Merge 0.9->0.10
|
Matthew Wild |
Sun, 10 Nov 2013 18:49:34 +0000 |
certmanager: Update default cipher string to prefer forward-secrecy over cipher strength and to disable triple-DES (weaker and much slower than AES)
|
Matthew Wild |
Sun, 10 Nov 2013 18:46:48 +0000 |
Merge 0.9->0.10
|
Matthew Wild |
Sat, 09 Nov 2013 18:36:32 +0000 |
certmanager: Fix order of options, so that the dynamic option is at the end of the array
|
Matthew Wild |
Sat, 09 Nov 2013 17:54:21 +0000 |
certmanager: Default to using the server's cipher preference order by default, as clients have been shown to commonly select weak and insecure ciphers even when they support stronger ones
|
Matthew Wild |
Sat, 09 Nov 2013 17:50:19 +0000 |
Merge 0.9 -> 0.10
|
Kim Alvefur |
Thu, 31 Oct 2013 20:47:57 +0100 |
certmanager: Disable SSLv3 by default
|
Kim Alvefur |
Thu, 31 Oct 2013 19:00:36 +0100 |
certmanager: Fix. Again.
|
Kim Alvefur |
Tue, 15 Oct 2013 10:47:34 +0200 |
certmanager: Add back single_dh_use and single_ecdh_use to default options (Zash breaks, Zash unbreaks)
|
Kim Alvefur |
Tue, 15 Oct 2013 01:37:16 +0200 |
certmanager: Allow for specifying the dhparam option as a path to a file instead of a callback
|
Kim Alvefur |
Tue, 03 Sep 2013 15:43:59 +0200 |
Merge 0.9->trunk
|
Kim Alvefur |
Tue, 03 Sep 2013 13:43:39 +0200 |
certmanager: Fix dhparam callback, missing imports (Testing, pfft)
0.9.1
|
Kim Alvefur |
Tue, 03 Sep 2013 13:40:29 +0200 |
Merge 0.9->trunk
|
Matthew Wild |
Tue, 03 Sep 2013 12:32:18 +0100 |
certmanager: Allow for specifying the dhparam option as a path to a file instead of a callback
|
Kim Alvefur |
Tue, 03 Sep 2013 13:13:31 +0200 |
certmanager: Fix for working around a bug with LuaSec 0.4.1 that causes it to not honour the 'ciphers' option. This change will apply 0.9's default cipher string for LuaSec 0.4.1 users.
|
Matthew Wild |
Tue, 03 Sep 2013 12:11:11 +0100 |
Remove all trailing whitespace
|
Florian Zeitz |
Fri, 09 Aug 2013 17:48:21 +0200 |
Merge 0.9->trunk
|
Matthew Wild |
Sat, 13 Jul 2013 13:17:53 +0100 |
certmanager: Set our own default cipher string, which includes only ciphers regarded as 'HIGH' strength (by OpenSSL). In particular this disables RC4.
|
Matthew Wild |
Sat, 13 Jul 2013 13:15:24 +0100 |
certmanager: Overhaul of how ssl configs are built.
|
Kim Alvefur |
Thu, 13 Jun 2013 17:44:42 +0200 |
Merge 0.9->trunk
|
Matthew Wild |
Thu, 13 Jun 2013 00:46:29 +0100 |
certmanager: Add single_dh_use and single_ecdh_use to default options
|
Matthew Wild |
Thu, 13 Jun 2013 00:45:41 +0100 |
Merge 0.9->trunk
|
Matthew Wild |
Thu, 13 Jun 2013 00:09:56 +0100 |
certmanager: Set ssl.curve to 'secp384r1' by default, to enable ECC ciphers
|
Matthew Wild |
Thu, 13 Jun 2013 00:04:04 +0100 |
Merge 0.9->trunk
|
Matthew Wild |
Tue, 11 Jun 2013 21:50:41 +0100 |
certmanager: Use 'curve' and 'dhparam' options from ssl config if present
|
Matthew Wild |
Tue, 11 Jun 2013 21:44:53 +0100 |
certmanager: Complain if key or certificate is missing from SSL config.
|
Kim Alvefur |
Fri, 07 Jun 2013 20:55:02 +0200 |
certmanager: Disable SSL compression if possible (LuaSec 0.5 or 0.4.1+OpenSSL 1.x)
|
Matthew Wild |
Wed, 22 May 2013 14:32:02 +0100 |
core.*: Complete removal of all traces of the "core" section and section-related code.
|
Kim Alvefur |
Sat, 23 Mar 2013 02:33:15 +0100 |