Log

core/certmanager.lua @ 5747:23076ee191d3

description author age
Merge 0.9->trunk Matthew Wild Sat, 13 Jul 2013 13:17:53 +0100
certmanager: Set our own default cipher string, which includes only ciphers regarded as 'HIGH' strength (by OpenSSL). In particular this disables RC4. Matthew Wild Sat, 13 Jul 2013 13:15:24 +0100
certmanager: Overhaul of how ssl configs are built. Kim Alvefur Thu, 13 Jun 2013 17:44:42 +0200
Merge 0.9->trunk Matthew Wild Thu, 13 Jun 2013 00:46:29 +0100
certmanager: Add single_dh_use and single_ecdh_use to default options Matthew Wild Thu, 13 Jun 2013 00:45:41 +0100
Merge 0.9->trunk Matthew Wild Thu, 13 Jun 2013 00:09:56 +0100
certmanager: Set ssl.curve to 'secp384r1' by default, to enable ECC ciphers Matthew Wild Thu, 13 Jun 2013 00:04:04 +0100
Merge 0.9->trunk Matthew Wild Tue, 11 Jun 2013 21:50:41 +0100
certmanager: Use 'curve' and 'dhparam' options from ssl config if present Matthew Wild Tue, 11 Jun 2013 21:44:53 +0100
certmanager: Complain if key or certificate is missing from SSL config. Kim Alvefur Fri, 07 Jun 2013 20:55:02 +0200
certmanager: Disable SSL compression if possible (LuaSec 0.5 or 0.4.1+OpenSSL 1.x) Matthew Wild Wed, 22 May 2013 14:32:02 +0100
core.*: Complete removal of all traces of the "core" section and section-related code. Kim Alvefur Sat, 23 Mar 2013 02:33:15 +0100
certmanager: Fix nil index if no LuaSec available Kim Alvefur Mon, 07 Jan 2013 02:17:07 +0100
core.certmanager: Add support for LuaSec 0.5. Also compat with MattJs luasec-hg Kim Alvefur Fri, 28 Dec 2012 15:00:43 +0100
certmanager: Remove unused import of setmetatable Matthew Wild Mon, 23 Jul 2012 16:42:26 +0100
certmanager: Fix for traceback WITH LuaSec... (!) (thanks IRON) Matthew Wild Mon, 23 Jul 2012 16:39:49 +0100
certmanager: Fix traceback for missing LuaSec (thanks Link Mauve) Matthew Wild Mon, 23 Jul 2012 14:17:42 +0100
certmanager: Add quotes around cert file path when logging. Waqas Hussain Tue, 12 Jun 2012 17:02:35 +0500
certmanager: tonumber() (fix for 0b8134015635) Matthew Wild Sat, 19 May 2012 21:57:40 +0100
certmanager: Don't use no_ticket option before LuaSec 0.4 Matthew Wild Sat, 19 May 2012 21:53:43 +0100
certmanager: no_ticket is not a verification option (thanks Zash) Matthew Wild Fri, 18 May 2012 01:50:51 +0100
certmanager: Add no_ticket option for OpenSSL (we don't support resumption yet) Matthew Wild Fri, 18 May 2012 00:31:23 +0100
certmanager: Adjust error messages to be non-specific about 'host' (so we can specify a service name instead ffor SSL) Matthew Wild Fri, 11 May 2012 20:24:15 +0100
core.certmanager: Log a message when a password is required but not supplied. fixes #214 Kim Alvefur Sat, 21 Apr 2012 23:11:59 +0200
certmanager: More informative logging. Waqas Hussain Tue, 01 Nov 2011 23:57:42 +0500
certmanager: Support setting ciphers in SSL config. LuaSec apparently ignores the documented ciphers option. Waqas Hussain Thu, 25 Aug 2011 12:09:16 +0500
certmanager: Add required verify flags for cert verification if LuaSec (probably) supports them Matthew Wild Sun, 28 Nov 2010 21:09:55 +0000
prosody, configmanager, certmanager: Relocate prosody.resolve_relative_path() to configmanager, and update certmanager (the only user of this function) Matthew Wild Wed, 10 Nov 2010 19:46:53 +0000
certmanager, hostmanager, mod_tls: Move responsibility for creating per-host SSL contexts to mod_tls, meaning reloading certs is now as trivial as reloading mod_tls Matthew Wild Sat, 06 Nov 2010 18:28:15 +0000
Monster whitespace commit (beware the whitespace monster). Waqas Hussain Sat, 16 Oct 2010 23:00:42 +0500
prosody.resolve_relative_path: Updated to take a parent path to resolve against. Waqas Hussain Fri, 23 Jul 2010 23:14:50 +0500
Merge 0.7->trunk Matthew Wild Fri, 23 Jul 2010 09:22:27 +0100
certmanager: Don't disable LuaSec and future cert loading on failure, and add error messages to the no LuaSec/config cases (thanks Jakob) Matthew Wild Fri, 23 Jul 2010 09:17:11 +0100
Merge with backout Matthew Wild Thu, 15 Jul 2010 08:27:56 +0100
Backed out changeset 598c33a99a31 (already fixed a better way) Matthew Wild Thu, 15 Jul 2010 08:25:50 +0100
certmanager: Fix to handle the case of no SSL configuration at all Matthew Wild Wed, 14 Jul 2010 16:24:15 +0100
certmanager: Added copyright header. Waqas Hussain Thu, 15 Jul 2010 11:28:31 +0500
certmanager: Defined default_capath to prevent a global nil access. Waqas Hussain Thu, 15 Jul 2010 11:28:14 +0500
certmanager: Use an empty table as the default ssl config when a global 'ssl' config option isn't specified (fixes a top-level traceback on startup). Waqas Hussain Thu, 15 Jul 2010 11:25:41 +0500
certmanager: Remove debug logging accidentally committed Matthew Wild Tue, 13 Jul 2010 15:28:52 +0100
certmanager: Adjust paths of SSL key/certs to be relative to the config file, fixes #147 Matthew Wild Tue, 13 Jul 2010 13:56:14 +0100
certmanager: Friendlier error reporting on OpenWRT and other cases where we don't understand the OpenSSL error Matthew Wild Fri, 05 Mar 2010 15:00:11 +0000
certmanager: Fix nil global access (thanks Marc) Matthew Wild Fri, 05 Mar 2010 14:49:56 +0000
certmanager: Fix global access Matthew Wild Mon, 01 Mar 2010 18:52:47 +0000
Merge with 0.7 Matthew Wild Sat, 13 Feb 2010 16:12:53 +0000
certmanager: Bring back the friendly errors when failing to load the key/certificate file Matthew Wild Sat, 13 Feb 2010 16:12:21 +0000
certmanager, hostmanager: Rename get_context() to create_context() to be more explicit about what it does Matthew Wild Sat, 13 Feb 2010 16:08:43 +0000
certmanager: Fix traceback with no LuaSec Matthew Wild Fri, 05 Feb 2010 14:31:25 +0000
certmanager: Tabs not spaces! Matthew Wild Fri, 05 Feb 2010 14:22:48 +0000
certmanager: Hello world, I'm come to manage your SSL contexts Matthew Wild Sun, 31 Jan 2010 17:22:59 +0000