Skip to content

Release 1.9.0 #224

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Nov 12, 2025
Merged

Release 1.9.0 #224

merged 7 commits into from
Nov 12, 2025

Conversation

@themilchenko
Copy link
Contributor

@themilchenko themilchenko commented Nov 11, 2025
edited
Loading

The release introduces a new ssl_verify_client option and changes default behavior with provided ca_file param. Also a few bugs were fixed.

Added

Fixed

@themilchenko themilchenko force-pushed the themilchenko/fix-undefinded-sslsocket branch 5 times, most recently from f9f2461 to 2b520fc Compare November 11, 2025 17:49
@themilchenko themilchenko changed the title Themilchenko/fix undefinded sslsocket Release 1.9.0 Nov 11, 2025
@themilchenko themilchenko force-pushed the themilchenko/fix-undefinded-sslsocket branch 3 times, most recently from 198f259 to ce9b9e9 Compare November 11, 2025 19:00
@themilchenko
api: support ssl_verify_client option
542823d 
This patch allows to set a new `ssl_verify_client` option. It uses in
pair with `ssl_ca_file` option and needs for client validation. It could
have following values:

* `off` (default one) means that no client's certs will be verified;
* `on` means that server will verify client's certs;
* `optional` means that server will verify client's certs only if it exist.

This set of options was was built on top of the NGINX API
(https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_verify_client).

In effect, this option forces the server to work with mutual TLS.

Part of #207
@themilchenko
roles: support ssl_verify_client option
b4ad81d 
Since http server supports a new `ssl_verify_client` option it is
necessary to support it in role api as well.

This patch introduces a new config parameter in httpd role with the same
`ssl_verify_client` name.

Closes #207
@themilchenko themilchenko force-pushed the themilchenko/fix-undefinded-sslsocket branch 6 times, most recently from 4282833 to a05d560 Compare November 11, 2025 20:11
@themilchenko themilchenko marked this pull request as ready for review November 11, 2025 20:16
@themilchenko themilchenko self-assigned this Nov 11, 2025
@themilchenko themilchenko force-pushed the themilchenko/fix-undefinded-sslsocket branch 2 times, most recently from f7f222f to b44635d Compare November 12, 2025 07:08
DifferentialOrange
DifferentialOrange reviewed Nov 12, 2025
View reviewed changes
@themilchenko themilchenko force-pushed the themilchenko/fix-undefinded-sslsocket branch from b44635d to 7315fd5 Compare November 12, 2025 07:13
DifferentialOrange
DifferentialOrange approved these changes Nov 12, 2025
View reviewed changes
@themilchenko themilchenko force-pushed the themilchenko/fix-undefinded-sslsocket branch from 7315fd5 to 58a6d7b Compare November 12, 2025 07:27
@themilchenko themilchenko force-pushed the themilchenko/fix-undefinded-sslsocket branch from 58a6d7b to 00b9526 Compare November 12, 2025 07:29
@themilchenko themilchenko merged commit 9b73cab into master Nov 12, 2025
35 checks passed
@themilchenko themilchenko deleted the themilchenko/fix-undefinded-sslsocket branch November 12, 2025 07:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DifferentialOrange DifferentialOrange DifferentialOrange approved these changes

Assignees

@themilchenko themilchenko

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@themilchenko @DifferentialOrange