aboutsummaryrefslogtreecommitdiffstats
path: root/security-utils/src/main/java/com/yahoo/security/tls
Commit message (Expand)AuthorAgeFilesLines
* Enable TLSv1.3 for Vespa mTLSBjørn Christian Seime2023-07-201-10/+7
* Short-cut re-acquiring ordered locksjonmv2023-06-271-10/+4
* Revert "Enable TLSv1.3 for Vespa mTLS"Henning Baldersheim2023-03-251-7/+10
* Enable TLSv1.3 for Vespa mTLSBjørn Christian Seime2023-03-241-10/+7
* Merge pull request #26168 from vespa-engine/revert-26152-revert-26139-vekterl...Tor Brede Vekterli2023-02-242-2/+4
|\
| * Revert "Revert "Add `vespa.content.state_api` capability" MERGEOK"Tor Brede Vekterli2023-02-232-2/+4
* | Revert "Revert "Store original capability (set) names from JSON config in Pee...Bjørn Christian Seime2023-02-235-20/+69
|/
* Merge pull request #26153 from vespa-engine/revert-26145-bjorncs/capabilitiesBjørn Christian Seime2023-02-235-69/+20
|\
| * Revert "Store original capability (set) names from JSON config in PeerPolicy"Bjørn Christian Seime2023-02-235-69/+20
* | Revert "Add `vespa.content.state_api` capability"Bjørn Christian Seime2023-02-232-4/+2
|/
* Merge pull request #26139 from vespa-engine/vekterli/add-content-state-api-ca...Tor Brede Vekterli2023-02-222-2/+4
|\
| * Add `vespa.content.state_api` capability to JavaTor Brede Vekterli2023-02-222-2/+4
* | Store original capability (set) names from JSON config in PeerPolicyBjørn Christian Seime2023-02-225-20/+69
|/
* Grant container nodes access to container document apiBjørn Christian Seime2023-02-201-1/+2
* Specify that '/logs' requires logserver capabilityBjørn Christian Seime2023-02-171-1/+2
* Warn instead of fail for unknown capability (set)Bjørn Christian Seime2023-02-172-9/+10
* Improve metric names, fix wiringBjørn Christian Seime2023-02-161-9/+9
* Add capability 'vespa.sentinel.inspect_services'Bjørn Christian Seime2023-02-161-0/+1
* Add metrics for capability checksBjørn Christian Seime2023-02-162-0/+39
* Add capability 'vespa.content.proton_admin_api'Bjørn Christian Seime2023-02-151-0/+1
* Add slobrok capability to all application nodesBjørn Christian Seime2023-02-151-2/+2
* Add new capabilities to existing capability setsBjørn Christian Seime2023-02-151-6/+10
* Require capabilities for built-in request handlersBjørn Christian Seime2023-02-141-0/+4
* Revert "Revert "Bjorncs/capabilities""Henning Baldersheim2023-02-142-14/+28
* Revert "Bjorncs/capabilities"Henning Baldersheim2023-02-142-28/+14
* Add new capabilities in node specific capability setsBjørn Christian Seime2023-02-132-8/+22
* Rename 'from()' to 'of()'Bjørn Christian Seime2023-02-132-6/+6
* Define required capabilities for existing JRT RPC methodsBjørn Christian Seime2023-02-091-0/+12
* Introduce capbilities for unclassified APIsBjørn Christian Seime2023-02-091-0/+3
* Move definition of predefined capability set to parent classBjørn Christian Seime2023-02-093-29/+45
* Add 'vespa.none' capabilityBjørn Christian Seime2023-02-061-0/+1
* Unify on Streams.toListHenning Baldersheim2023-01-172-4/+2
* Ensure that HTTPS clients only use allowed ciphers and protocol versionsBjørn Christian Seime2023-01-091-1/+22
* Revert "Ensure that HTTPS clients only use allowed ciphers and protocol versi...Andreas Eriksen2023-01-061-22/+1
* Ensure that HTTPS clients only use allowed ciphers and protocol versionsBjørn Christian Seime2023-01-061-1/+22
* Ignore calls to SystemTlsContext.close()Bjørn Christian Seime2022-08-301-2/+1
* Force caller to handle failed capability verification checkBjørn Christian Seime2022-07-212-14/+28
* Improve error messageBjørn Christian Seime2022-07-211-1/+1
* Move logic for capability checking/logging to ConnectionAuthContextBjørn Christian Seime2022-07-213-9/+63
* Use getSubjectCommonName()Bjørn Christian Seime2022-07-211-7/+1
* Get ConnectionAuthContext from SSL session after handshake is completeBjørn Christian Seime2022-07-213-28/+67
* Include client certificate chain even when authorization is disabledBjørn Christian Seime2022-07-203-4/+11
* Implement RequireCapabilitiesFilter in jrt + miscBjørn Christian Seime2022-07-203-8/+9
* Add to-string helper to ConnectionAuthContextBjørn Christian Seime2022-07-201-1/+38
* Simplify type definition for subject alternative namesBjørn Christian Seime2022-07-201-4/+4
* Move generic crypto helpers from 'c.y.s.tls' to 'c.y.s'Bjørn Christian Seime2022-07-208-482/+3
* Merge Java package 'c.y.s.tls.{auth,json,policy}' into 'c.y.s.tls'Bjørn Christian Seime2022-07-2019-66/+20
* Remove empty packageBjørn Christian Seime2022-07-201-8/+0
* Add 'CapabilitySet.has()' methodsBjørn Christian Seime2022-07-201-0/+3
* Add environment variable for capabilities enforcement modeBjørn Christian Seime2022-07-202-0/+33