nghttp2

Author	SHA1	Message	Date
Tatsuhiro Tsujikawa	38abfd1863	nghttpx: Add mruby tls_client_not_before, and tls_client_not_after	2018-02-08 16:25:31 +09:00
Tatsuhiro Tsujikawa	ff200bfcf3	clang-format-5.0	2017-11-23 14:19:12 +09:00
Tatsuhiro Tsujikawa	73344ae9aa	nghttpx: Use plain hex string format for client serial	2017-11-17 00:04:23 +09:00
Tatsuhiro Tsujikawa	cd55ab28ab	nghttpx: Add function to get serial number from certificate	2017-11-16 22:53:54 +09:00
Tatsuhiro Tsujikawa	22502182d0	Add tls_client_issuer_name log variable and expose it to mruby	2017-11-15 23:41:47 +09:00
Tatsuhiro Tsujikawa	7008afd40e	nghttpx: Refactor get_x509_fingerprint to accept hash function	2017-10-31 21:28:16 +09:00
Tatsuhiro Tsujikawa	9f80a82c1a	nghttpx: Add client fingerprint and subject name to mruby env	2017-10-29 19:54:42 +09:00
Tatsuhiro Tsujikawa	1428a5e3ae	nghttpx: Verify OCSP response At least we should make sure that the OCSP response is targeted to the expected certificate. This is important because we pass the file path to the external script, and if the file is replaced because of renewal, and nghttpx has not reloaded its configuration, the certificate nghttpx has loaded and the one included in the file differ. Verifying the OCSP response detects this, and avoids to send wrong OCSP response.	2017-05-25 23:14:57 +09:00
Tatsuhiro Tsujikawa	058122b804	nghttpx: Rename shrpx_ssl.{h,cc} as shrpx_tls.{h,cc} The namespace shrpx::ssl was also renamed as shrpx::tls.	2017-04-01 15:12:28 +09:00