From 492fb2ffe2541b0de30997ee188d0bc8c868f18d Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 22 May 2008 18:58:04 +0200 Subject: changed config directive name to reflect different use $ActionSendStreamDriverCertFingerprint is now $ActionSendStreamDriverPermittedPeer and can be used both for fingerprint and name authentication (similar to the input side) --- ChangeLog | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index cc599b52..032d7b29 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +- implemented x509/certvalid gtls auth mode +- implemented x509/name gtls auth mode +- changed config directive name to reflect different use + $ActionSendStreamDriverCertFingerprint is now + $ActionSendStreamDriverPermittedPeer and can be used both for + fingerprint and name authentication (similar to the input side) --------------------------------------------------------------------------- Version 3.19.3 (rgerhards), 2008-05-?? - added ability to authenticate the server against its certificate -- cgit From b674dd69bd35ee4da511ae73e70946ce4040b439 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 26 May 2008 12:53:49 +0200 Subject: added gtls name authentication based on common name (inside DN) also changed fingerprint gtls auth mode to new format fingerprint --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 032d7b29..4a65e0c5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,6 @@ - implemented x509/certvalid gtls auth mode - implemented x509/name gtls auth mode +- changed fingerprint gtls auth mode to new format fingerprint - changed config directive name to reflect different use $ActionSendStreamDriverCertFingerprint is now $ActionSendStreamDriverPermittedPeer and can be used both for -- cgit From 331a6442021405ecc0704fc11adb42178c917e67 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 26 May 2008 15:49:32 +0200 Subject: protected gtls error string function by a mutex. Without it, we could have a race condition in extreme cases. This was very remote, but now can no longer happen. --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 4a65e0c5..6691ac70 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,9 @@ - implemented x509/certvalid gtls auth mode - implemented x509/name gtls auth mode - changed fingerprint gtls auth mode to new format fingerprint +- protected gtls error string function by a mutex. Without it, we + could have a race condition in extreme cases. This was very remote, + but now can no longer happen. - changed config directive name to reflect different use $ActionSendStreamDriverCertFingerprint is now $ActionSendStreamDriverPermittedPeer and can be used both for -- cgit