Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Update copyright | Jon Bratseth | 2023-10-09 | 1 | -1/+1 |
| | |||||
* | Move generic crypto helpers from 'c.y.s.tls' to 'c.y.s' | Bjørn Christian Seime | 2022-07-20 | 1 | -0/+2 |
| | |||||
* | Merge Java package 'c.y.s.tls.{auth,json,policy}' into 'c.y.s.tls' | Bjørn Christian Seime | 2022-07-20 | 1 | -1/+0 |
| | | | | Facilitate improved encapsulation of Vespa mTLS related classes | ||||
* | Always run PeerAutorizer | Bjørn Christian Seime | 2022-07-15 | 1 | -5/+2 |
| | | | | | Interpret empty AuthorizedPeers as granting all capabilities unconditionally. Assume AuthorizedPeers as always present. | ||||
* | Update 2018 copyright notices. | gjoranv | 2021-10-07 | 1 | -1/+1 |
| | |||||
* | Remove com.yahoo.vespa.jdk8compat | Bjørn Christian Seime | 2021-03-10 | 1 | -4/+7 |
| | | | | These types are often accidentally imported, and the JDK8 replacement is typically a one-liner. | ||||
* | Make TLS protocol version configurable in TLS config file | Bjørn Christian Seime | 2021-02-24 | 1 | -1/+3 |
| | | | | | Only protocols listed in allowlist can be configured. TLSv1.2 is the only supported version at the moment, but TLSv1.3 will most likely be included in the future. | ||||
* | Use a single, shared TlsContext instance | Bjørn Christian Seime | 2021-01-14 | 1 | -15/+9 |
| | | | | | The configuration is based on environment variables, which are effectively fixed through the life of the JVM instance. This simplifaction removes the need for complex cleanup logic based on manual reference counting and weak references. | ||||
* | Revert "Use a single reloader per tls config file, and not one per instance." | Bjørn Christian Seime | 2021-01-14 | 1 | -23/+135 |
| | | | | This reverts commit c58415566e23dcac5f0daa352f39f567a4d7b44f. | ||||
* | Revert "Use reference counting to avoid relying on GC to drop threads." | Bjørn Christian Seime | 2021-01-14 | 1 | -19/+6 |
| | | | | This reverts commit 1c6c89eb52ac80c583c0cd90efdd0784344af434. | ||||
* | Use reference counting to avoid relying on GC to drop threads. | Henning Baldersheim | 2020-04-23 | 1 | -6/+19 |
| | |||||
* | Use a single reloader per tls config file, and not one per instance. | Henning Baldersheim | 2020-04-23 | 1 | -135/+23 |
| | |||||
* | Override hostname verification in PeerAuthorizerTrustManager | Bjørn Christian Seime | 2020-02-17 | 1 | -3/+3 |
| | | | | | Override hostname verification on client-side. Remove overriding of hostname verification for server-side. | ||||
* | Use 'withTrustManager' in ConfigFileBasedTlsContext | Bjørn Christian Seime | 2020-02-17 | 1 | -5/+5 |
| | |||||
* | Use JDK8 as build target for security-utils | Bjørn Christian Seime | 2019-12-02 | 1 | -4/+4 |
| | |||||
* | Add additional constructor for custom peer authentication mode | Bjørn Christian Seime | 2019-09-13 | 1 | -3/+12 |
| | |||||
* | Fix typo in class name | Bjørn Christian Seime | 2019-07-04 | 1 | -0/+185 |