[prev in list] [next in list] [prev in thread] [next in thread]
List: proftpd-committers
Subject: [ProFTPD-committers] [proftpd/proftpd] 6a8e3e: Initial start of OCSP stapling implementation in m...
From: TJ Saunders <tj () castaglia ! org>
Date: 2015-12-23 1:32:07
Message-ID: 5679f997e0eed_c273febb46732b81180b9 () hookshot-fe1-cp1-prd ! iad ! github ! net ! mail
[Download RAW message or body]
Branch: refs/heads/master
Home: https://github.com/proftpd/proftpd
Commit: 6a8e3e74828c79ab1900d4d435a2a8e5da4e6d2d
https://github.com/proftpd/proftpd/commit/6a8e3e74828c79ab1900d4d435a2a8e5da4e6d2d
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-16 (Wed, 16 Dec 2015)
Changed paths:
M config.h.in
M configure
M configure.in
M contrib/mod_tls.c
Log Message:
-----------
Initial start of OCSP stapling implementation in mod_tls. For this, we either
return a "tryLater" OCSP response, or none. This is how it starts.
Commit: 536cdff8f104c0f7545df3cf031fdd413006d99b
https://github.com/proftpd/proftpd/commit/536cdff8f104c0f7545df3cf031fdd413006d99b
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-17 (Thu, 17 Dec 2015)
Changed paths:
M .gitignore
M Make.rules.in
M contrib/dist/rpm/proftpd.spec
M contrib/mod_tls_memcache.c
M lib/Makefile.in
M locale/files.txt
M modules/Makefile.in
M src/Makefile.in
R src/ftpscrub.c
M tests/t/lib/ProFTPD/Tests/Modules/mod_quotatab_sql.pm
M utils/Makefile.in
Log Message:
-----------
Merge branch 'master' into tls-ocsp-stapling-bug4175
Commit: 8a9a719b595b31f061be46835a18f9b73c172625
https://github.com/proftpd/proftpd/commit/8a9a719b595b31f061be46835a18f9b73c172625
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-21 (Mon, 21 Dec 2015)
Changed paths:
M contrib/mod_tls.c
M contrib/mod_tls.h
M tests/t/lib/ProFTPD/Tests/Modules/mod_tls.pm
Log Message:
-----------
Complete the major implementation, with basic testing, of OCSP stapling.
It would be nice to add at least one more cache provider (e.g. memcache),
and to finish the documentation, to consider this work complete.
Commit: fa61f5011da6f8f905a2402d84b7c1df7c49be1e
https://github.com/proftpd/proftpd/commit/fa61f5011da6f8f905a2402d84b7c1df7c49be1e
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-21 (Mon, 21 Dec 2015)
Changed paths:
M contrib/mod_tls.c
Log Message:
-----------
Merge branch 'master' into tls-ocsp-stapling-bug4175
Commit: 934bf3441299a687c27c8a62882444a1ba172c62
https://github.com/proftpd/proftpd/commit/934bf3441299a687c27c8a62882444a1ba172c62
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-21 (Mon, 21 Dec 2015)
Changed paths:
M contrib/mod_tls.c
Log Message:
-----------
Fix build errors, warnings caught by travis-ci.
Commit: 58a8e13f9e8b9fdd8d270ffe61caa38522a350f0
https://github.com/proftpd/proftpd/commit/58a8e13f9e8b9fdd8d270ffe61caa38522a350f0
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-21 (Mon, 21 Dec 2015)
Changed paths:
M contrib/mod_tls.c
Log Message:
-----------
Refactor some of the previous OCSP code (for checking client certificates'
revocation status) to use the newer code, and reduce the amount of code
duplication.
Commit: 3e9fd0c801fec3c2080695e1d5f0a69a40bf43b5
https://github.com/proftpd/proftpd/commit/3e9fd0c801fec3c2080695e1d5f0a69a40bf43b5
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-21 (Mon, 21 Dec 2015)
Changed paths:
A contrib/mod_tls_fscache.c
Log Message:
-----------
Be a little more careful with the OCSP response files found on disk.
Commit: ee791350fa0c2edb5fad51e99f1248492a7c4371
https://github.com/proftpd/proftpd/commit/ee791350fa0c2edb5fad51e99f1248492a7c4371
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-21 (Mon, 21 Dec 2015)
Changed paths:
M contrib/mod_tls.c
Log Message:
-----------
Implement a TLSStaplingResponder directive, for sites which will need to
proxy their OCSP queries. Also remove unnecessary defensive coding, after
reading the OpenSSL sources.
Commit: e35ec26850efd4479a6f825ce9b43d34f37a94bd
https://github.com/proftpd/proftpd/commit/e35ec26850efd4479a6f825ce9b43d34f37a94bd
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-21 (Mon, 21 Dec 2015)
Changed paths:
M doc/contrib/mod_tls.html
A doc/contrib/mod_tls_fscache.html
M doc/contrib/mod_tls_memcache.html
Log Message:
-----------
Update the mod_tls docs for the OCSP stapling support, and include the docs
for the new mod_tls_fscache module.
Commit: 073405ebb8776ce945e77e251bc4f9d01d913398
https://github.com/proftpd/proftpd/commit/073405ebb8776ce945e77e251bc4f9d01d913398
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-21 (Mon, 21 Dec 2015)
Changed paths:
M tests/t/lib/ProFTPD/Tests/Modules/mod_tls.pm
Log Message:
-----------
Remove development cruft.
Commit: db7f648b087699a0ded1bf58a06cea8a99dec586
https://github.com/proftpd/proftpd/commit/db7f648b087699a0ded1bf58a06cea8a99dec586
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-21 (Mon, 21 Dec 2015)
Changed paths:
M doc/contrib/mod_tls_fscache.html
Log Message:
-----------
Provide better example configuration.
Commit: c451424b0b1acbf8056ddf1ea121317c96eaca0c
https://github.com/proftpd/proftpd/commit/c451424b0b1acbf8056ddf1ea121317c96eaca0c
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-22 (Tue, 22 Dec 2015)
Changed paths:
M contrib/mod_tls_fscache.c
Log Message:
-----------
Finish implementing some of the 'ftpdctl ocspcache' actions for
mod_tls_fscache.
Commit: f39f9178c16d29400aa301395f4a4980b15be8b6
https://github.com/proftpd/proftpd/commit/f39f9178c16d29400aa301395f4a4980b15be8b6
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-22 (Tue, 22 Dec 2015)
Changed paths:
M .gitignore
Log Message:
-----------
Ignore the new mod_tls_fscache symlinked into the modules/ directory.
Commit: e566d358dc249f2af2d7252f891b83ba656d4616
https://github.com/proftpd/proftpd/commit/e566d358dc249f2af2d7252f891b83ba656d4616
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-22 (Tue, 22 Dec 2015)
Changed paths:
M tests/t/lib/ProFTPD/Tests/Modules/mod_tls.pm
A tests/t/lib/ProFTPD/Tests/Modules/mod_tls_fscache.pm
A tests/t/modules/mod_tls_fscache.t
M tests/tests.pl
Log Message:
-----------
Split out the mod_tls_fscache-related regression tests into their own
test file, just as was done for mod_tls_memcache and mod_tls_shmcache.
Commit: ff7827538495fb3757e7896ac28aaccfa40d572d
https://github.com/proftpd/proftpd/commit/ff7827538495fb3757e7896ac28aaccfa40d572d
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-22 (Tue, 22 Dec 2015)
Changed paths:
M contrib/mod_tls_shmcache.c
Log Message:
-----------
Step #1 in adding OCSP cache support to mod_tls_shmcache: rename all of the
existing SSL session cache variables/functions more clearly.
Commit: 51d25fd2569bf3c63591cb021a1e668a2f6f9cb6
https://github.com/proftpd/proftpd/commit/51d25fd2569bf3c63591cb021a1e668a2f6f9cb6
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-22 (Tue, 22 Dec 2015)
Changed paths:
M contrib/mod_tls.c
Log Message:
-----------
If the EnableDiags TLSOption is in effect, print out the OCSP response we
obtained from the TLSStaplingCache, if any. Also make sure that we do NOT
add back to the TLSStaplingCache a response that we just read from that cache.
Commit: f397919f9566258f5676abd44340d880e9e281fe
https://github.com/proftpd/proftpd/commit/f397919f9566258f5676abd44340d880e9e281fe
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-22 (Tue, 22 Dec 2015)
Changed paths:
M contrib/mod_tls_fscache.c
Log Message:
-----------
Remove unused event listeners, and update the logging of OpenSSL errors to
include the finer-grained data, if available.
Commit: 8cd9782e7021a21c6bdeabd88b02109fcce4f615
https://github.com/proftpd/proftpd/commit/8cd9782e7021a21c6bdeabd88b02109fcce4f615
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-22 (Tue, 22 Dec 2015)
Changed paths:
M tests/t/lib/ProFTPD/Tests/Modules/mod_tls.pm
M tests/t/lib/ProFTPD/Tests/Modules/mod_tls_fscache.pm
Log Message:
-----------
Move one of the OCSP stapling support routines to the mod_tls_fscache-specific
tests.
Commit: 01f2de0c4e53e5e21a4e8464c75306a124976986
https://github.com/proftpd/proftpd/commit/01f2de0c4e53e5e21a4e8464c75306a124976986
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-22 (Tue, 22 Dec 2015)
Changed paths:
M contrib/mod_tls_shmcache.c
M tests/t/lib/ProFTPD/Tests/Modules/mod_tls_shmcache.pm
Log Message:
-----------
Implement an OCSP response cache provider via SysV shared memory segments
(using mod_tls_shmcache), with accompanying tests.
Commit: 978912cb198ea6117eecd9b6d22fadd5d25548a2
https://github.com/proftpd/proftpd/commit/978912cb198ea6117eecd9b6d22fadd5d25548a2
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-22 (Tue, 22 Dec 2015)
Changed paths:
M doc/contrib/mod_tls.html
M doc/contrib/mod_tls_shmcache.html
Log Message:
-----------
Update the mod_tls_shmcache docs to mention its support for the
TLSStaplingCache directive.
Commit: 7b705f2e0519877a42b5b8b4185bf41c0bec42aa
https://github.com/proftpd/proftpd/commit/7b705f2e0519877a42b5b8b4185bf41c0bec42aa
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-22 (Tue, 22 Dec 2015)
Changed paths:
M contrib/mod_tls_shmcache.c
Log Message:
-----------
Update the mod_tls_shmcache comments to be more up-to-date.
Commit: ab90d49dacad604492aa7a029929b38793225988
https://github.com/proftpd/proftpd/commit/ab90d49dacad604492aa7a029929b38793225988
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-22 (Tue, 22 Dec 2015)
Changed paths:
M contrib/mod_tls_memcache.c
M tests/t/lib/ProFTPD/Tests/Modules/mod_tls_memcache.pm
Log Message:
-----------
Implement an OCSP response cache provider using mod_tls_memcache, with
accompanying regression tests.
Commit: 87ae70a3e9362256e3381b7054f95d1591f4092e
https://github.com/proftpd/proftpd/commit/87ae70a3e9362256e3381b7054f95d1591f4092e
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-22 (Tue, 22 Dec 2015)
Changed paths:
M doc/contrib/mod_tls.html
M doc/contrib/mod_tls_memcache.html
Log Message:
-----------
Update the mod_tls, mod_tls_memcache docs to mention using memcached for
OCSP response caching.
Commit: eedd30f6c6e03ed2ce3e943ef502c93c6cc84f71
https://github.com/proftpd/proftpd/commit/eedd30f6c6e03ed2ce3e943ef502c93c6cc84f71
Author: TJ Saunders <tj@castaglia.org>
Date: 2015-12-22 (Tue, 22 Dec 2015)
Changed paths:
M .gitignore
M config.h.in
M configure
M configure.in
M contrib/mod_tls.c
M contrib/mod_tls.h
A contrib/mod_tls_fscache.c
M contrib/mod_tls_memcache.c
M contrib/mod_tls_shmcache.c
M doc/contrib/mod_tls.html
A doc/contrib/mod_tls_fscache.html
M doc/contrib/mod_tls_memcache.html
M doc/contrib/mod_tls_shmcache.html
M tests/t/lib/ProFTPD/Tests/Modules/mod_tls.pm
A tests/t/lib/ProFTPD/Tests/Modules/mod_tls_fscache.pm
M tests/t/lib/ProFTPD/Tests/Modules/mod_tls_memcache.pm
M tests/t/lib/ProFTPD/Tests/Modules/mod_tls_shmcache.pm
A tests/t/modules/mod_tls_fscache.t
M tests/tests.pl
Log Message:
-----------
Merge pull request #186 from proftpd/tls-ocsp-stapling-bug4175
Bug#4175: Support for OCSP stapling
Compare: https://github.com/proftpd/proftpd/compare/57d25ba5b0a4...eedd30f6c6e0
------------------------------------------------------------------------------
_______________________________________________
ProFTPD Committers Mailing List
proftpd-committers@proftpd.org
https://lists.sourceforge.net/lists/listinfo/proftp-committers
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic