aboutsummaryrefslogtreecommitdiffstats
path: root/core
Commit message (Collapse)AuthorAgeFilesLines
* core.portmanager: Simplify and take advantage of new ssl config merging in ↵Kim Alvefur2014-07-031-28/+9
| | | | certmanager
* core.certmanager: Make create_context() support an arbitrary number of ↵Kim Alvefur2014-07-031-3/+6
| | | | option sets, merging all
* core.certmanager: Use util.sslconfigKim Alvefur2014-07-031-71/+14
|
* Merge 0.9->0.10Kim Alvefur2014-05-091-1/+5
|\
| * configmanager: Delay importing LuaFileSystem until needed by an Include lineKim Alvefur2014-05-091-1/+5
| |
* | core.certmanager, core.moduleapi, mod_storage_sql, mod_storage_sql2: Import ↵Kim Alvefur2014-05-092-2/+3
| | | | | | | | from util.paths
* | core.configmanager: Move path utility functions into util.pathsKim Alvefur2014-05-091-35/+4
| |
* | certmanager: Move ssl.protocol handling to after ssl.options is a table ↵Kim Alvefur2014-04-211-8/+9
| | | | | | | | (thanks Ralph)
* | certmanager: Fix traceback if no global 'ssl' section set (thanks albert)Kim Alvefur2014-04-201-1/+3
| |
* | certmanager: Update ssl_compression when config is reloadedKim Alvefur2014-04-151-0/+3
| |
* | certmanager: Reformat core ssl defaultsKim Alvefur2014-04-151-9/+9
| |
* | certmanager: Support ssl.protocol syntax like "tlsv1+" that disables older ↵Kim Alvefur2014-04-151-2/+13
| | | | | | | | protocols
* | certmanager: Merge ssl.options, verify etc from core defaults and global ssl ↵Kim Alvefur2014-04-151-0/+29
| | | | | | | | settings with inheritance while allowing options to be disabled per virtualhost
* | certmanager: Wrap long line and add commentKim Alvefur2014-04-141-1/+5
| |
* | certmanager: Concatenate cipher list if given as a tableKim Alvefur2014-04-141-0/+6
| |
* | certmanager: Allow non-server contexts to be without certificate and keyKim Alvefur2014-04-141-2/+4
| |
* | certmanager: Check for non-nil values instead of true-ish values, allows ↵Kim Alvefur2014-04-141-2/+3
| | | | | | | | removing defaults
* | Merge 0.9->0.10Matthew Wild2014-04-0213-132/+150
|\ \ | |/ |/|
| * Merge 0.9->0.10Kim Alvefur2014-03-251-1/+1
| |\
| * | modulemanager: Always load a platform-specific module, add stub modules for ↵Kim Alvefur2014-01-261-1/+1
| | | | | | | | | | | | Windows and unknown platforms
| * | Merge 0.9->0.10Matthew Wild2013-11-211-1/+1
| |\ \
| * \ \ Merge 0.9->0.10Matthew Wild2013-11-101-1/+1
| |\ \ \
| * \ \ \ Merge 0.9->0.10Matthew Wild2013-11-091-1/+1
| |\ \ \ \
| * \ \ \ \ Merge 0.9 -> 0.10Kim Alvefur2013-10-311-1/+1
| |\ \ \ \ \
| * | | | | | certmanager: Fix. Again.Kim Alvefur2013-10-151-2/+2
| | | | | | |
| * | | | | | certmanager: Add back single_dh_use and single_ecdh_use to default options ↵Kim Alvefur2013-10-151-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | (Zash breaks, Zash unbreaks)
| * | | | | | moduleapi: Add module:unhook()Matthew Wild2013-09-161-0/+4
| | | | | | |
| * | | | | | certmanager: Allow for specifying the dhparam option as a path to a file ↵Kim Alvefur2013-09-031-2/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | instead of a callback
| * | | | | | Merge 0.9->trunkMatthew Wild2013-09-031-1/+1
| |\ \ \ \ \ \
| * | | | | | | usermanager: Remove unused import of pairs()Matthew Wild2013-08-131-1/+0
| | | | | | | |
| * | | | | | | Remove all trailing whitespaceFlorian Zeitz2013-08-0913-86/+86
| | | | | | | |
| * | | | | | | moduleapi: module:get_host_type() now returns 'global' for * and 'local' for ↵Matthew Wild2013-08-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | non-components
| * | | | | | | rostermanager, mod_groups: Change roster-load event to pass an event table ↵Matthew Wild2013-07-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | for consistency
| * | | | | | | Merge 0.9->trunkMatthew Wild2013-07-131-0/+1
| |\ \ \ \ \ \ \
| * | | | | | | | certmanager: Overhaul of how ssl configs are built.Kim Alvefur2013-06-131-38/+45
| | | | | | | | |
| * | | | | | | | Merge 0.9->trunkMatthew Wild2013-06-131-0/+5
| |\ \ \ \ \ \ \ \
| * \ \ \ \ \ \ \ \ Merge 0.9->trunkMatthew Wild2013-06-131-1/+1
| |\ \ \ \ \ \ \ \ \
| * \ \ \ \ \ \ \ \ \ Merge 0.9->trunkMatthew Wild2013-06-111-0/+2
| |\ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | certmanager: Complain if key or certificate is missing from SSL config.Kim Alvefur2013-06-071-0/+2
| | | | | | | | | | | |
* | | | | | | | | | | | portmanager: Make maximum read size configurable, and default to 4KBMatthew Wild2014-03-301-1/+3
| |_|_|_|_|_|_|_|_|_|/ |/| | | | | | | | | |
* | | | | | | | | | | modulemanager: Load mod_saslauth on components by defaultKim Alvefur2014-03-221-1/+1
| |_|_|_|_|_|_|_|_|/ |/| | | | | | | | |
* | | | | | | | | | certmanager: Further cipher string tweaking. Re-enable ciphers required for ↵Matthew Wild2013-11-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | DSA and ECDH certs/keys.
* | | | | | | | | | Back out 1b0ac7950129, as SSLv3 appears to still be in moderate use on the ↵Matthew Wild2013-11-121-1/+1
| |_|_|_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | network. Also, although obsolete, SSLv3 isn't documented to have any weaknesses that TLS 1.0 (the most common version used today) doesn't also have. Get your act together clients!
* | | | | | | | | certmanager: Update default cipher string to prefer forward-secrecy over ↵Matthew Wild2013-11-101-1/+1
| |_|_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | cipher strength and to disable triple-DES (weaker and much slower than AES)
* | | | | | | | certmanager: Fix order of options, so that the dynamic option is at the end ↵Matthew Wild2013-11-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | of the array
* | | | | | | | certmanager: Default to using the server's cipher preference order by ↵Matthew Wild2013-11-091-1/+1
| |_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | default, as clients have been shown to commonly select weak and insecure ciphers even when they support stronger ones
* | | | | | | certmanager: Disable SSLv3 by defaultKim Alvefur2013-10-311-1/+1
| | | | | | |
* | | | | | | certmanager: Fix dhparam callback, missing imports (Testing, pfft)Kim Alvefur2013-09-031-3/+5
| | | | | | |
* | | | | | | certmanager: Allow for specifying the dhparam option as a path to a file ↵Kim Alvefur2013-09-031-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | instead of a callback
* | | | | | | certmanager: Fix for working around a bug with LuaSec 0.4.1 that causes it ↵Matthew Wild2013-09-031-4/+4
| |_|_|_|_|/ |/| | | | | | | | | | | | | | | | | to not honour the 'ciphers' option. This change will apply 0.9's default cipher string for LuaSec 0.4.1 users.