Log

core/certmanager.lua @ 11064:af1e3b7d9ea3

description author age
core.certmanager: Add TODO about LuaSec issue Kim Alvefur Sun, 07 Jun 2020 02:12:50 +0200
Merge 0.11->trunk Kim Alvefur Mon, 13 Apr 2020 16:14:39 +0200
core.certmanager: Move EECDH ciphers before EDH in default cipherstring (fixes #1513) 0.11 Kim Alvefur Sun, 25 Aug 2019 20:22:35 +0200
Merge 0.11->trunk Kim Alvefur Fri, 10 Apr 2020 19:03:36 +0200
core.certmanager: Look for privkey.pem to go with fullchain.pem (fix #1526) 0.11 Kim Alvefur Fri, 10 Apr 2020 16:11:09 +0200
core.portmanager: Fix TLS context inheritance for SNI hosts (completes SNI support) Kim Alvefur Fri, 29 Nov 2019 23:24:14 +0100
core.certmanager: Lower severity for tls config not having cert Kim Alvefur Sat, 07 Sep 2019 00:00:40 +0200
core.certmanager: Remove unused import [luacheck] Kim Alvefur Sun, 25 Aug 2019 23:25:42 +0200
Remove COMPAT with temporary luasec fork Kim Alvefur Sun, 25 Aug 2019 23:12:55 +0200
core.certmanager: Move EECDH ciphers before EDH in default cipherstring Kim Alvefur Sun, 25 Aug 2019 20:22:35 +0200
core.certmanager: Do not ask for client certificates by default Kim Alvefur Sun, 10 Mar 2019 19:58:28 +0100
Merge 0.10->trunk Kim Alvefur Fri, 25 May 2018 03:33:13 +0200
core.certmanager: Allow all non-whitespace in service name (fixes #1019) Kim Alvefur Fri, 25 May 2018 03:30:16 +0200
vairious: Add annotation when an empty environment is set [luacheck] Kim Alvefur Wed, 28 Feb 2018 20:06:26 +0100
certmanager: Check for missing certificate before key in configuration (should be marginally less confusing) Kim Alvefur Thu, 28 Dec 2017 17:32:56 +0100
certmanager: Set single curve conditioned on LuaSec advertising EC crypto support Kim Alvefur Mon, 20 Nov 2017 00:27:26 +0100
certmanager: Filter out curves not supported by LuaSec Kim Alvefur Mon, 20 Nov 2017 00:26:41 +0100
certmanager: Change table representing LuaSec capabilities to match capabilities table exposed in LuaSec 0.7 Kim Alvefur Mon, 20 Nov 2017 00:25:18 +0100
core.certmanager: Set a default curveslist [sic], fixes #879, #943, #951 if used along with luasec 0.7 and openssl 1.1 Kim Alvefur Wed, 27 Sep 2017 15:45:07 +0200
prosodyctl: cert import: Reuse function from certmanager for locating certificates and keys Kim Alvefur Wed, 27 Sep 2017 15:21:20 +0200
certmanager: Add debug logging (thanks av6) Matthew Wild Sat, 23 Sep 2017 17:13:29 +0100
certmanager: Update the 'certificates' option after the config has been reloaded (fixes #929) Kim Alvefur Thu, 01 Jun 2017 14:03:50 +0200
core.certmanager: Translate "no start line" to something friendlier (thanks santiago) Kim Alvefur Sat, 26 Nov 2016 20:08:48 +0100
core.certmanager: Split cipher list into array with comments explaining each part Kim Alvefur Mon, 12 Sep 2016 15:49:24 +0200
certmanager: Assume default config path of '.' (fixes prosodyctl check certs when not installed) Kim Alvefur Fri, 29 Jul 2016 11:24:28 +0200
certmanager: Explicitly tonumber() version number segments before doing arithmetic and avoid relying on implicit coercion (thanks David Favro) Matthew Wild Sat, 26 Mar 2016 19:55:08 +0000
certmanager: Localize tonumber Matthew Wild Thu, 18 Feb 2016 13:48:45 +0000
certmanager: Try filename.key if certificate is set to a full filename ending with .crt Kim Alvefur Fri, 05 Feb 2016 16:12:01 +0100
certmanager: Apply global ssl config later so certificate/key is not overwritten by magic Kim Alvefur Fri, 05 Feb 2016 15:03:39 +0100
certmanager: Support new certificate configuration for non-XMPP services too (fixes #614) Matthew Wild Fri, 05 Feb 2016 00:03:41 +0000
core.certmanager: Look for certificate and key in a few different places Kim Alvefur Wed, 03 Feb 2016 22:44:29 +0100
core.certmanager: Remove non-string filenames (allows setting eg capath to false to disable the built in default) Kim Alvefur Sun, 11 Oct 2015 19:44:15 +0200
core.*: Remove use of module() function Kim Alvefur Sat, 21 Feb 2015 10:42:19 +0100
certmanager: Fix compat for MattJs old LuaSec fork Kim Alvefur Thu, 05 Feb 2015 17:23:53 +0100
certmanager: Fix previous commit Kim Alvefur Thu, 05 Feb 2015 17:21:05 +0100
certmanager: Limit certificate chain depth to 9 Kim Alvefur Thu, 05 Feb 2015 16:59:34 +0100
certmanager: Options that appear to be available since LuaSec 0.2 Kim Alvefur Thu, 05 Feb 2015 16:56:28 +0100
certmanager: Improve "detection" of features that depend on LuaSec version Kim Alvefur Thu, 05 Feb 2015 16:20:50 +0100
certmanager: Add locals for ssl.context and ssl.x509 Kim Alvefur Thu, 05 Feb 2015 15:14:35 +0100
certmanager: Early return from the entire module if LuaSec is unavailable Kim Alvefur Thu, 05 Feb 2015 15:10:23 +0100
certmanager: Make global variable access explicit Matthew Wild Tue, 20 Jan 2015 11:29:38 +0000
certmanager, mod_tls: Return final ssl config as third return value (fix for c6caaa440e74, portmanager assumes non-falsy second return value is an error) (thanks deoren) Kim Alvefur Sat, 22 Nov 2014 11:51:54 +0100
certmanager: Return final ssl config along with ssl context on success Kim Alvefur Wed, 19 Nov 2014 14:47:03 +0100
Merge 0.9->0.10 Kim Alvefur Sun, 26 Oct 2014 20:57:06 +0100
certmanager, net.http: Disable SSLv3 by default 0.9.6 Matthew Wild Tue, 14 Oct 2014 18:55:08 +0100
core.certmanager: Make create_context() support an arbitrary number of option sets, merging all Kim Alvefur Thu, 03 Jul 2014 15:32:26 +0200
core.certmanager: Use util.sslconfig Kim Alvefur Thu, 03 Jul 2014 15:31:12 +0200
core.certmanager, core.moduleapi, mod_storage_sql, mod_storage_sql2: Import from util.paths Kim Alvefur Fri, 09 May 2014 19:35:29 +0200
certmanager: Move ssl.protocol handling to after ssl.options is a table (thanks Ralph) Kim Alvefur Mon, 21 Apr 2014 02:43:09 +0200
certmanager: Fix traceback if no global 'ssl' section set (thanks albert) Kim Alvefur Sun, 20 Apr 2014 21:25:26 +0200
certmanager: Update ssl_compression when config is reloaded Kim Alvefur Tue, 15 Apr 2014 01:02:56 +0200
certmanager: Reformat core ssl defaults Kim Alvefur Tue, 15 Apr 2014 00:49:17 +0200
certmanager: Support ssl.protocol syntax like "tlsv1+" that disables older protocols Kim Alvefur Tue, 15 Apr 2014 00:45:07 +0200
certmanager: Merge ssl.options, verify etc from core defaults and global ssl settings with inheritance while allowing options to be disabled per virtualhost Kim Alvefur Tue, 15 Apr 2014 00:32:11 +0200
certmanager: Wrap long line and add comment Kim Alvefur Mon, 14 Apr 2014 23:41:26 +0200
certmanager: Concatenate cipher list if given as a table Kim Alvefur Mon, 14 Apr 2014 23:34:35 +0200
certmanager: Allow non-server contexts to be without certificate and key Kim Alvefur Mon, 14 Apr 2014 23:09:28 +0200
certmanager: Check for non-nil values instead of true-ish values, allows removing defaults Kim Alvefur Mon, 14 Apr 2014 23:00:44 +0200
Merge 0.9->0.10 Matthew Wild Thu, 21 Nov 2013 02:14:23 +0000
certmanager: Further cipher string tweaking. Re-enable ciphers required for DSA and ECDH certs/keys. Matthew Wild Thu, 21 Nov 2013 02:11:09 +0000