summaryrefslogtreecommitdiff
path: root/usr.sbin/httpd/server.c
AgeCommit message (Expand)Author
2018-05-19Add support for client certificate authentication to httpd.Joel Sing
2017-11-29Don't do OCSP stapling only if the staple file is 0 length.Bob Beck
2017-11-28Disable oscp stapling on invalid staple, rather than failing to start.Bob Beck
2017-08-11Convert httpd to tls_config_set_ecdhecurves(), allowing a list of curvesJoel Sing
2017-07-19Rework the way that TLS configuration is sent/received via imsgs, so thatJoel Sing
2017-04-17some freezero() callsTheo de Raadt
2017-03-25Implement TLS ticket support in httpd. Off by default. UseClaudio Jeker
2017-02-07/tmp/cvsspEkokReyk Floeter
2017-02-02Fix support for HTTP pipelining by handling all requests in the buffer.Reyk Floeter
2017-01-31remove extra call setting OCSP staple now that it is done aboveBob Beck
2017-01-31Correct mistake I made when converting this to new funcitonBob Beck
2017-01-31Add tls_config_[add|set]keypair_ocsp functions so that ocsp staples may beBob Beck
2017-01-31Do not set EVBUFFER_EOF on read/write errors and handle EOF correctly.Reyk Floeter
2017-01-09Stop accessing verbose and debug variables from log.c directly.Reyk Floeter
2016-11-17Check the return value of tls_config_set_protocols(), now that it returnsJoel Sing
2016-11-17Move OCSP loading into a separate function - it is not part of the keypairJoel Sing
2016-11-10Fix tcp ip ttl / minttl on IPv6 sockets.Jeremie Courreges-Anglas
2016-11-06conditionalize ocsp load properlyBob Beck
2016-11-06Add OCSP stapling support to httpdBob Beck
2016-08-30Kill (remove) the ps_pid from privsep struct since it is not being usedRafael Zalamena
2016-08-27Kill p_instance from proc.c and remove static proc_id unused variables.Rafael Zalamena
2016-08-26Replace the static env variables with a single global variable.Rafael Zalamena
2016-08-22Enable SNI support in httpd(8).Joel Sing
2016-08-16stop including sys/param.h for nitems. define locally as needed.Ted Unangst
2016-08-16Turn "TLS handshake failed -" log message into a debug message - itReyk Floeter
2016-08-16Rename server_handshake_tls() to server_tls_handshake() to align withReyk Floeter
2016-08-15Move server_match() from parse.y to server.c; use env instead of conf,Joel Sing
2016-08-15Use lowercase 'tls' in debug and log messages for consistency.Joel Sing
2016-08-15Make httpd stricter with respect to TLS configuration - in particular, doJoel Sing
2016-04-28Include the TLS configuration errors in log messages. Also set theJoel Sing
2016-04-19Use log_warnx() instead of log_warn() when the failure will not haveJoel Sing
2015-12-02sync with relayd, use proc_compose()Reyk Floeter
2015-11-23Retire socket_set_blockmode() in favor of the SOCK_NONBLOCK type flag.Reyk Floeter
2015-11-05pledge(2) for httpd.Florian Obser
2015-09-11Fix server_handshake_tls() - we should only call server_input() in the caseJoel Sing
2015-09-10fix return type for tls_read/writeBob Beck
2015-09-10fix after libtls api changesBob Beck
2015-09-10Update httpd to call tls_handshake() after tls_accept_socket().Joel Sing
2015-09-07Fix a regression that was introduced with server.c r1.64: Do NOT freeReyk Floeter
2015-08-20Change httpd(8) to use C99-style fixed-width integers (uintN_t insteadReyk Floeter
2015-08-03Fix rev 1.70 of server.c by only re-enabling the bufferevent if weFlorian Obser
2015-07-29backout the previous: it broke wordpress somehow.Reyk Floeter
2015-07-29Read fcgi response records until we have the whole http header and canFlorian Obser
2015-07-18libtls has been changed to set SSL_MODE_ENABLE_PARTIAL_WRITE andReyk Floeter
2015-07-16If we can read faster from disk than send data to the client stopFlorian Obser
2015-07-15Escape the message in server_log() as well.Reyk Floeter
2015-07-15Close connections that fail to complete a TLS handshake.Joel Sing
2015-07-15Fix typo in comment.Joel Sing
2015-07-15Send the TLS certificate and key via separate imsgs, rather thanJoel Sing
2015-07-15Explicitly check for and handle EOF on a TLS connection.Joel Sing