Sat, 22 Nov 2014 11:51:54 +0100 |
Kim Alvefur |
certmanager, mod_tls: Return final ssl config as third return value (fix for c6caaa440e74, portmanager assumes non-falsy second return value is an error) (thanks deoren)
|
file |
diff |
annotate
|
Wed, 19 Nov 2014 14:47:03 +0100 |
Kim Alvefur |
certmanager: Return final ssl config along with ssl context on success
|
file |
diff |
annotate
|
Sun, 26 Oct 2014 20:57:06 +0100 |
Kim Alvefur |
Merge 0.9->0.10
|
file |
diff |
annotate
|
Tue, 14 Oct 2014 18:55:08 +0100 |
Matthew Wild |
certmanager, net.http: Disable SSLv3 by default
0.9.6
|
file |
diff |
annotate
|
Thu, 03 Jul 2014 15:32:26 +0200 |
Kim Alvefur |
core.certmanager: Make create_context() support an arbitrary number of option sets, merging all
|
file |
diff |
annotate
|
Thu, 03 Jul 2014 15:31:12 +0200 |
Kim Alvefur |
core.certmanager: Use util.sslconfig
|
file |
diff |
annotate
|
Fri, 09 May 2014 19:35:29 +0200 |
Kim Alvefur |
core.certmanager, core.moduleapi, mod_storage_sql, mod_storage_sql2: Import from util.paths
|
file |
diff |
annotate
|
Mon, 21 Apr 2014 02:43:09 +0200 |
Kim Alvefur |
certmanager: Move ssl.protocol handling to after ssl.options is a table (thanks Ralph)
|
file |
diff |
annotate
|
Sun, 20 Apr 2014 21:25:26 +0200 |
Kim Alvefur |
certmanager: Fix traceback if no global 'ssl' section set (thanks albert)
|
file |
diff |
annotate
|
Tue, 15 Apr 2014 01:02:56 +0200 |
Kim Alvefur |
certmanager: Update ssl_compression when config is reloaded
|
file |
diff |
annotate
|
Tue, 15 Apr 2014 00:49:17 +0200 |
Kim Alvefur |
certmanager: Reformat core ssl defaults
|
file |
diff |
annotate
|
Tue, 15 Apr 2014 00:45:07 +0200 |
Kim Alvefur |
certmanager: Support ssl.protocol syntax like "tlsv1+" that disables older protocols
|
file |
diff |
annotate
|
Tue, 15 Apr 2014 00:32:11 +0200 |
Kim Alvefur |
certmanager: Merge ssl.options, verify etc from core defaults and global ssl settings with inheritance while allowing options to be disabled per virtualhost
|
file |
diff |
annotate
|
Mon, 14 Apr 2014 23:41:26 +0200 |
Kim Alvefur |
certmanager: Wrap long line and add comment
|
file |
diff |
annotate
|
Mon, 14 Apr 2014 23:34:35 +0200 |
Kim Alvefur |
certmanager: Concatenate cipher list if given as a table
|
file |
diff |
annotate
|
Mon, 14 Apr 2014 23:09:28 +0200 |
Kim Alvefur |
certmanager: Allow non-server contexts to be without certificate and key
|
file |
diff |
annotate
|
Mon, 14 Apr 2014 23:00:44 +0200 |
Kim Alvefur |
certmanager: Check for non-nil values instead of true-ish values, allows removing defaults
|
file |
diff |
annotate
|
Thu, 21 Nov 2013 02:14:23 +0000 |
Matthew Wild |
Merge 0.9->0.10
|
file |
diff |
annotate
|
Thu, 21 Nov 2013 02:11:09 +0000 |
Matthew Wild |
certmanager: Further cipher string tweaking. Re-enable ciphers required for DSA and ECDH certs/keys.
|
file |
diff |
annotate
|
Tue, 12 Nov 2013 02:23:02 +0000 |
Matthew Wild |
Merge 0.9->0.10
|
file |
diff |
annotate
|
Tue, 12 Nov 2013 02:13:01 +0000 |
Matthew Wild |
Back out 1b0ac7950129, as SSLv3 appears to still be in moderate use on the network. Also, although obsolete, SSLv3 isn't documented to have any weaknesses that TLS 1.0 (the most common version used today) doesn't also have. Get your act together clients!
|
file |
diff |
annotate
|
Sun, 10 Nov 2013 18:49:34 +0000 |
Matthew Wild |
Merge 0.9->0.10
|
file |
diff |
annotate
|
Sun, 10 Nov 2013 18:46:48 +0000 |
Matthew Wild |
certmanager: Update default cipher string to prefer forward-secrecy over cipher strength and to disable triple-DES (weaker and much slower than AES)
|
file |
diff |
annotate
|
Sat, 09 Nov 2013 18:36:32 +0000 |
Matthew Wild |
Merge 0.9->0.10
|
file |
diff |
annotate
|
Sat, 09 Nov 2013 17:54:21 +0000 |
Matthew Wild |
certmanager: Fix order of options, so that the dynamic option is at the end of the array
|
file |
diff |
annotate
|
Sat, 09 Nov 2013 17:50:19 +0000 |
Matthew Wild |
certmanager: Default to using the server's cipher preference order by default, as clients have been shown to commonly select weak and insecure ciphers even when they support stronger ones
|
file |
diff |
annotate
|
Thu, 31 Oct 2013 20:47:57 +0100 |
Kim Alvefur |
Merge 0.9 -> 0.10
|
file |
diff |
annotate
|
Thu, 31 Oct 2013 19:00:36 +0100 |
Kim Alvefur |
certmanager: Disable SSLv3 by default
|
file |
diff |
annotate
|
Tue, 15 Oct 2013 10:47:34 +0200 |
Kim Alvefur |
certmanager: Fix. Again.
|
file |
diff |
annotate
|
Tue, 15 Oct 2013 01:37:16 +0200 |
Kim Alvefur |
certmanager: Add back single_dh_use and single_ecdh_use to default options (Zash breaks, Zash unbreaks)
|
file |
diff |
annotate
|