index
:
vespa
6
7
andreer/permanent-enclave-flag
aressem/test-dummy
aressem/test-pr-bk
aressem/test-pr-build-3
aressem/test-valgrind
arnej/add-feature-flag
arnej/cosmetic-message-fix
arnej/golang-slime-port-1
arnej/remove-convert-in-calculator
arnej/use-our-shell-quote
arnej/wip-sand-fixups
balder/apply-termwise-filters-on-match-phase-2
balder/cpu-specific-compiles-for-bit-operations
balder/deinline
balder/enable-std-stding-as-default
balder/hosted-always-convert-percentages-in-config-model
balder/no-longer-need-commit-and-wait
balder/prepare-for-hw-specialized-hamming-distance
balder/prepare-for-string_view-1
balder/thread-local-jetty-bytebuffer-pool
balder/update-defaults-for-use-xxx-fetch-postings
balder/zncurve
bjormel/aws-main-controller
bjormel/aws-main-controller-take2
bratseth/grouping-trace
bratseth/linguistics-context-rebased
bratseth/more-exclusive-take-2
bratseth/stem-prefixes
bratseth/streamed-fill
hakonhall/enumerate-all-prod-regions
hakonhall/fix-remembertoupdatesystemflagsdataarchive-javadoc
havardpe/enable-nested-ctf-meta-data
havardpe/extract-default-query-feature-values
havardpe/protoc-gen-csi
interns/languageserver
interns/magnus/symbols
jdk21-preparations
jonmv/allow-private-endpoints-in-dev-perf
jonmv/dependency-inversion-for-mbus-config
jvenstad/utils
kkraune/ci-warning
ldalves/querybuilder
leandroalves/prod-controller
lesters/bert-testing
lesters/external-llms
lesters/stateless-onnx-eval-once
master
mortent/calypso
mortent/new-public-cd-endpoint
mpolden/update-abi
olaa/delete-flags
olaa/otel-config-model
renovate/junit5-monorepo
renovate/major-protobuf.vespa.version
renovate/maven-shade-plugin.vespa.version
renovate/plexus-archiver.vespa.version
revert-26576-revert-26567-bjorncs/cloud-app-validation
revert-26584-revert-26578-bjorncs/tlsv13
revert-27857-bjorncs/tls13
revert-28660-revert-28656-hmusum/fix-onnx-model-cost
revert-30559-toregge/require-vespa-build-dependencies-for-vespa-devel
toregge/port-to-appleclang
vekterli/change-test-and-set-update-not-found-semantics
yngveaasheim/skeleton-for-component-in-metrics-enum
An engine for low-latency computation over large data sets
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
security-utils
/
src
/
main
Commit message (
Expand
)
Author
Age
Files
Lines
*
Move logic for capability checking/logging to ConnectionAuthContext
Bjørn Christian Seime
2022-07-21
3
-9
/
+63
*
Use getSubjectCommonName()
Bjørn Christian Seime
2022-07-21
1
-7
/
+1
*
Get ConnectionAuthContext from SSL session after handshake is complete
Bjørn Christian Seime
2022-07-21
3
-28
/
+67
*
Include client certificate chain even when authorization is disabled
Bjørn Christian Seime
2022-07-20
3
-4
/
+11
*
Implement RequireCapabilitiesFilter in jrt + misc
Bjørn Christian Seime
2022-07-20
3
-8
/
+9
*
Add to-string helper to ConnectionAuthContext
Bjørn Christian Seime
2022-07-20
1
-1
/
+38
*
Simplify type definition for subject alternative names
Bjørn Christian Seime
2022-07-20
4
-17
/
+17
*
Add 'X509CertificateUtils.getSubjectCommonName()'
Bjørn Christian Seime
2022-07-20
1
-1
/
+7
*
Move generic crypto helpers from 'c.y.s.tls' to 'c.y.s'
Bjørn Christian Seime
2022-07-20
9
-20
/
+10
*
Merge Java package 'c.y.s.tls.{auth,json,policy}' into 'c.y.s.tls'
Bjørn Christian Seime
2022-07-20
19
-66
/
+20
*
Remove empty package
Bjørn Christian Seime
2022-07-20
1
-8
/
+0
*
Add 'CapabilitySet.has()' methods
Bjørn Christian Seime
2022-07-20
1
-0
/
+3
*
Add environment variable for capabilities enforcement mode
Bjørn Christian Seime
2022-07-20
2
-0
/
+33
*
Rename method/variable names to match new class name
Bjørn Christian Seime
2022-07-19
1
-1
/
+1
*
Include mode in log message
Bjørn Christian Seime
2022-07-15
1
-3
/
+4
*
Rename 'toCapabilityNames()' to 'toNames()'
Bjørn Christian Seime
2022-07-15
2
-2
/
+2
*
Always run PeerAutorizer
Bjørn Christian Seime
2022-07-15
9
-45
/
+44
*
Rename 'hasAllCapabilities()' => 'hasAll()'
Bjørn Christian Seime
2022-07-15
2
-2
/
+2
*
Change type from SortedSet to Set
Bjørn Christian Seime
2022-07-15
2
-7
/
+4
*
Rename 'succeeded' => 'authorized'
Bjørn Christian Seime
2022-07-15
2
-2
/
+2
*
Include full certificate chain in auth context
Bjørn Christian Seime
2022-07-15
3
-15
/
+26
*
Return granted capabilities from PeerAuthorizer
Bjørn Christian Seime
2022-07-15
5
-53
/
+46
*
Add Capability and CapabilitySet including JSON serialization
Bjørn Christian Seime
2022-07-13
5
-4
/
+147
*
Convert POJOs to record
Bjørn Christian Seime
2022-07-13
2
-79
/
+9
*
Remove 'role' concept from 'authorized-peers'
Bjørn Christian Seime
2022-07-11
6
-86
/
+9
*
Add NTokenGenerator
Håkon Hallingstad
2022-03-16
1
-0
/
+8
*
Disable '?' as single char wildcard for URI matching
Bjørn Christian Seime
2021-12-09
3
-6
/
+6
*
Support glob pattern for URIs with '/' as boundary
Bjørn Christian Seime
2021-12-02
2
-15
/
+11
*
Add glob pattern helper that handles multiple alternative boundaries
Bjørn Christian Seime
2021-12-02
2
-35
/
+89
*
Disable ciphers that are only supported by some JDK-11 versions
Bjørn Christian Seime
2021-11-09
1
-4
/
+5
*
Update 2020 Oath copyrights.
gjoranv
2021-10-27
1
-1
/
+1
*
Update 2019 Oath copyrights.
gjoranv
2021-10-27
9
-9
/
+9
*
Update Verizon Media copyright notices.
gjoranv
2021-10-07
3
-3
/
+3
*
Update 2018 copyright notices.
gjoranv
2021-10-07
38
-38
/
+38
*
Read certificate fingerprint
Morten Tokle
2021-09-22
1
-0
/
+15
*
Revert "Revert mortent/cfg operator cert"
Morten Tokle
2021-05-28
1
-0
/
+17
*
Revert "Add top-level object, simplify tests"
Morten Tokle
2021-05-25
1
-17
/
+0
*
Add top-level object, simplify tests
Morten Tokle
2021-05-25
1
-0
/
+17
*
Remove com.yahoo.vespa.jdk8compat
Bjørn Christian Seime
2021-03-10
11
-96
/
+21
*
Make TLS protocol version configurable in TLS config file
Bjørn Christian Seime
2021-02-24
5
-10
/
+44
*
Disable TLSV1.3
Bjørn Christian Seime
2021-02-24
1
-1
/
+2
*
Allow TLSv1.3
Bjørn Christian Seime
2021-02-18
1
-1
/
+1
*
Use singleton already present.
Henning Baldersheim
2021-01-28
1
-4
/
+0
*
Use a single, shared TlsContext instance
Bjørn Christian Seime
2021-01-14
2
-18
/
+31
*
Revert "Use a single reloader per tls config file, and not one per instance."
Bjørn Christian Seime
2021-01-14
2
-162
/
+135
*
Revert "Use reference counting to avoid relying on GC to drop threads."
Bjørn Christian Seime
2021-01-14
2
-36
/
+8
*
Support SAN URI based rules in authorization policies
Bjørn Christian Seime
2020-11-26
5
-3
/
+55
*
Add convenience method for adding SAN
Bjørn Christian Seime
2020-11-25
1
-0
/
+5
*
Encapsulate pattern implementation in RequiredPeerCredential
Bjørn Christian Seime
2020-11-25
3
-7
/
+27
*
Revert "Revert "Bjorncs/health check proxy https""
Bjørn Christian Seime
2020-10-15
1
-0
/
+27
[next]