Tatsuhiro Tsujikawa
e5b84fad09
nghttpx: Fix bug that old config is used during reloading config
2017-02-16 22:46:22 +09:00
Tatsuhiro Tsujikawa
68a724cf7b
nghttpx: Select certificate by client's supported signature algo
...
nghttpx supports multiple certificates using --subcert option.
Previously, SNI hostname is used to select certificate. With this
commit, signature algorithm presented by client is also taken into
consideration. nghttpx now accepts certificates which share the same
hostname (CN, SAN), but have different signature algorithm (e.g.,
ECDSA+SHA256, RSA+SHA256).
Currently, this feature requires OpenSSL >= 1.0.2. BoringSSL, and
LibreSSL do not work since they lack required APIs.
2017-02-04 23:37:24 +09:00
Tatsuhiro Tsujikawa
0cf6848646
clang-format-3.9
2016-10-15 18:36:04 +09:00
Tatsuhiro Tsujikawa
65095c448d
nghttpx: Fix compile error with gcc -Werror=comment
2016-06-25 23:57:40 +09:00
Tatsuhiro Tsujikawa
76e188e368
nghttpx: Fix compile error with gcc
2016-06-25 23:57:26 +09:00
Tatsuhiro Tsujikawa
3e14f0d8a5
nghttpx: Fix compile error with openssl 1.0.1
...
openssl lacks SSL_CTX_get0_certificates().
2016-06-25 23:35:37 +09:00
Tatsuhiro Tsujikawa
f7c0d48152
nghttpx: Rewrite CertLookupTree using Router
2016-06-25 22:52:01 +09:00
Tatsuhiro Tsujikawa
9272e80fa6
nghttpx: Fix compile error on travis
2016-03-25 02:28:10 +09:00
Tatsuhiro Tsujikawa
4dfae3484f
nghttpx: Refactor CertLookupTree interface
2016-03-24 23:35:15 +09:00
Tatsuhiro Tsujikawa
372123c178
nghttpx: Remove strieq(const char*, cosnt char*) overload, and fix unittests
2016-03-24 23:34:56 +09:00
Tatsuhiro Tsujikawa
dbbf3a4a10
nghttpx: Refactor TLS hostname match
2016-01-16 23:54:21 +09:00
Tatsuhiro Tsujikawa
c6ef1c02b9
Switch to clang-format-3.6
2015-11-13 00:53:29 +09:00
Tatsuhiro Tsujikawa
6ff67ae869
src: Move array_size to nghttp2 namespace
2015-02-06 22:44:09 +09:00
Tatsuhiro Tsujikawa
b165775811
nghttpx: Refactor CertLookupTree
2015-02-06 21:25:43 +09:00
Tatsuhiro Tsujikawa
b1f807abd1
Reformat lines with clang-format-3.5
2014-11-27 23:56:30 +09:00
Tatsuhiro Tsujikawa
8890e593e6
src: Add util::array_size
2014-08-28 00:45:12 +09:00
Tatsuhiro Tsujikawa
ab2dc5967d
Replace HTTP/2.0 with HTTP/2
2014-03-30 19:26:37 +09:00
Tatsuhiro Tsujikawa
c531e691fc
src: Use SSLv23_method for tests
2014-01-06 16:07:18 +09:00
Tatsuhiro Tsujikawa
0edce70343
Rebranding nghttp2
2013-07-13 00:43:06 +09:00
Tatsuhiro Tsujikawa
64fcac48b7
shrpx: Fix bug in building certificate lookup tree
2013-02-16 17:51:38 +09:00
Tatsuhiro Tsujikawa
c8167234fa
shrpx: Fix bug in certificate lookup
2013-02-16 02:33:16 +09:00
Tatsuhiro Tsujikawa
291cbc639b
shrpx: Use patricia trie for cert lookup
2013-02-14 00:28:55 +09:00
Tatsuhiro Tsujikawa
b18af854af
shrpx: Add --subcert option to add additional certificate/private key
...
This option specifies additional certificate and private key
file. Shrpx will choose certificates based on the hostname indicated
by client using TLS SNI extension. This option can be used multiple
times.
2013-02-06 23:41:28 +09:00