summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Add support for Elliptical Curve Cryptography (ECC). This is disabledrcritten2006-03-0212-115/+271
| | | | by default. To enable it, pass --enable-ecc to configure.
* upgraded config.guess and config.sub to 2004-09-07 (same as mod_admserv)nhosoi2006-02-262-457/+726
|
* Checking in automatically generated aclocal.m4 and derived files.nhosoi2006-02-263-1622/+1090
| | | | aclocal-1.6; automake-1.6; autoconf
* [179394] HP-UX IPF/PA-RISC supportnhosoi2006-02-244-1671/+1119
| | | | | | | | updated hppa*64* with hppa2.* in aclocal.m4 to support 64 bit PA_RISC. CAUTION: this file could be automatically updated by "aclocal" command using libtool.m4, which contains the expression: "hppa*64*". But 64 bit PA_RISC generates, this string "build_cpu='hppa2.0w'", which does not match "hppa*64*". So, if aclocal.m4 is updated, hppa*64* needs to be replaced.
* Make configure automatically find the correct versions of apr-config and apxsrmeggins2006-01-314-1881/+2959
|
* [179394] HP-UX IPF supportnhosoi2006-01-301-2331/+13737
| | | | autoconf 2.59/libtool 1.5
* [179394] HP-UX IPF supportnhosoi2006-01-303-3412/+7628
| | | | autoconf 2.59/libtool 1.5
* This file was copied directly from the Apache distribution. Remove thercritten2006-01-041-477/+0
| | | | extra per-module stuff that doesn't apply.
* Changes to allow the mod_nss to work in Apache 2.2.0. Based on a patchrcritten2006-01-0413-797/+1252
| | | | | | | from Oden Eriksson. The conditional to determine which API to use is a bit weak at the moment but it works with Apache 2.0.54 and 2.2.0.
* Fix command-line argument miscounting caused by the addition of thercritten2005-11-181-1/+6
| | | | | | | | FIPS flag. The result was that the database prefix was always missed. Also check the return value of NSS_Initialize() and print and exit if the database is not opened.
* removed empty flavor from specrmeggins2005-11-031-1/+0
|
* had to recreate these on rhel3 because I nuked them on rhel4rmeggins2005-11-034-20089/+5843
|
* added mod_nss.spec and makerpm.shrmeggins2005-11-036-5808/+20322
|
* Add in check to be sure that the same server isn't initialized with SSLrcritten2005-10-281-0/+15
| | | | | | more than once. This avoids a crash during shutdown where the same certificates and keys will try to be released multiple times. This is based on ssl_init_server_check() from mod_ssl.
* Close the proxy model socket so NSS can be shutdown gracefully. Alsorcritten2005-10-111-4/+14
| | | | | correct an error where the PKCS#11 slot isn't closed unless a the certificate key is obtained. This also affected NSS_Shutdown().
* Add support for seeding the NSS Random Number Generator. This addsrcritten2005-10-039-6/+322
| | | | | a new directive, NSSRandomSeed based on the mod_ssl SSLRandomSeed directive.
* Remove a debug msg that was left in on accident.rcritten2005-09-291-2/+0
|
* Add proxy support to mod_nss. Most of the changes are related torcritten2005-09-295-110/+385
| | | | | | adding new configuration directives. For the others we need to initialize an NSS socket differently whether we will be acting as a client or a server.
* force checkin of autoconf filesrmeggins2005-09-260-0/+0
|
* separate with options for include and lib directories - use nspr and nss ↵rmeggins2005-09-262-29/+199
| | | | instead of mozilla-nspr and -nss
* Add missing copyright blockrcritten2005-09-161-0/+14
|
* Adding files required by the Apache 2.0 Licensercritten2005-09-162-0/+695
|
* Make SSL2 an optional protocol, disabled by default.rcritten2005-09-138-625/+1721
|
* Update to reflect changes to the NSSFIPS directivercritten2005-09-081-2/+13
|
* Improve FIPS configuration:rcritten2005-09-081-11/+59
| | | | | | | | | - The NSS ciphers are enumerated to find those that are FIPS approved - This list of approved ciphers is compared to the NSSCipherSuite entry and those enabled, approved ciphers are configured. This way you aren't forced to use all of the FIPS ciphers (in case you don't want a 56-bit cipher enabled). - Only TLSv1 should be enabled.
* Add short example of how to use certutil to generate a certificatercritten2005-09-081-0/+37
| | | | request suitable for submission to a 3rd party CA such as Verisign.
* Add information about how to use built-in CA's via libnssckbi.sorcritten2005-09-061-1/+8
|
* Add OCSP supportrcritten2005-09-065-4/+51
|
* Add a FIPS configuration option. This enables the FIPS internalrcritten2005-08-196-32/+135
| | | | | database module, configures for SSLv3 and TLSv1 and enables the 2 FIPS ciphers (and disables all the others).
* More correct detection of NSS version when determining whether wercritten2005-08-181-3/+1
| | | | | should expect PK11_TokenKeyGenWithFlags(). It hasn't been included as of NSS 3.10.0.
* Also clean up the SSL Session ID Cache when shutting down.rcritten2005-08-041-3/+13
| | | | | | If we are using the forked model, use the MP version of the Session ID cache. Don't call PR_Cleanup(), this could cause problems.
* Properly clean up the SSL environment so NSS can be shut down gracefully.rcritten2005-08-042-4/+32
|
* Changed 2 function names from SSL -> NSS I had missed in earlier cleanuprcritten2005-08-041-2/+2
|
* Added Database Management section.rcritten2005-08-031-9/+150
| | | | Added links to NSS and NSPR
* Add more information related to gencertrcritten2005-08-031-4/+18
| | | | Tell user's where to find more documentation
* Add libsoftokn3.so for nss_pcache.rcritten2005-07-212-2/+2
|
* Clarify things a bit, change directive name to match new naming scheme.rcritten2005-07-201-7/+9
|
* Don't assume that apr-config is in the PATH. Let the user specify whichrcritten2005-07-202-2080/+5902
| | | | one to run, just like with apxs.
* Add in support for older versions of NSS that don't have the functionrcritten2005-07-201-0/+7
| | | | | | PK11_TokenKeyGenWithFlags(). Older versions of NSS will only work with software certificates when using nss_pcache. The workaround is to store the token passwords in a file instead.
* Fix lunasa problem. The key we generate must work for both encryption andrrelyea2005-07-061-2/+2
| | | | | | decryption. By default generate key only returns encryption keys. bob
* Earlier versions of Apache 2.0 (such as on RHEL 3) don't supportrcritten2005-06-291-0/+2
| | | | AP_BUCKET_IS_EOC. Define around it.
* Add NSS database prefix supportrcritten2005-06-296-12/+48
|
* Zero length file for now so autoconf will shut up.rcritten2005-06-071-0/+0
|
* Reflect new Directive naming conventionrcritten2005-06-072-64/+88
|
* Basic documentation on the mod_nss module.rcritten2005-06-031-0/+908
|
* Fix formatting and variable name in error message.rcritten2005-06-031-2/+2
|
* Initialize enforcement of valid certificates to true.rcritten2005-06-031-0/+1
|
* Remove message about co-existing with mod_ssl, that works ok now.rcritten2005-06-032-18/+2
| | | | Also fix nasty typo.
* Changed function and configuration names so mod_nss can peacefullyrcritten2005-05-3123-1142/+1102
| | | | co-exist with mod_ssl.
* Generate gencert so we can set the NSS and NSPR directories and makercritten2005-05-254-11/+66
| | | | | things easier for the user. Also try really, really hard to get the FQDN so we can create a host-specific self-signed certificate.
generated by cgit (git 2.34.1) at 2025-09-25 19:05:31 +0000