Mon, 16 Nov 2015 18:03:41 +0100 |
Kim Alvefur |
mod_s2s_auth_dane: Consider TLSA records with PKIX uses as supported (if enabled) even if the chain is invalid (if no match is found the session is considered insecure)
|
Thu, 05 Nov 2015 15:38:31 +0100 |
Kim Alvefur |
mod_s2s_auth_dane: Consider the current certificate chain status before checking PKIX-{EE,CA} TLSA records
|
Thu, 05 Nov 2015 14:10:11 +0100 |
Kim Alvefur |
mod_s2s_auth_dane: Support servers without SRV records by falling back to port 5269 and the bare hostname for TLSA lookups
|
Thu, 21 May 2015 11:14:16 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Ignore mutating of the 'module' global, that is ok in prosody plugins [luacheck]
|
Thu, 21 May 2015 10:28:02 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Validate names of DANE-TA certs
|
Wed, 06 May 2015 00:53:27 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Simplify cases where there are only one SRV record
|
Wed, 06 May 2015 00:51:46 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Don't count number of RRs in DNS reply if the DNS lib already did
|
Mon, 13 Apr 2015 13:36:38 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Abort earlier for sessions from hosts that don't say who they are
|
Mon, 13 Apr 2015 13:35:37 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Demote log message about failure to ASCII-ify hostname from error to warning
|
Tue, 07 Apr 2015 17:35:20 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Cleanup [luacheck]
|
Tue, 31 Mar 2015 20:57:34 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Update for recent changes in Zashs LuaSec branch
|
Mon, 16 Mar 2015 16:19:53 +0100 |
Kim Alvefur |
mod_s2s_auth_dane: Comments and cleanup
|
Tue, 16 Sep 2014 19:55:54 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Include hostname when logging a failure
|
Tue, 16 Sep 2014 19:53:41 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Fix stringprepping when doing "DANE Light"
|
Sun, 14 Sep 2014 18:52:54 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Fix traceback caused by LuaSec not being loaded
|
Sun, 15 Jun 2014 02:40:18 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Tweak log messages
|
Fri, 13 Jun 2014 02:19:52 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Add some more info to log messages
|
Thu, 12 Jun 2014 12:31:50 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Pause connection only if needed
|
Thu, 12 Jun 2014 12:30:39 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Return if no certificate found
|
Wed, 11 Jun 2014 12:50:57 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Cache logger to save some table lookups and improve readability
|
Mon, 19 May 2014 17:00:12 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Fix potential traceback in logging if SRV target fails nameprep
|
Mon, 19 May 2014 16:28:43 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Unreference DNS lookup when reply arrives (thanks LordVan)
|
Thu, 15 May 2014 11:12:31 +0200 |
Kim Alvefur |
Backout 33f132c3f4b7 until 0.10
|
Thu, 08 May 2014 15:43:58 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Fix traceback if session.srv_hosts is nil
|
Wed, 07 May 2014 17:08:47 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Change how TLSA support is detected
|
Wed, 07 May 2014 17:07:10 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Fix logic precedence issue
|
Sun, 27 Apr 2014 01:43:43 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Add support for DANE-TA and PKIX-CA (requires LuaSec changes)
|
Sun, 27 Apr 2014 01:40:20 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Use PEM to DER function from util.x509 (0.10+)
|
Sun, 27 Apr 2014 01:24:03 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Launch DANE queries when sending or receiving stream-features instead of monkeypatching s2sout.lib
|
Thu, 24 Apr 2014 18:34:10 +0200 |
Kim Alvefur |
mod_s2s_auth_dane: Clean up no longer needed DNS replies
|