| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
| |
Use amqp_cstring_bytes to construct string instead of doing it manually
as this is error-prone.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
According to "https://www.openssl.org/docs/manmaster/ssl/SSL_get_verify_result.html",
to verify SSL connection result, SSL_get_verify_result() needs to be
called with SSL_get_peer_certificate(). In default mode, which
verify_peer and verify_hostname are activated, then there is no problem
because in verify_hostname, the existence of certificate is confirmed.
However, it is possible that the user want to verify_peer,
but not verify_host. In such case, it is not working as they wanted.
Because with invalid certificate, the attacker can bypass certificate validity check.
|
|
|
|
| |
Issue surfaced by clang static-analyzer v3.5.
|
|
|
|
|
| |
Use amqp_hostcheck instead of strcasecmp, and pass in the correct arguments in
the right order in both SAN and CN codepaths.
|
|
|
|
|
|
|
| |
Use vetted hostname validation code which should fix some of the issues with
memory leaks from incorrect use of the OpenSSL API.
Fixes #325
|
|
|
|
| |
Use enum to specify values returned from amqp_hostcheck.
|
|
|
|
|
|
| |
Use vetted code from https://wiki.openssl.org/index.php/Hostname_validation and
https://github.com/iSECPartners/ssl-conservatory to do hostname validation of
SSL certs when using OpenSSL.
|
|
|
|
| |
Also add some documentation of what the function does.
|
| |
|
|
|
|
|
|
|
|
| |
The cert object should be X509_free'd after use, it leaks otherwise.
Thanks Volker Schreiner for reporting this.
Fixes #323
|
|
|
|
|
|
|
|
|
|
| |
These are usually found in librt. On some systems clock_gettime is also
in librt so checking for it was implicitly satisfying the requirement
for the posix_spawn functions. On newer systems (glibc >2.17 for
example) clock_gettime is also found in libc so AC_SEARCH_LIBS() decides
that it is not necessary to add -lrt to LIBS.
Add an explicit check for posix_spawnp() to decide if -lrt is necessary.
|
|
|
|
|
|
|
| |
amqp_parse_url() calls amqp_default_connection_info() to initialize the output
parameter to sensible defaults that mirror what the Java and .NET do.
Fixes #319
|
|
|
|
|
| |
The current check was not clear in terms of readability, additionally it
confused scan-build.
|
|
|
|
|
| |
amqp_pool_alloc will leak if the initial alloc succeeds, but the alloc for the
block-list fails. This fixes that.
|
| |
|
|
|
|
|
| |
Add amqp_ssl_socket_versions function which allows a user to specify the
acceptable range of TLS versions they want to connect to the broker with.
|
|
|
|
|
| |
SSLv2 and SSLv3 are outdated, and contain serious security vulnerabilities.
Disable these outdated protocols so they cannot be used.
|
|
|
|
|
|
|
|
| |
If a heartbeat timeout occurs skip calling SSL_shutdown as it involves doing a
send() which will likely hang. Additionally don't wait for a response when doing
an SSL_shutdown, as the underlying transport will not be reused.
Fixes #313
|
|
|
|
| |
condition always false (forgotten parenthesis)
|
|
|
|
| |
Fixes #293
|
|
|
|
|
| |
Don't initialize local variable last_error because it is immediately assigned to
and value is not used.
|
| |
|
| |
|
|
|
|
|
| |
Removed superfluous and suspicious cast in amqp_simple_rpc() call. 'replies' is
already a amqp_method_number_t*
|
|
|
|
| |
Use logical-or instead of bitwise-or in preprocessor conditional.
|
|
|
|
| |
Fixes #295
|
|
|
|
|
|
|
|
| |
Add amqp_ssl_socket_set_verify_peer which controls peer certificate validation,
and amqp_ssl_socket_set_verify_hostname which controls hostname validation in
the certificate. Additionally this deprecates amqp_ssl_socket_set_verify.
Fixes #180, #279, #303
|
|
|
|
|
|
|
|
|
|
|
| |
When doing a nonblocking connect() on win32, select() reports failure using
exceptfds instead of writefds. Allow this narrow case when doing a non-blocking
connect on Win32.
See:
https://msdn.microsoft.com/en-us/library/windows/desktop/ms740141(v=vs.85).aspx
Fixes #297
|
|
|
|
| |
Be consistent through the whole file.
|
|
|
|
|
| |
gnutls, polarssl, and cyassl SSL backends are not maintained, and likely quite
broken, remove them.
|
| |
|
|
|
|
|
| |
astyle was used previously to format the code, rabbitmq-c is standarizing on
clang-format for code-styling needs.
|
|
|
|
| |
The build-system is not tested and very much out of date. Remove this dead code.
|
| |
|
| |
|
|
|
|
| |
-Wstrict-prototypes -Wno-unused-function have some use, leave them in.
|
|
|
|
|
|
|
|
|
|
|
| |
-pedantic combined with -std=* causes excessive warnings about things like
long long not being portable, which while true in a global sense isn't the case
for the target platforms.
-Wcast-align given we don't care about saving every single byte possible,
warnings about casts causing the compiler to realign something isn't helpful.
Fixes #291
|
|
|
|
| |
See: http://docs.travis-ci.com/user/migrating-from-legacy/
|
| |
|
|
|
|
| |
<netinet/in.h> for IPPROTO_TCP definition.
|
| |
|
| |
|
|
|
|
| |
These are not the same constants, rabbitmq-c fails on Win32 as a result.
|
| |
|
| |
|
| |
|