Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | bugfix: memory leak in imtcp & subsystems under some circumstances | Rainer Gerhards | 2011-06-10 | 1 | -0/+1 |
| | | | | | | | | | This leak is tied to error conditions which lead to incorrect cleanup of some data structures. Note: this is a backport from v6. In v5, we currently do not have the toolchain to verify the original problem and that it is solved. So this patch is preliminary and subject to change as work progresses. | ||||
* | bugfix(important): problem in TLS handling could cause rsyslog to loopv3.22.3 | Rainer Gerhards | 2010-11-24 | 1 | -0/+17 |
| | | | | | | ... in a tight loop, effectively disabling functionality and bearing the risk of unresponsiveness of the whole system. Bug tracker: http://bugzilla.adiscon.com/show_bug.cgi?id=194 | ||||
* | cleanup of debugging messages (removed no longer needed ones) | Rainer Gerhards | 2008-07-14 | 1 | -2/+0 |
| | |||||
* | fixed invalid state checking inside gtls retry handler | Rainer Gerhards | 2008-06-25 | 1 | -1/+1 |
| | |||||
* | gnu error status must be set after retry operation | Rainer Gerhards | 2008-06-24 | 1 | -0/+2 |
| | | | | ... otherwise, we check an invalid error state. | ||||
* | added support for EGAIN while trying to receive data on gTLS session | Rainer Gerhards | 2008-06-24 | 1 | -1/+21 |
| | | | | | | | | | This maps to bugzilla bug 83: http://bugzilla.adiscon.com/show_bug.cgi?id=83 This is the first test version, posted to user for repro of the problem. It contains code to handle the case, HOWEVER, I have not been able to test it in a scenario where a retry actually happens while receiving (I dont't get this in my environment). So I assume it is buggy and will probably not work. | ||||
* | implemented x509/certvalid "authentication" | Rainer Gerhards | 2008-05-21 | 1 | -1/+1 |
| | |||||
* | changed default GnuTLS key material to more reasonable values | Rainer Gerhards | 2008-05-20 | 1 | -1/+0 |
| | | | | | We now also provide everything to sign with a common CA. NOTE: none of this is for production use! | ||||
* | first implementation of TLS server client authentication check | Rainer Gerhards | 2008-05-19 | 1 | -4/+5 |
| | | | | | | | The TLS server now checks the client fingerprint. This works, but is highly experimental. Needs to be refined for practice. Also: - implemented permittedPeers helper construct to store names - changed omfwd implementation to use new permittedPeers | ||||
* | Merge branch 'master' into ietf-tls | Rainer Gerhards | 2008-05-16 | 1 | -0/+6 |
|\ | |||||
| * | fixed potential uninitialzed var access (highly improbable) | Rainer Gerhards | 2008-05-16 | 1 | -0/+2 |
| | | |||||
| * | bugfix: TLS server went into an endless loop in some situations. | Rainer Gerhards | 2008-05-15 | 1 | -0/+4 |
| | | | | | | | | Thanks to Michael Biebl for reporting the problem. | ||||
* | | client provides x.509 and server prints fingerprint | Rainer Gerhards | 2008-05-15 | 1 | -0/+3 |
|/ | |||||
* | server's X509 cert fingerprint is obtained by client on connect | Rainer Gerhards | 2008-05-08 | 1 | -2/+2 |
| | |||||
* | added a bit of doc (at least something...) | Rainer Gerhards | 2008-05-08 | 1 | -0/+4 |
| | |||||
* | restructured netstrm driver layer | Rainer Gerhards | 2008-04-30 | 1 | -30/+5 |
| | | | | | | | the new structure prevents repetitive loads and unloads of driver files; it also has less overhead The "select" and regular driver are now contained in a single file. | ||||
* | server handshake now works with nonblocking sockets | Rainer Gerhards | 2008-04-30 | 1 | -2/+70 |
| | |||||
* | made gtls server driver work in plain tcp mode | Rainer Gerhards | 2008-04-25 | 1 | -3/+17 |
| | |||||
* | added select() driver for GnuTls | Rainer Gerhards | 2008-04-24 | 1 | -0/+170 |