1. 14 Jan, 2019 2 commits
  2. 11 Jan, 2019 3 commits
  3. 05 Jan, 2019 3 commits
  4. 03 Jan, 2019 1 commit
    • Josh Braegger's avatar
      Fix getting long serial numbers for openssl < 1.1 · 5b2efc0a
      Josh Braegger authored
      From https://www.ietf.org/rfc/rfc5280.txt
      
      > As noted in Section 4.1.2.2, serial numbers can be expected to
      > contain long integers.  Certificate users MUST be able to handle
      > serialNumber values up to 20 octets in length.  Conforming CAs MUST
      > NOT use serialNumber values longer than 20 octets.
      
      Without this, nghttpx will fatal.
      
          jbraeg$ openssl x509 -in ~/test_certs/client.crt -serial -noout
          serial=E0CFDFC7CEA10DF8AAF715C37FAEB410
      
          jbraeg$ curl -k --key ~/test_certs/client.key --cert ~/test_certs/client.crt https://192.168.98.100:3000/; echo
          curl: (56) Unexpected EOF
      
          ...
          Assertion failed: n == b.size() (shrpx_tls.cc: get_x509_serial: 2051)
          2019-01-03T20:25:21.289Z 1 1 f84316ae NOTICE (shrpx_log.cc:895) Worker process: [9] exited abnormally with status 0x06; exit status 0; signal Aborted(6)
          2019-01-03T20:25:21.290Z 1 1 f84316ae NOTICE (shrpx.cc:4311) Shutdown momentarily
      5b2efc0a
  5. 27 Dec, 2018 1 commit
  6. 26 Dec, 2018 2 commits
  7. 25 Dec, 2018 2 commits
  8. 11 Dec, 2018 1 commit
  9. 09 Dec, 2018 2 commits
  10. 23 Nov, 2018 10 commits
  11. 18 Nov, 2018 1 commit
  12. 15 Nov, 2018 5 commits
  13. 09 Nov, 2018 2 commits
  14. 02 Nov, 2018 5 commits