aboutsummaryrefslogtreecommitdiffstats
path: root/security-utils/src/main/java/com/yahoo/security/tls
Commit message (Expand)AuthorAgeFilesLines
* Implement RequireCapabilitiesFilter in jrt + miscBjørn Christian Seime2022-07-203-8/+9
* Add to-string helper to ConnectionAuthContextBjørn Christian Seime2022-07-201-1/+38
* Simplify type definition for subject alternative namesBjørn Christian Seime2022-07-201-4/+4
* Move generic crypto helpers from 'c.y.s.tls' to 'c.y.s'Bjørn Christian Seime2022-07-208-482/+3
* Merge Java package 'c.y.s.tls.{auth,json,policy}' into 'c.y.s.tls'Bjørn Christian Seime2022-07-2019-66/+20
* Remove empty packageBjørn Christian Seime2022-07-201-8/+0
* Add 'CapabilitySet.has()' methodsBjørn Christian Seime2022-07-201-0/+3
* Add environment variable for capabilities enforcement modeBjørn Christian Seime2022-07-202-0/+33
* Rename method/variable names to match new class nameBjørn Christian Seime2022-07-191-1/+1
* Include mode in log messageBjørn Christian Seime2022-07-151-3/+4
* Rename 'toCapabilityNames()' to 'toNames()'Bjørn Christian Seime2022-07-152-2/+2
* Always run PeerAutorizerBjørn Christian Seime2022-07-159-45/+44
* Rename 'hasAllCapabilities()' => 'hasAll()'Bjørn Christian Seime2022-07-152-2/+2
* Change type from SortedSet to SetBjørn Christian Seime2022-07-152-7/+4
* Rename 'succeeded' => 'authorized'Bjørn Christian Seime2022-07-152-2/+2
* Include full certificate chain in auth contextBjørn Christian Seime2022-07-153-15/+26
* Return granted capabilities from PeerAuthorizerBjørn Christian Seime2022-07-155-53/+46
* Add Capability and CapabilitySet including JSON serializationBjørn Christian Seime2022-07-135-4/+147
* Convert POJOs to recordBjørn Christian Seime2022-07-132-79/+9
* Remove 'role' concept from 'authorized-peers'Bjørn Christian Seime2022-07-116-86/+9
* Disable '?' as single char wildcard for URI matchingBjørn Christian Seime2021-12-093-6/+6
* Support glob pattern for URIs with '/' as boundaryBjørn Christian Seime2021-12-022-15/+11
* Add glob pattern helper that handles multiple alternative boundariesBjørn Christian Seime2021-12-022-35/+89
* Disable ciphers that are only supported by some JDK-11 versionsBjørn Christian Seime2021-11-091-4/+5
* Update 2020 Oath copyrights.gjoranv2021-10-271-1/+1
* Update 2019 Oath copyrights.gjoranv2021-10-277-7/+7
* Update Verizon Media copyright notices.gjoranv2021-10-072-2/+2
* Update 2018 copyright notices.gjoranv2021-10-0721-21/+21
* Remove com.yahoo.vespa.jdk8compatBjørn Christian Seime2021-03-106-13/+21
* Make TLS protocol version configurable in TLS config fileBjørn Christian Seime2021-02-245-10/+44
* Disable TLSV1.3Bjørn Christian Seime2021-02-241-1/+2
* Allow TLSv1.3Bjørn Christian Seime2021-02-181-1/+1
* Use singleton already present.Henning Baldersheim2021-01-281-4/+0
* Use a single, shared TlsContext instanceBjørn Christian Seime2021-01-142-18/+31
* Revert "Use a single reloader per tls config file, and not one per instance."Bjørn Christian Seime2021-01-142-162/+135
* Revert "Use reference counting to avoid relying on GC to drop threads."Bjørn Christian Seime2021-01-142-36/+8
* Support SAN URI based rules in authorization policiesBjørn Christian Seime2020-11-265-3/+55
* Encapsulate pattern implementation in RequiredPeerCredentialBjørn Christian Seime2020-11-253-7/+27
* Revert "Revert "Bjorncs/health check proxy https""Bjørn Christian Seime2020-10-151-0/+27
* Revert "Bjorncs/health check proxy https"Arnstein Ressem2020-10-151-27/+0
* Add trust manager that accepts any server certificateBjørn Christian Seime2020-10-141-0/+27
* Revert "Revert "Expose underlying certificate and private key from SiaIdentit...Bjørn Christian Seime2020-06-021-1/+9
* Revert "Expose underlying certificate and private key from SiaIdentityProvider "Harald Musum2020-05-281-9/+1
* Merge pull request #13257 from vespa-engine/bjorncs/service-identity-provider...Bjørn Christian Seime2020-05-281-1/+9
|\
| * Expose underlying certificate and private key from SiaIdentityProviderBjørn Christian Seime2020-05-181-1/+9
* | Ignore unknown fields in subclasses as wellBjørn Christian Seime2020-05-181-0/+3
|/
* Support construction of PeerPolicy with descriptionBjørn Christian Seime2020-05-133-2/+16
* Use reference counting to avoid relying on GC to drop threads.Henning Baldersheim2020-04-232-8/+36
* Use a single reloader per tls config file, and not one per instance.Henning Baldersheim2020-04-232-135/+162
* Override hostname verification in PeerAuthorizerTrustManagerBjørn Christian Seime2020-02-174-28/+56