r3232:
stable-0.7
|
Thu, 24 Sep 2009 20:09:12 +0000 |
Igor Sysoev |
fix r3155
|
Thu, 24 Sep 2009 14:47:10 +0000 |
Igor Sysoev |
fix debug log message
|
Thu, 24 Sep 2009 14:45:28 +0000 |
Igor Sysoev |
$ssl_session_id
|
Mon, 27 Jul 2009 11:51:12 +0000 |
Igor Sysoev |
fix memory corruption in $ssl_client_cert
|
Thu, 23 Jul 2009 12:59:11 +0000 |
Igor Sysoev |
delete ancient define
|
Thu, 23 Jul 2009 12:54:20 +0000 |
Igor Sysoev |
delete OpenSSL pre-0.9.7 compatibility: the sources were not actually
|
Thu, 23 Jul 2009 12:21:26 +0000 |
Igor Sysoev |
ssl_crl
|
Wed, 22 Jul 2009 17:41:42 +0000 |
Igor Sysoev |
*) $ssl_client_verify
|
Tue, 02 Jun 2009 16:09:44 +0000 |
Igor Sysoev |
return NULL instead of NGX_CONF_ERROR on a create conf failure
|
Mon, 27 Apr 2009 13:06:20 +0000 |
Igor Sysoev |
use ngx_vslprintf(), ngx_slprintf()
|
Sat, 18 Apr 2009 19:27:28 +0000 |
Igor Sysoev |
support attaching to an existent Win32 shared memory
|
Thu, 16 Apr 2009 19:25:09 +0000 |
Igor Sysoev |
move zone name from ngx_shm_zone_t to ngx_shm_t to use Win32 shared memory
|
Wed, 15 Apr 2009 19:28:10 +0000 |
Igor Sysoev |
fix building by MSVC8
|
Wed, 01 Apr 2009 16:32:47 +0000 |
Igor Sysoev |
r2505 merge:
stable-0.6
|
Fri, 27 Mar 2009 17:00:42 +0000 |
Igor Sysoev |
improve ngx_slab_alloc() error logging
|
Tue, 24 Feb 2009 10:42:23 +0000 |
Igor Sysoev |
small optimization: " == NGX_ERROR" > " != NGX_OK"
|
Mon, 16 Feb 2009 13:37:58 +0000 |
Igor Sysoev |
load SSL engine before certificates,
|
Tue, 09 Dec 2008 17:27:48 +0000 |
Igor Sysoev |
use "!= NGX_OK" instead of "== NGX_ERROR"
|
Thu, 20 Nov 2008 17:20:15 +0000 |
Igor Sysoev |
r2281 merge:
stable-0.6
|
Tue, 18 Nov 2008 16:05:00 +0000 |
Igor Sysoev |
low some SSL handshake errors level
|
Thu, 23 Oct 2008 05:58:10 +0000 |
Igor Sysoev |
always use buffer, if connection is buffered,
|
Tue, 12 Aug 2008 12:04:49 +0000 |
Igor Sysoev |
backout both r2162 and r2128 and implement a new fix
|
Mon, 11 Aug 2008 15:25:40 +0000 |
Igor Sysoev |
SSL connection readiness is required for level-triggered events only,
|
Wed, 30 Jul 2008 06:12:30 +0000 |
Igor Sysoev |
update connection readiness after SSL handshake,
|
Tue, 29 Jul 2008 14:29:02 +0000 |
Igor Sysoev |
*) ssl_verify_client ask
|
Mon, 07 Jul 2008 11:30:24 +0000 |
Igor Sysoev |
r2053 merge:
stable-0.6
|
Fri, 20 Jun 2008 14:42:54 +0000 |
Igor Sysoev |
fix "proxy_pass https://..." broken in r1427
|
Tue, 17 Jun 2008 15:00:30 +0000 |
Igor Sysoev |
*) back out r2040
|
Mon, 16 Jun 2008 05:54:18 +0000 |
Igor Sysoev |
$ssl_client_cert
|
Mon, 16 Jun 2008 05:51:32 +0000 |
Igor Sysoev |
DH parameters, ssl_dhparam
|
Mon, 26 May 2008 07:14:13 +0000 |
Igor Sysoev |
ssl_session_cache none
|
Sun, 04 May 2008 09:47:59 +0000 |
Igor Sysoev |
r1862, r1866, r1869, r1874 merge:
stable-0.5
|
Mon, 28 Apr 2008 08:52:32 +0000 |
Igor Sysoev |
get certificate info only for debug build
|
Mon, 28 Apr 2008 08:50:39 +0000 |
Igor Sysoev |
fix memory leak when ssl_verify_client is on
|
Wed, 23 Apr 2008 18:57:25 +0000 |
Igor Sysoev |
fix memory leak when ssl_verify_client is on
|
Tue, 18 Mar 2008 10:35:00 +0000 |
Igor Sysoev |
low some SSL handshake errors level
|
Mon, 10 Mar 2008 14:47:07 +0000 |
Igor Sysoev |
invalidate SSL session if there is no valid client certificate
|
Mon, 04 Feb 2008 20:46:58 +0000 |
Igor Sysoev |
low SSL handshake close notify alert error level
|
Fri, 01 Feb 2008 14:05:18 +0000 |
Igor Sysoev |
low SSL handshake errors level
|
Thu, 31 Jan 2008 15:10:45 +0000 |
Igor Sysoev |
backout r1757, we really need SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
|
Fri, 25 Jan 2008 14:57:35 +0000 |
Igor Sysoev |
add NGX_ENETDOWN, NGX_ENETUNREACH, and NGX_EHOSTDOWN
|
Fri, 25 Jan 2008 14:56:37 +0000 |
Igor Sysoev |
pull all errors
|
Tue, 22 Jan 2008 16:04:35 +0000 |
Igor Sysoev |
fix bogus crit log message "SSL_shutdown() failed" introduced in r1755
|
Thu, 10 Jan 2008 08:45:00 +0000 |
Igor Sysoev |
pull all errors
|
Thu, 10 Jan 2008 08:36:14 +0000 |
Igor Sysoev |
grammar fix
|
Tue, 08 Jan 2008 17:30:39 +0000 |
Igor Sysoev |
r1755, r1756, r1757 merge:
stable-0.5
|
Thu, 27 Dec 2007 18:35:52 +0000 |
Igor Sysoev |
fix segfault introduced in r1780
|
Wed, 26 Dec 2007 21:07:30 +0000 |
Igor Sysoev |
create ssl buffer on demand and free it before keep-alive
|
Wed, 26 Dec 2007 20:27:22 +0000 |
Igor Sysoev |
ssl_session_cache off
|
Thu, 20 Dec 2007 21:01:00 +0000 |
Igor Sysoev |
use ngx_queue.h
|
Thu, 20 Dec 2007 20:35:23 +0000 |
Igor Sysoev |
embed session_rbtree and sentinel inside ngx_ssl_session_cache_t
|
Thu, 20 Dec 2007 20:30:45 +0000 |
Igor Sysoev |
omit useless test
|
Thu, 20 Dec 2007 20:11:45 +0000 |
Igor Sysoev |
use ngx_time() instead of ngx_timeofday()
|
Thu, 20 Dec 2007 13:49:07 +0000 |
Igor Sysoev |
remove SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER, we never need it,
|
Thu, 20 Dec 2007 13:04:20 +0000 |
Igor Sysoev |
cleaning stale global SSL error
|
Thu, 20 Dec 2007 12:59:05 +0000 |
Igor Sysoev |
SSL_shutdown() never returns -1, on error it returns 0.
|
Mon, 17 Dec 2007 08:52:00 +0000 |
Igor Sysoev |
optimize rbtree initialization and insert
|
Wed, 07 Nov 2007 13:54:40 +0000 |
Igor Sysoev |
r1355, r1471, r1600 merge:
stable-0.5
|
Sat, 01 Sep 2007 09:55:04 +0000 |
Igor Sysoev |
r1440 merge:
stable-0.5
|
Fri, 31 Aug 2007 09:22:53 +0000 |
Igor Sysoev |
style fix
|
Mon, 27 Aug 2007 19:44:35 +0000 |
Igor Sysoev |
do not set read->eof, ready, and error prematurely
|
Mon, 27 Aug 2007 15:01:08 +0000 |
Igor Sysoev |
mark connection as not ready, this fixes endless loop introduced in r1368
|
Sun, 29 Jul 2007 18:24:53 +0000 |
Igor Sysoev |
make 64-bit ngx_int_t on 64-bit platforms
|
Sun, 29 Jul 2007 18:05:45 +0000 |
Igor Sysoev |
--sysconfdir=DIR
|
Wed, 23 May 2007 18:28:54 +0000 |
Igor Sysoev |
style fix
|
Sat, 31 Mar 2007 19:48:48 +0000 |
Igor Sysoev |
ngx_ssl_recv_chain() must not update buf->last,
|
Thu, 18 Jan 2007 19:40:31 +0000 |
Igor Sysoev |
style fix: remove trailing spaces
|
Fri, 12 Jan 2007 21:58:02 +0000 |
Igor Sysoev |
ngx_strn2cmp() > ngx_memn2cmp()
|
Fri, 12 Jan 2007 20:57:34 +0000 |
Igor Sysoev |
fix duplicate rbtree keys case
|
Fri, 12 Jan 2007 20:26:39 +0000 |
Igor Sysoev |
style fix: remove tabs
|
Thu, 11 Jan 2007 18:59:17 +0000 |
Igor Sysoev |
optimize the SSL session cache allocations on 64-bit platforms
|
Thu, 11 Jan 2007 18:57:09 +0000 |
Igor Sysoev |
ssl_session_timeout was set only if builtin cache was used
|
Thu, 11 Jan 2007 17:39:02 +0000 |
Igor Sysoev |
optimize the SSL session cache allocations
|
Thu, 11 Jan 2007 17:05:18 +0000 |
Igor Sysoev |
stop rbtree search early if equal hash was found
|
Tue, 09 Jan 2007 15:59:20 +0000 |
Igor Sysoev |
pass the inherited shm_zone data
|
Mon, 08 Jan 2007 16:20:33 +0000 |
Igor Sysoev |
d2i_SSL_SESSION() was changed in 0.9.7f
|
Wed, 03 Jan 2007 15:25:40 +0000 |
Igor Sysoev |
move the session cache callbacks to the ngx_openssl_module
|
Tue, 02 Jan 2007 23:37:25 +0000 |
Igor Sysoev |
ngx_ssl_get_server_conf()
|
Tue, 02 Jan 2007 23:32:41 +0000 |
Igor Sysoev |
OPENSSL_config()
|
Wed, 09 Aug 2006 19:59:45 +0000 |
Igor Sysoev |
nginx-0.3.57-RELEASE import
release-0.3.57
|
Sat, 06 May 2006 16:28:56 +0000 |
Igor Sysoev |
nginx-0.3.45-RELEASE import
release-0.3.45
|
Wed, 08 Feb 2006 15:33:12 +0000 |
Igor Sysoev |
nginx-0.3.27-RELEASE import
release-0.3.27
|
Wed, 11 Jan 2006 15:26:57 +0000 |
Igor Sysoev |
nginx-0.3.20-RELEASE import
release-0.3.20
|
Sun, 18 Dec 2005 16:02:44 +0000 |
Igor Sysoev |
nginx-0.3.17-RELEASE import
release-0.3.17
|
Fri, 16 Dec 2005 15:07:08 +0000 |
Igor Sysoev |
nginx-0.3.16-RELEASE import
release-0.3.16
|
Mon, 05 Dec 2005 13:18:09 +0000 |
Igor Sysoev |
nginx-0.3.13-RELEASE import
release-0.3.13
|
Tue, 15 Nov 2005 13:30:52 +0000 |
Igor Sysoev |
nginx-0.3.10-RELEASE import
release-0.3.10
|
Thu, 27 Oct 2005 15:46:13 +0000 |
Igor Sysoev |
nginx-0.3.7-RELEASE import
release-0.3.7
|
Wed, 19 Oct 2005 12:33:58 +0000 |
Igor Sysoev |
nginx-0.3.3-RELEASE import
release-0.3.3
|
Mon, 10 Oct 2005 12:59:41 +0000 |
Igor Sysoev |
nginx-0.3.1-RELEASE import
release-0.3.1
|
Fri, 30 Sep 2005 16:02:34 +0000 |
Igor Sysoev |
nginx-0.2.3-RELEASE import
release-0.2.3
|
Fri, 30 Sep 2005 14:41:25 +0000 |
Igor Sysoev |
nginx-0.2.2-RELEASE import
release-0.2.2
|
Fri, 23 Sep 2005 11:02:22 +0000 |
Igor Sysoev |
nginx-0.2.0-RELEASE import
release-0.2.0
|
Thu, 08 Sep 2005 14:36:09 +0000 |
Igor Sysoev |
nginx-0.1.45-RELEASE import
release-0.1.45
|
Tue, 06 Sep 2005 16:09:32 +0000 |
Igor Sysoev |
nginx-0.1.44-RELEASE import
release-0.1.44
|
Mon, 16 May 2005 13:53:20 +0000 |
Igor Sysoev |
nginx-0.1.31-RELEASE import
release-0.1.31
|
Sat, 14 May 2005 18:42:03 +0000 |
Igor Sysoev |
nginx-0.1.30-RELEASE import
release-0.1.30
|
Thu, 12 May 2005 14:58:06 +0000 |
Igor Sysoev |
nginx-0.1.29-RELEASE import
release-0.1.29
|
Sat, 19 Mar 2005 12:38:37 +0000 |
Igor Sysoev |
nginx-0.1.25-RELEASE import
release-0.1.25
|
Thu, 17 Feb 2005 11:59:36 +0000 |
Igor Sysoev |
nginx-0.1.20-RELEASE import
release-0.1.20
|
Wed, 16 Feb 2005 13:40:36 +0000 |
Igor Sysoev |
nginx-0.1.19-RELEASE import
release-0.1.19
|
Tue, 18 Jan 2005 13:03:58 +0000 |
Igor Sysoev |
nginx-0.1.14-RELEASE import
release-0.1.14
|
Thu, 02 Dec 2004 18:40:46 +0000 |
Igor Sysoev |
nginx-0.1.11-RELEASE import
release-0.1.11
|
Thu, 25 Nov 2004 16:17:31 +0000 |
Igor Sysoev |
nginx-0.1.9-RELEASE import
release-0.1.9
|
Thu, 11 Nov 2004 14:07:14 +0000 |
Igor Sysoev |
nginx-0.1.5-RELEASE import
release-0.1.5
|
Thu, 21 Oct 2004 15:34:38 +0000 |
Igor Sysoev |
nginx-0.1.2-RELEASE import
release-0.1.2
|
Mon, 11 Oct 2004 15:07:03 +0000 |
Igor Sysoev |
nginx-0.1.1-RELEASE import
release-0.1.1
|
Thu, 30 Sep 2004 06:38:49 +0000 |
Igor Sysoev |
nginx-0.1.0-2004-09-30-10:38:49 import
|
Wed, 29 Sep 2004 16:00:49 +0000 |
Igor Sysoev |
nginx-0.1.0-2004-09-29-20:00:49 import; remove years from copyright
|
Tue, 28 Sep 2004 08:34:51 +0000 |
Igor Sysoev |
nginx-0.1.0-2004-09-28-12:34:51 import; set copyright and remove unused files
|
Sun, 25 Jul 2004 18:34:14 +0000 |
Igor Sysoev |
nginx-0.0.7-2004-07-25-22:34:14 import
|
Fri, 23 Jul 2004 17:05:37 +0000 |
Igor Sysoev |
nginx-0.0.7-2004-07-23-21:05:37 import
|
Fri, 23 Jul 2004 05:37:29 +0000 |
Igor Sysoev |
nginx-0.0.7-2004-07-23-09:37:29 import
|
Sun, 18 Jul 2004 19:11:20 +0000 |
Igor Sysoev |
nginx-0.0.7-2004-07-18-23:11:20 import
|
Fri, 16 Jul 2004 17:11:43 +0000 |
Igor Sysoev |
nginx-0.0.7-2004-07-16-21:11:43 import
|
Fri, 16 Jul 2004 06:33:35 +0000 |
Igor Sysoev |
nginx-0.0.7-2004-07-16-10:33:35 import
|
Thu, 15 Jul 2004 16:35:51 +0000 |
Igor Sysoev |
nginx-0.0.7-2004-07-15-20:35:51 import
|