Commit Graph

10 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa 68a724cf7b nghttpx: Select certificate by client's supported signature algo
nghttpx supports multiple certificates using --subcert option.
Previously, SNI hostname is used to select certificate.  With this
commit, signature algorithm presented by client is also taken into
consideration.  nghttpx now accepts certificates which share the same
hostname (CN, SAN), but have different signature algorithm (e.g.,
ECDSA+SHA256, RSA+SHA256).

Currently, this feature requires OpenSSL >= 1.0.2.  BoringSSL, and
LibreSSL do not work since they lack required APIs.
2017-02-04 23:37:24 +09:00
Tatsuhiro Tsujikawa f7c0d48152 nghttpx: Rewrite CertLookupTree using Router 2016-06-25 22:52:01 +09:00
Tatsuhiro Tsujikawa 084206bace nghttpx: Handle edge case wildcard pattern and add tests
Suppose the wildcard patterns follows:

- *.nghttp2.org/foo
- *.img.nghttp2.org/bar

Previously, s.img.nghttp2.org/foo does not match anything.  Now it
matches first pattern.
2016-06-11 13:33:59 +09:00
Tatsuhiro Tsujikawa 288449b9bc nghttpx: Rewrite wildcard router 2016-06-10 23:43:44 +09:00
Tatsuhiro Tsujikawa 43913838b4 nghttpx: Retain memory in Router 2016-06-03 23:52:44 +09:00
Tatsuhiro Tsujikawa 49fa914db5 nghttpx: Use StringRef for string parameters in match_downstream_addr_group 2016-02-14 20:48:06 +09:00
Tatsuhiro Tsujikawa 93eabc642b nghttpx: Use StringRef for parameter in Router::match 2016-02-14 19:07:22 +09:00
Tatsuhiro Tsujikawa 2d273f8237 nghttpx: Use StringRef for pattern paramter in Router::add_route 2016-02-14 18:55:53 +09:00
Tatsuhiro Tsujikawa 3fafbfe1ed Fix gcc build 2015-09-27 00:51:32 +09:00
Tatsuhiro Tsujikawa 8acf9a2802 nghttpx: Trie based routing 2015-09-26 22:19:10 +09:00