1. 13 Oct, 2023 13 commits
  2. 12 Oct, 2023 3 commits
  3. 11 Oct, 2023 2 commits
  4. 10 Oct, 2023 6 commits
  5. 09 Oct, 2023 3 commits
  6. 06 Oct, 2023 4 commits
  7. 05 Oct, 2023 4 commits
  8. 04 Oct, 2023 4 commits
    • Jérome Perrin's avatar
      component/git: version up 2.42.0 · e5892c7a
      Jérome Perrin authored
      e5892c7a
    • Jérome Perrin's avatar
    • Łukasz Nowak's avatar
      rapid-cdn: Handle correctly wildcard domains · a039c8cf
      Łukasz Nowak authored
      While generating haproxy configuration (including it's CRT list) the specific
      order of entries is used, so that wildcard domains end up last. Thanks to this
      they work as a catch-all and allow specific domain to take precedence. Care
      is taken to support *.example.example.com and *.example.com situation - so
      tree like possibility of wildcards.
      
      Anonymous in-place ACL are used per each domain, instead of per-shared
      instance grouping in order to avoid situation like *.example.com and
      example.com having single ACL, thus resulting with catch-all kicking in too
      fast.
      
      For the precision in the haproxy configuration and simplifcation of the regular
      expressions the -m reg is used, so that host_only can be applied, which also
      lowercases the hostname.
      
      Notes:
       * test00cluster_request_instance_parameter_dict changed due to sorting slaves
         in test's requestSlaves
       * the test infrastructure has been improved to assure repetition of the
         situation
       * tests in TestSlaveHostHaproxyClash are asserting that correct domain AND
         that specific certificate have been used while serving given frontend
         configuration
      a039c8cf
    • Joanne Hugé's avatar
  9. 02 Oct, 2023 1 commit
    • Jérome Perrin's avatar
      component/ca-certificates: version up 20230311 · 5f05b413
      Jérome Perrin authored
      A similar patches as ca-certificates-sbin-dir was
      applied upstream as 4f0d3ec7aa4ebc91793245ed66c0e24d7150782b , the rest
      of our patch was to use mkdir -p instead of mkdir, we keep this part in
      ca-certificates-mkdir-p.patch
      
      This introduces a new patch to not depend on cryptography, which is used
      only to print a warning on the console when an expired certificate is
      used.
      5f05b413