15bc8be275e402f75d93ab41c89ca3b4dafeaf5d 1661540 |
|
22-Feb-2015 |
trawick |
mod_ssl_ct needs a per-vhost module config even if a vhost
doesn't contain mod_ssl_ct's own directives, because the
module config needs to represent that vhost's certificates.
PR: 57533 |
e670b9648396d99ab737684f74e251d4a2e9b95b 1661487 |
|
22-Feb-2015 |
trawick |
Provide separate SSL_CT_*_STATUS variables for client vs. proxy
connections, courtesy of a new flag passed from mod_ssl on its
pre_connection "optional hook." |
3fd83d7e64ee5a82f084f3b3e83516f7394acfb7 1645546 |
|
15-Dec-2014 |
trawick |
Fix extraction of an SCT list from a stapled OCSP response.
The hard-coded 2 byte offset to get to the list (in lieu of
the proper logic) didn't survive the addition of the SCT
from an additional log. |
9d3e8ab5391fb11d3d2f295a602279c70a78d957 1631021 |
|
11-Oct-2014 |
jailletc36 |
Style ('{' on same line as function definition) |
0d407cd3864fadcc204a381eb5f3b5cc5746bbb8 1630624 |
|
10-Oct-2014 |
trawick |
mod_ssl_ct: Work with current Certificate Transparency tools
(e.g., as of certificate-transparency commit
3f03188fe89974d45345fddee64a8227bd2ec26a)
The interface to the "ct" tool now requires the log's URL and
public key, resulting in a bit of refactoring in the module. |
62088ec6b71075a36a2dfbb43f26a0370c7d3651 1628833 |
|
01-Oct-2014 |
trawick |
Adjust Certificate Transparency support (mod_ssl_ct) to build with/require OpenSSL 1.0.2 Beta 3.
Update notes on missing OpenSSL documentation.
Submitted by: ben (the primary changes), trawick |
a7452f0ad4045af1d42dce45cc25854e7bf3cac4 1612122 |
|
20-Jul-2014 |
trawick |
Add message numbers to mod_ssl_ct messages with severity > debug. |
1b4804a626ffa0fed7d4fd7b53ee9db1c02ed525 1606337 |
|
28-Jun-2014 |
trawick |
APR_THREAD_FUNC decorator needed for 32-bit builds on Windows |
9ee814f862f6f2203cf0d1859969682954dfa97a 1596108 |
|
20-May-2014 |
jailletc36 |
Fix duplicate APLOGNO |
bdaad7cd865e9031b8b7ac5bfa76efd455681598 1589398 |
|
23-Apr-2014 |
trawick |
allow operation without any logs configured or without the
log client tool configured
this supports configurations where SCTs are managed by the admin or
by some other infrastructure |
6d051b239b0d87ee1e80e0b53d23dd3c8e7205ff 1589389 |
|
23-Apr-2014 |
trawick |
ensure that the post-config hook runs after that of mod_ssl
(mod_ssl_ct looks for stuff that should have been found
while mod_ssl ran) |
75f5c2db254c0167a0e396254460de09b775d203 1588987 |
|
21-Apr-2014 |
trawick |
Add module mod_ssl_ct, which provides an implementation of Certificate
Transparency (RFC 6962) for httpd.
mod_ssl_ct requires OpenSSL 1.0.2 (in beta) and must be explicitly
enabled via configure.
Note that support/ctauditscts is purposefully not installed; it
does not properly function due to a dependency on a
certificate-transparency open source project tool which itself is
not sufficiently complete at this time. |