| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Remove TlsAwareHttpClientBuilder | Bjørn Christian Seime | 2019-04-08 | 4 | -310/+0 |
| | | |||||
| * | Remove VespaHttpClientBuilder from security-utils | Bjørn Christian Seime | 2019-04-08 | 1 | -109/+0 |
| | | |||||
| * | Revert "Bjorncs/http utils" | Håkon Hallingstad | 2019-04-08 | 1 | -0/+109 |
| | | |||||
| * | Remove VespaHttpClientBuilder from security-utils | Bjørn Christian Seime | 2019-04-05 | 1 | -109/+0 |
| | | |||||
| * | Revert "Remove TlsAwareHttpClientBuilder" | Bjørn Christian Seime | 2019-04-05 | 4 | -0/+310 |
| | | | | | This reverts commit e962344ba28b9f84028a129a24c92b40fdc076b8. | ||||
| * | Export package 'com.yahoo.security.tls.https' | Bjørn Christian Seime | 2019-04-04 | 1 | -0/+8 |
| | | |||||
| * | Use URIBuilder | Bjørn Christian Seime | 2019-04-03 | 1 | -1/+2 |
| | | |||||
| * | Remove TlsAwareHttpClientBuilder | Bjørn Christian Seime | 2019-04-03 | 5 | -318/+0 |
| | | |||||
| * | Add VespaHttpClientBuilder based on apache httpclient | Bjørn Christian Seime | 2019-04-03 | 1 | -0/+108 |
| | | |||||
| * | Stop reload task when there are no external references to the managers | Bjørn Christian Seime | 2019-03-01 | 1 | -18/+56 |
| | | | | | | The reload task will shut down the executor service when the GC has determined that there are no other references to the key/trust manager. | ||||
| * | Add utility method to construct http client | Bjørn Christian Seime | 2019-02-25 | 1 | -0/+9 |
| | | |||||
| * | Add withCertificateEntries() to KeyStoreBuilder | Bjørn Christian Seime | 2019-02-25 | 2 | -14/+7 |
| | | |||||
| * | Add utility method to construct tls context | Bjørn Christian Seime | 2019-02-25 | 1 | -0/+5 |
| | | |||||
| * | Add constructor without tls context parameter | Bjørn Christian Seime | 2019-02-25 | 1 | -3/+7 |
| | | |||||
| * | User agent must be specified | Bjørn Christian Seime | 2019-02-25 | 1 | -4/+0 |
| | | |||||
| * | Merge pull request #8572 from vespa-engine/bjorncs/jdisc-mixed-mode | Bjørn Christian Seime | 2019-02-25 | 4 | -29/+42 |
| |\ | | | | | Bjorncs/jdisc mixed mode | ||||
| | * | Override default hostname verification in PeerAuthorizerTrustManager | Bjørn Christian Seime | 2019-02-22 | 4 | -29/+42 |
| | | | | | | | | | | | Ensure that the default hostname verification is not applied for the Vespa TLS certificates. Use the custom trust manager even when no authorized peers rules are present. | ||||
| * | | Introduce http client that follows Vespa TLS config | Bjørn Christian Seime | 2019-02-21 | 4 | -0/+309 |
| |/ | |||||
| * | Fix spelling errors | Bjørn Christian Seime | 2019-02-19 | 2 | -2/+2 |
| | | |||||
| * | Misc changes to TlsContext and its implementations | Bjørn Christian Seime | 2019-02-19 | 3 | -49/+147 |
| | | | | | | | | | - Add methods to retrieve underlying SSLContext and SSLParameters - Add createSslEngine() overload with peer host and port - Remove constructor DefaultTlsContext constructor taking path to config file. - Resolve valid ciphers and protcols in constructor. - Use mutual x509 key/trust manager in ReloadingTlsContext | ||||
| * | Add withKeyManagerFactory() to specify custom key manager | Bjørn Christian Seime | 2019-02-19 | 2 | -24/+6 |
| | | | | | | | | - Introduce an interface for key manager factory. - Change SslContextBuilder to call trust/key manager factory even when no truststore/keystore has been specified. - Change trust manager factory to be specific for x509. - Use TrustManagerUtils/KeyManagerUtil to construct default managers. | ||||
| * | Require client auth for ssl engines constructed by DefaultTlsContext | Bjørn Christian Seime | 2019-02-19 | 1 | -0/+1 |
| | | |||||
| * | Add mutable x509 trust manager | Bjørn Christian Seime | 2019-02-19 | 1 | -0/+70 |
| | | | | | Add a x509 trust manager where certificates can be updated while the manager is in use. | ||||
| * | Add x509 key manager that regularly updates cert chain from PEM files | Bjørn Christian Seime | 2019-02-19 | 1 | -0/+150 |
| | | |||||
| * | Add mutable x509 key manager | Bjørn Christian Seime | 2019-02-19 | 1 | -0/+106 |
| | | | | | | Add a x509 key manager where certificates can be updated while the manager is in use. | ||||
| * | Add utility classes for constructing default x509 trust/key manager | Bjørn Christian Seime | 2019-02-19 | 2 | -0/+99 |
| | | |||||
| * | Revert "Bjorncs/jdisc mixed mode preparations" | Arnstein Ressem | 2019-02-18 | 10 | -578/+72 |
| | | |||||
| * | Fix spelling errors | Bjørn Christian Seime | 2019-02-18 | 2 | -2/+2 |
| | | |||||
| * | Misc changes to TlsContext and its implementations | Bjørn Christian Seime | 2019-02-14 | 3 | -49/+147 |
| | | | | | | | | | - Add methods to retrieve underlying SSLContext and SSLParameters - Add createSslEngine() overload with peer host and port - Remove constructor DefaultTlsContext constructor taking path to config file. - Resolve valid ciphers and protcols in constructor. - Use mutual x509 key/trust manager in ReloadingTlsContext | ||||
| * | Add withKeyManagerFactory() to specify custom key manager | Bjørn Christian Seime | 2019-02-14 | 2 | -24/+6 |
| | | | | | | | | - Introduce an interface for key manager factory. - Change SslContextBuilder to call trust/key manager factory even when no truststore/keystore has been specified. - Change trust manager factory to be specific for x509. - Use TrustManagerUtils/KeyManagerUtil to construct default managers. | ||||
| * | Require client auth for ssl engines constructed by DefaultTlsContext | Bjørn Christian Seime | 2019-02-14 | 1 | -0/+1 |
| | | |||||
| * | Add mutable x509 trust manager | Bjørn Christian Seime | 2019-02-14 | 1 | -0/+70 |
| | | | | | Add a x509 trust manager where certificates can be updated while the manager is in use. | ||||
| * | Add x509 key manager that regularly updates cert chain from PEM files | Bjørn Christian Seime | 2019-02-14 | 1 | -0/+150 |
| | | |||||
| * | Add mutable x509 key manager | Bjørn Christian Seime | 2019-02-14 | 1 | -0/+106 |
| | | | | | | Add a x509 key manager where certificates can be updated while the manager is in use. | ||||
| * | Add utility classes for constructing default x509 trust/key manager | Bjørn Christian Seime | 2019-02-14 | 2 | -0/+99 |
| | | |||||
| * | Fix typo | Bjørn Christian Seime | 2019-02-01 | 1 | -1/+1 |
| | | |||||
| * | Restrict enabled protocols | Bjørn Christian Seime | 2019-02-01 | 1 | -0/+16 |
| | | |||||
| * | Allow configuration of accepted ciphers | Bjørn Christian Seime | 2019-01-23 | 4 | -10/+41 |
| | | |||||
| * | Add TLSv1.3 cipher suites to whitelist | Bjørn Christian Seime | 2019-01-23 | 1 | -1/+4 |
| | | |||||
| * | Change access modifier to 'public' for 'fromConfigValue()' | Bjørn Christian Seime | 2019-01-15 | 2 | -2/+2 |
| | | |||||
| * | Return default values when env vars are not present | Bjørn Christian Seime | 2019-01-15 | 1 | -10/+6 |
| | | |||||
| * | Define default value for tls authorization mode | Bjørn Christian Seime | 2019-01-15 | 1 | -0/+8 |
| | | |||||
| * | Add 'tls_client_tls_server' as tls mixed mode option | Bjørn Christian Seime | 2019-01-15 | 1 | -1/+9 |
| | | | | | Also introduce default value for mixed mode. | ||||
| * | Store authorization result in TlsCryptoSocket | Bjørn Christian Seime | 2019-01-08 | 1 | -0/+9 |
| | | |||||
| * | Change LOG_ONLY config value from 'log-only' to 'log_only' | Bjørn Christian Seime | 2018-12-10 | 1 | -1/+1 |
| | | |||||
| * | Fix spelling error ('suits' -> 'suites') | Bjørn Christian Seime | 2018-12-05 | 1 | -7/+7 |
| | | |||||
| * | Remove whitelisting of AES-CBC ciphers | Bjørn Christian Seime | 2018-12-05 | 1 | -5/+1 |
| | | |||||
| * | Use AuthorizationMode to configure behaviour of PeerAuthorizerTrustManager | Bjørn Christian Seime | 2018-12-05 | 5 | -26/+29 |
| | | |||||
| * | Add AutorizationMode | Bjørn Christian Seime | 2018-12-05 | 1 | -0/+30 |
| | | |||||
| * | Move MixedMode to separate class | Bjørn Christian Seime | 2018-12-05 | 2 | -23/+29 |
| | | |||||
 |
index : vespa | |
| An engine for low-latency computation over large data sets |
| summaryrefslogtreecommitdiffstats |