Shelikhoo
e98865a205
amend certificate removal message
2021-06-04 20:07:27 +01:00
Bhoppi Chaw
6d9c463b60
Fix: new cert issuing is incorrectly delayed ( #998 )
...
* fix new cert issuing is incorrectly delayed
* apply lint
* revert cert duration & write cert issue/revoke info into log
* apply lint
Co-authored-by: Bhoppi Chaw <bhoppi#outlook,com>
2021-06-04 19:55:30 +01:00
Loyalsoldier
6f8979d017
Style: format code by gofumpt ( #1022 )
2021-05-20 05:28:52 +08:00
Shelikhoo
ebb720804d
refactored cert pin
2021-04-15 20:02:48 +01:00
Shelikhoo
92b845a45b
added calculation of certificate hash as separate command and tlsping, use base64 to represent fingerprint to align with jsonPb
2021-04-15 19:01:55 +01:00
Shelikhoo
34a3850f16
publish cert chain hash generation algorithm
2021-04-15 18:17:52 +01:00
Shelikhoo
59472de6a9
verify peer cert function for better man in the middle prevention
2021-04-15 18:16:19 +01:00
Loyalsoldier
f94dd11a8c
Chore: change module name ( #677 )
2021-02-17 04:31:50 +08:00
RPRX
a58bfc4ba4
SessionTicketsDisabled: false -> true
2021-01-01 11:25:04 +00:00
RPRX
4d2e782fbe
Disable session resumption by default ( #569 )
2021-01-01 17:01:14 +08:00
Loyalsoldier
b68f943c78
Fix lint according to golangci-lint ( #439 )
2020-11-22 05:05:01 +08:00
loyalsoldier
784775f689
Refine code according to golangci-lint results
2020-10-11 19:22:46 +08:00
Darhwa
8e791e92bc
Further strip unique signatures of tls handshake
...
1. allow users to disable session ticket
2. set default alpn to ["h2", "http/1.1"]
2020-06-18 11:32:37 +08:00
vcptr
524b2aca56
let crypto/tls choose the proper ciphers
2020-05-31 11:25:56 +08:00
vcptr
e62e6608e1
tls use crypto std cipher suites
2020-05-31 11:25:50 +08:00
Kirill Motkov
0401a91ef4
Some code improvements
...
* Rewrite empty string checks more idiomatically.
* Change strings.ToLower comparisons to strings.EqualFold.
* Rewrite switch statement with only one case as if.
2019-06-28 17:53:44 +03:00
Kslr
c5635f9507
sync fly, enable tls 1.3
2019-05-17 17:54:04 +08:00
Darien Raymond
974b488ab0
add support for not loading system roots. fixes #1513
2019-02-26 21:58:54 +01:00
Darien Raymond
c5cce8be6f
fix server name parsing
2019-02-19 13:05:36 +01:00
Darien Raymond
c072d38e2c
refine tls connection
2019-02-17 00:58:02 +01:00
Darien Raymond
1ab94fed79
optimize v2ctl size
2019-02-01 20:08:21 +01:00
Darien Raymond
5279296f03
remove use of context.WithValue in transport
2018-11-21 14:54:40 +01:00
Darien Raymond
682b28cbda
fix tls.AllowInsecureCiphers
2018-09-10 23:55:54 +02:00
Darien Raymond
b3847fb7c0
MemoryStreamSettings
2018-09-07 14:50:25 +02:00
Darien Raymond
896db7c50c
offer an option to disable session resumption
2018-07-24 15:12:09 +02:00
Darien Raymond
9a9b6f9077
fix concurrent access to tls config
2018-07-14 00:21:58 +02:00
Darien Raymond
9321210bcf
settings for allowing insecure cipher suites.
2018-05-27 18:52:08 +02:00
Darien Raymond
10d7ed2e83
fix expired cert check
2018-04-18 11:45:49 +02:00
Darien Raymond
a657ec49a0
comments
2018-04-17 23:33:39 +02:00
Darien Raymond
da0568d8d0
refine cert generation
2018-04-14 13:28:57 +02:00
Darien Raymond
abee8bddf3
only try issuing new certificate when user provide custom CA
2018-04-14 13:12:50 +02:00
Darien Raymond
ccafce3c9b
disable system roots for windows
2018-04-13 10:01:10 +02:00
Darien Raymond
044c641d7b
test case for tls certs
2018-04-10 23:02:47 +02:00
Darien Raymond
318a36fe58
automatic issuing certificates from provided CA
2018-04-10 12:42:02 +02:00
Darien Raymond
d207d953bd
h2 transport
2018-03-01 13:16:52 +01:00
Darien Raymond
bdab1af29a
update tls config generation
2018-02-28 15:15:22 +01:00
Darien Raymond
30f27706e0
Use 'h2' for ALPN in TCP
2018-01-02 18:16:36 +01:00
Darien Raymond
f4c35db968
merge log into common log
2017-12-19 21:28:12 +01:00
Darien Raymond
048ffbc7dc
simplify tls config
2017-12-17 00:53:17 +01:00
Darien Raymond
af88016320
fix #643
2017-10-26 11:43:02 +02:00
Darien Raymond
68bc9ea8e4
cleanup error messages
2017-04-09 15:04:04 +02:00
Darien Raymond
35248497d2
refactor error messages
2017-04-09 01:43:25 +02:00
Darien Raymond
75f5cb9afb
refactor log and error
2017-04-06 21:13:17 +02:00
Darien Raymond
f046f334cd
move common/log to app/log
2017-02-01 21:35:40 +01:00
Darien Raymond
2a52ae9e96
default next protos
2016-12-31 23:22:26 +01:00
Darien Raymond
3cc0783d9c
fix test break
2016-12-30 23:30:35 +01:00
Darien Raymond
a44d556667
test case for tls connection
2016-12-30 23:12:00 +01:00
Darien Raymond
a11d2ce9d6
support server name override
2016-12-11 23:58:37 +01:00
Darien Raymond
f95c322677
rename 'this'
2016-11-27 21:39:09 +01:00
Darien Raymond
1d13f47f9c
protobuf for stream settings
2016-10-02 23:43:58 +02:00