summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* CI: ignore output of brew update in travis build.quiet_brewAlan Antonuk2015-11-291-1/+2
|
* Lib: use amqp_cstring_bytes to construct stringAlan Antonuk2015-11-291-4/+2
| | | | | Use amqp_cstring_bytes to construct string instead of doing it manually as this is error-prone.
* Lib: memset based on size of argument.Alan Antonuk2015-11-281-5/+5
|
* CI: limit clone depth on appveyorAlan Antonuk2015-11-271-0/+3
|
* CI: Enable OpenSSL for appveyor builds.Alan Antonuk2015-11-271-1/+7
|
* Lib: correctly check SSL connectionInsu Yun2015-11-271-0/+10
| | | | | | | | | | | According to "https://www.openssl.org/docs/manmaster/ssl/SSL_get_verify_result.html", to verify SSL connection result, SSL_get_verify_result() needs to be called with SSL_get_peer_certificate(). In default mode, which verify_peer and verify_hostname are activated, then there is no problem because in verify_hostname, the existence of certificate is confirmed. However, it is possible that the user want to verify_peer, but not verify_host. In such case, it is not working as they wanted. Because with invalid certificate, the attacker can bypass certificate validity check.
* Lib: don't pass NULL to memcpy in amqp_table.cscan-build-fixesAlan Antonuk2015-11-101-5/+13
| | | | Issue surfaced by clang static-analyzer v3.5.
* Lib: use amqp_hostcheck correctlyAlan Antonuk2015-11-101-2/+2
| | | | | Use amqp_hostcheck instead of strcasecmp, and pass in the correct arguments in the right order in both SAN and CN codepaths.
* Lib: use vetted hostname validation algorithmssl_leakAlan Antonuk2015-11-081-91/+5
| | | | | | | Use vetted hostname validation code which should fix some of the issues with memory leaks from incorrect use of the OpenSSL API. Fixes #325
* Lib: clarify return value of amqp_hostcheckAlan Antonuk2015-11-082-17/+22
| | | | Use enum to specify values returned from amqp_hostcheck.
* Lib: Add robust OpenSSL hostname validation.Alan Antonuk2015-11-084-1/+231
| | | | | | Use vetted code from https://wiki.openssl.org/index.php/Hostname_validation and https://github.com/iSECPartners/ssl-conservatory to do hostname validation of SSL certs when using OpenSSL.
* Lib: remove useless #includes in amqp_hostcheck.*Alan Antonuk2015-11-082-5/+13
| | | | Also add some documentation of what the function does.
* Lib: add braces in if statements lacking them.Alan Antonuk2015-10-271-4/+8
|
* Lib: fix leak in amqp_ssl_socket_verify_hostnameopenssl_leaksAlan Antonuk2015-10-261-0/+4
| | | | | | | | The cert object should be X509_free'd after use, it leaks otherwise. Thanks Volker Schreiner for reporting this. Fixes #323
* build: Add check for posix_spawn functionsChris Packham2015-10-262-1/+3
| | | | | | | | | | These are usually found in librt. On some systems clock_gettime is also in librt so checking for it was implicitly satisfying the requirement for the posix_spawn functions. On newer systems (glibc >2.17 for example) clock_gettime is also found in libc so AC_SEARCH_LIBS() decides that it is not necessary to add -lrt to LIBS. Add an explicit check for posix_spawnp() to decide if -lrt is necessary.
* Lib: amqp_parse_url should initialize outputAlan Antonuk2015-10-243-1/+6
| | | | | | | amqp_parse_url() calls amqp_default_connection_info() to initialize the output parameter to sensible defaults that mirror what the Java and .NET do. Fixes #319
* Lib: clarify error check in amqp_login_innerAlan Antonuk2015-10-241-1/+1
| | | | | The current check was not clear in terms of readability, additionally it confused scan-build.
* Lib: fix potential leak in mem_pool implAlan Antonuk2015-10-241-0/+1
| | | | | amqp_pool_alloc will leak if the initial alloc succeeds, but the alloc for the block-list fails. This fixes that.
* Fix compiler warnings of visual studioCodeJuan2015-10-231-1/+1
|
* Lib: add amqp_ssl_socket_set_versions fnAlan Antonuk2015-10-224-2/+95
| | | | | Add amqp_ssl_socket_versions function which allows a user to specify the acceptable range of TLS versions they want to connect to the broker with.
* Lib: disable SSLv2 and SSLv3.Alan Antonuk2015-10-221-0/+2
| | | | | SSLv2 and SSLv3 are outdated, and contain serious security vulnerabilities. Disable these outdated protocols so they cannot be used.
* Lib: don't try hard when closing SSL socketsAlan Antonuk2015-10-224-28/+20
| | | | | | | | If a heartbeat timeout occurs skip calling SSL_shutdown as it involves doing a send() which will likely hang. Additionally don't wait for a response when doing an SSL_shutdown, as the underlying transport will not be reused. Fixes #313
* Fix for commit ba7c342a55e200d1f72b30d74df1591b0f72de49 making assertHugo Lefebvre2015-10-211-1/+1
| | | | condition always false (forgotten parenthesis)
* CMake: Set CMP0042 to use NEW policy.Alan Antonuk2015-10-191-0/+5
| | | | Fixes #293
* Lib: remove pointless initialization of last_errorIvan Skytte Jørgensen2015-10-191-1/+1
| | | | | Don't initialize local variable last_error because it is immediately assigned to and value is not used.
* Lib: Removed unused include <assert.h>pr314Ivan Skytte Jørgensen2015-10-182-2/+0
|
* Lib: remove unused macro RPC_REPLY.Ivan Skytte Jørgensen2015-10-181-5/+0
|
* Lib: fix incorrect cast in amqp_login_inner()Ivan Skytte Jørgensen2015-10-181-1/+1
| | | | | Removed superfluous and suspicious cast in amqp_simple_rpc() call. 'replies' is already a amqp_method_number_t*
* Lib: fix incorrect preprocessor conditionalIvan Skytte Jørgensen2015-10-181-1/+1
| | | | Use logical-or instead of bitwise-or in preprocessor conditional.
* CI: install libpopt library in osx travis build.Alan Antonuk2015-10-151-0/+7
| | | | Fixes #295
* Lib: separate peer & hostname SSL cert validationAlan Antonuk2015-10-152-11/+65
| | | | | | | | Add amqp_ssl_socket_set_verify_peer which controls peer certificate validation, and amqp_ssl_socket_set_verify_hostname which controls hostname validation in the certificate. Additionally this deprecates amqp_ssl_socket_set_verify. Fixes #180, #279, #303
* Win32: check exceptfds in select when connectingwin32_selectAlan Antonuk2015-10-132-9/+25
| | | | | | | | | | | When doing a nonblocking connect() on win32, select() reports failure using exceptfds instead of writefds. Allow this narrow case when doing a non-blocking connect on Win32. See: https://msdn.microsoft.com/en-us/library/windows/desktop/ms740141(v=vs.85).aspx Fixes #297
* autoconf: squash tabs in configure.acAlan Antonuk2015-10-131-30/+30
| | | | Be consistent through the whole file.
* Lib: remove unmaintained SSL backendsAlan Antonuk2015-10-138-1151/+20
| | | | | gnutls, polarssl, and cyassl SSL backends are not maintained, and likely quite broken, remove them.
* Other: Remove unused .hgignore file.Alan Antonuk2015-10-131-40/+0
|
* Other: remove .astyle config.Alan Antonuk2015-10-131-4/+0
| | | | | astyle was used previously to format the code, rabbitmq-c is standarizing on clang-format for code-styling needs.
* VMS: remove OpenVMS-related build-system.Alan Antonuk2015-10-137-240/+0
| | | | The build-system is not tested and very much out of date. Remove this dead code.
* Bumping revision for development.Alan Antonuk2015-10-123-7/+7
|
* Preparation for v0.7.1 release.v0.7.1v071-releaseAlan Antonuk2015-10-124-3/+11
|
* ci: reenable mistakenly removed CFLAGSAlan Antonuk2015-08-102-2/+4
| | | | -Wstrict-prototypes -Wno-unused-function have some use, leave them in.
* build: remove -pedantic and -Wcast-align CFLAGS.Alan Antonuk2015-08-102-5/+2
| | | | | | | | | | | -pedantic combined with -std=* causes excessive warnings about things like long long not being portable, which while true in a global sense isn't the case for the target platforms. -Wcast-align given we don't care about saving every single byte possible, warnings about casts causing the compiler to realign something isn't helpful. Fixes #291
* ci: use container-based builds on travis-ci.Alan Antonuk2015-08-101-0/+3
| | | | See: http://docs.travis-ci.com/user/migrating-from-legacy/
* ci: enable building for OSX on travis-ci.Alan Antonuk2015-08-101-6/+8
|
* Build on OpenBSD by including <sys/socket.h> for setsockopt and ↵Devin Smith2015-07-171-0/+2
| | | | <netinet/in.h> for IPPROTO_TCP definition.
* If channel_max is 0, use server's channel_maxCarl Hörberg2015-07-152-3/+8
|
* Switch travis config to use container based-builders.Alan Antonuk2015-07-091-11/+4
|
* Use WSAEWOULDBLOCK instead of EWOULDBLOCK on Win32win32_wouldblockAlan Antonuk2015-07-071-1/+14
| | | | These are not the same constants, rabbitmq-c fails on Win32 as a result.
* Add missing files to Makefile.ammissing_filesAlan Antonuk2015-06-301-1/+6
|
* Bumping version for development.Alan Antonuk2015-06-163-5/+5
|
* Preparation for v0.7.0 release.v0.7.0Alan Antonuk2015-06-164-9/+31
|
View Lorry Controller Status