Kim Alvefur <zash@zash.se> [Fri, 29 Nov 2019 23:27:51 +0100] rev 10469
mod_net_multiplex: Add support for using ALPN
Potentially a bit more efficient since it can jump to the selected
protocol on connect instead of waiting for some data to look at.
Adds a 'protocol' field to net providers for this purpose.
Kim Alvefur <zash@zash.se> [Fri, 29 Nov 2019 23:25:59 +0100] rev 10468
net.http: Set ALPN on requests
Shouldn't hurt. Revert if it turns out it does.
Supported in LuaSec 0.8. Should be ignored otherwise.
Kim Alvefur <zash@zash.se> [Fri, 29 Nov 2019 23:24:14 +0100] rev 10467
core.portmanager: Fix TLS context inheritance for SNI hosts (completes SNI support)
Kim Alvefur <zash@zash.se> [Fri, 29 Nov 2019 23:22:29 +0100] rev 10466
core.portmanager: Don't set the first TLS context with a cert as main context
Don't think this works and it's apparently acceptable to require SNI these days.
Kim Alvefur <zash@zash.se> [Thu, 21 Nov 2019 00:16:20 +0100] rev 10465
mod_admin_telnet: Display ALPN in show_tls() if supported and available
Kim Alvefur <zash@zash.se> [Fri, 29 Nov 2019 21:30:08 +0100] rev 10464
mod_http: Log served URLs at 'info' level
These are similar to the "activated service" messages from portmanager
and similarily useful for the service admin to know even if they're not
debugging anything.
Kim Alvefur <zash@zash.se> [Fri, 29 Nov 2019 18:15:23 +0100] rev 10463
mod_s2s: Prevent unhandled stanza handler from complaining about stream features on aborted connections
I have no idea why I wrote return false in e5945fb5b71f
Kim Alvefur <zash@zash.se> [Thu, 28 Nov 2019 18:57:17 +0100] rev 10462
mod_s2s_bidi: Ignore unencrypted connections if s2s_require_encryption is set
Prevents some weirdness in cases where no authentication is done
Kim Alvefur <zash@zash.se> [Thu, 28 Nov 2019 18:30:30 +0100] rev 10461
mod_s2s: Abort outgoing connections earlier when TLS requirement isn't satisfied
This ensures the closure reason is accurate and not reported as an
authentication or other problem
Kim Alvefur <zash@zash.se> [Thu, 28 Nov 2019 17:32:15 +0100] rev 10460
mod_s2s: Send stream errors for cert problems on outgoing connections
Rationale in comment.