0cf6848646
clang-format-3.9
2016-10-15 18:36:04 +09:00
5db8473f12
Fix build error with OpenSSL < 1.0.2 (again)
2016-10-09 19:34:32 +09:00
00b89f10bd
Fix build error with OpenSSL < 1.0.2
2016-10-09 18:54:18 +09:00
412c8f9e67
nghttpx: Add TLS signed_certificate_timestamp extension support
2016-10-09 18:43:36 +09:00
1b4ccd0d51
nghttpx: Don't call get_config() repeatedly
2016-10-08 11:37:18 +09:00
8babaac8c3
nghttpx: Add --ecdh-curves option to specify list of named curves
...
This option requires OpenSSL >= 1.0.2. With OpenSSL 1.0.2, the
default value is "P-256". With OpenSSL 1.1.0 or later, the default
value is "X25519:P-256".
2016-10-08 10:50:56 +09:00
97843e3874
nghttpx: Use StringRef for tls_proto_list
2016-10-03 22:09:45 +09:00
5dd2704051
nghttpx: Use StringRef for tls.npn_list
2016-10-03 22:09:45 +09:00
99a91e3172
nghttpx: Add BlockAllocator to Config object
2016-10-03 22:09:45 +09:00
e1a865c406
nghttpx: Add BlockAllocator version of util::formax_hex
2016-10-02 22:28:42 +09:00
8a9810ed32
nghttpx: Add BlockAllocator to ClientHandler
2016-10-01 22:54:17 +09:00
e1dfff8929
Use std::atomic_* overloads for std::shared_ptr if available
2016-09-20 22:39:01 +09:00
a3a6b91c5f
src: Rename OPENSSL_101_API macro as OPENSSL_1_1_API
2016-09-11 00:38:20 +09:00
bc31146c1f
nghttpx: Add tls_sni to mruby Nghttpx::Env class
...
tls_sni returns TLS SNI value which client sent in this TLS
connection.
2016-09-10 22:08:34 +09:00
6ba1abac6c
src: Only consider openssl 1.1.0 final
2016-08-27 00:45:16 +09:00
0110d2f9f8
Fix compile error with openssl 1.1.0
2016-08-27 00:02:03 +09:00
e2906025c8
nghttpx: Don't exit from save_pid and set_alpn_prefs
2016-07-31 20:35:10 +09:00
903e0077aa
nghttpx: Fix build error with libressl
2016-06-27 22:29:07 +09:00
aced5b3b6c
nghttpx: Fix memory leak from CertLookupTree
2016-06-25 23:47:22 +09:00
97d8bb16e6
nghttpx: Update doc
2016-06-25 23:37:29 +09:00
3e14f0d8a5
nghttpx: Fix compile error with openssl 1.0.1
...
openssl lacks SSL_CTX_get0_certificates().
2016-06-25 23:35:37 +09:00
f7c0d48152
nghttpx: Rewrite CertLookupTree using Router
2016-06-25 22:52:01 +09:00
845aa7a710
nghttpx: Share downstream config object
...
This is the unit of sharing configurations to change
2016-06-03 19:57:43 +09:00
2a4bf9f615
nghttpx: Allow mixed protocol and TLS settings among backends under same pattern
2016-05-24 23:36:43 +09:00
6d22898936
src: Compile with OpenSSL 1.1.0-pre5
...
* don't use CRYPTO_LOCK stuff (they are sorted out by openssl, and no
application intervention is required, just like boringSSL)
* don't use OPENSSL_config
* use provided API to access BIO member
2016-05-07 16:18:58 +09:00
fd801864e3
nghttpx: Add sni keyword to --backend option
...
The --backend-tls-sni-field is deprecated in favor of sni keyword.
--backend-tls-sni-field still works, and it overrides all sni keyword
in --backend option. But it will be removed in the future release.
2016-04-29 14:42:18 +09:00
4aa4fe56e1
nghttpx: Destroy SSL object, and always lookup TLS session cache
2016-04-28 22:25:55 +09:00
b39ad3135d
nghttpx: Don't use CN if we have dNSName or iPAddress field
2016-04-26 22:32:55 +09:00
bc2b941866
nghttpx: Wildcard match for CN
2016-04-21 22:53:07 +09:00
9b81eec944
nghttpx: Remove trailing "." from SAN DNS name and CN
2016-04-21 22:44:26 +09:00
3e6c38e3be
src: Made strieq(T, S) template
2016-03-25 22:45:33 +09:00
a46c815e4e
src: StringRef-fy
2016-03-25 01:41:06 +09:00
186d440168
nghttpx: More StringRef-fy
2016-03-25 01:19:42 +09:00
0875e66aab
src: Remove streq(const char *) overload
2016-03-25 00:02:07 +09:00
4dfae3484f
nghttpx: Refactor CertLookupTree interface
2016-03-24 23:35:15 +09:00
372123c178
nghttpx: Remove strieq(const char*, cosnt char*) overload, and fix unittests
2016-03-24 23:34:56 +09:00
eec0b04a33
nghttpx: Enable/disable TLS per frontend address
...
This change allows user to disable TLS per frontend address using
no-tls keyword in --frontend option. We removed --frontend-no-tls in
favor of this new feature.
2016-03-23 23:56:09 +09:00
58b06f32a2
nghttpx: Configure TLS per backend routing pattern
...
We added "tls" parameter to --backend option to enable TLS on that
backend connection. --backend-tls options was deprecated, now is
noop.
2016-03-23 22:56:18 +09:00
478fde5fef
nghttpx: Fix compile error
2016-02-29 01:16:45 +09:00
1832f78684
nghttpx: Move downstream proto to DownstreamAddrGroup
2016-02-28 16:56:14 +09:00
f2a7275700
nghttpx: Cache TLS session inside DownstreamAddr object
2016-02-21 16:35:43 +09:00
67804cfc8c
nghttpx: Use ImmutableString for ciphers
2016-02-14 22:17:10 +09:00
2344932b45
nghttpx: Use ImmutableString for dh_param_file
2016-02-14 22:17:10 +09:00
35ebdd35bc
nghttpx: Use ImmutableString for private_key_file
2016-02-14 22:17:10 +09:00
ac81003669
nghttpx: Use ImmutableString for cert_file
2016-02-14 22:17:10 +09:00
c999987baf
nghttpx: Use ImmutableString for private_key_file
2016-02-14 22:17:10 +09:00
529a59d309
nghttpx: Use ImmutableString for tls.client_verify.cacert
2016-02-14 22:17:10 +09:00
52f6417813
nghttpx: Use ImmutableString for tls.cacert
2016-02-14 22:17:00 +09:00
bfc26e8299
nghttpx: Use ImmutableString to store memcached server host
2016-02-14 20:59:10 +09:00
3297a303bf
nghttpx: Add client auth options for session cache memcached TLS connection
2016-02-13 18:46:07 +09:00
Tatsuhiro Tsujikawa