Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix #1147 : init frag variable before use. #1149

Closed
wants to merge 2,599 commits into from
Closed

fix #1147 : init frag variable before use. #1149

wants to merge 2,599 commits into from

Conversation

vankoven
Copy link
Contributor

No description provided.

krizhanovsky and others added 30 commits July 6, 2018 22:13
@krizhanovsky
Unification w/ linux/crypto, mbedTLS's symmetric crypto was removed.
e5e8371 
However, linux asymmetric and elliptic crypto seems incomplete, so I leave
the old RSA and ECDH for now. Also note that generally speaking cipher.[ch]
and md.[ch] wrappers are for elimination in future - now they just link
bunch of mbedTLS code w/ linux/crypto.
@aleksostapenko
Fix #1033: Change header name format in HTTP tables configuration (#1033
d206e6f 
).
@krizhanovsky
Multiple cleanups and fixes; Call TLS encryption for min(cwnd,rwnd)
4dfdd09
@aleksostapenko
Correction processing of wildcard '*' argument (#1033).
93b2a52
@krizhanovsky
Send TLS handshake messages in one data chunk, probably in one skb an…
20976f3 
…d even TCP segment;

Multiple handshakes FSM fixes.
@aleksostapenko
Fix #772: Change keepalive and Frang client_body timeouts implementat…
727c681 
…ion.
@aleksostapenko
Fix bug in 'http_field_len' verification in case of duplicated headers.
8930102
@aleksostapenko
Changes according review comments (#1033).
e29d8cc
@aleksostapenko
Correct matching of multiple headers in 'match_hdr_raw()' (#1033).
0bfd5ea
@aleksostapenko
Merge pull request #1036 from tempesta-tech/ao-1033
88252a4 
Fix #1033: Change header name format in HTTP tables configuration.
@aleksostapenko
Merge pull request #1039 from tempesta-tech/ao-772
2c88221 
 Fix #772: Change 'keepalive' and 'client_body' timeouts applying.
@krizhanovsky
Fix TLS record headers writting in multi-record data transfers
134d5a6
@krizhanovsky
1. [FIX] Place server certificate in the same page as read file data.
7807f9f 
   The page is used later as skb page fragment in TLS handshake.
2. Cleanups in PEM decoder.
3. Remove DHM routines called only for FS IO (unused).
4. Revert DTLS routines (dirty code) as it's supposed to used them for QUIC.
@krizhanovsky
Small TLS Handshakes FSM fixes
613497c
@aleksostapenko
Fix #535: Block clients which requests have no session cookie.
ac32d62
@aleksostapenko
Fix #900: Change some comments and add unit tests.
bfc5e90
@aleksostapenko
Additional comment added (#900).
1086abb
@krizhanovsky
Cleanups. Completely remove DTLS as QUIC uses TLS 1.3.
eb03fd6
@aleksostapenko
Merge pull request #1051 from tempesta-tech/ao-900
0801674 
Fix #900: Change some comments and add unit tests.
@vankoven
Fix misspells
d147160
@vankoven
gfsm: don't return PASS if at least one fsm waits for more data
34b21b7
@vankoven
restore current fsm state after after calling registered hooks
86676b5
@vankoven
add current gfsm state debug function
b44561d
@krizhanovsky
1. Multiple fixes in TLS handshake FSM;
cecbc99 
2. Make GFSM traverse skb list and call a FSM for each skb. TLS layer
   must collect skbs before decryption to have AEAD tag, so it sends
   list of decrypted skbs to HTTP layer by GFSM call. However, HTTP
   manages skb list on it's own.
3. Make ttls_decrypt() to work with plain buffers as well as fragmented
   skbs;
4. Some cleanups.
@krizhanovsky
Add links to stable release
864c969
@aleksostapenko
Additional changes according review comments (#535).
aef34eb
@aleksostapenko
Changes in config man (#535).
1c80e93
@krizhanovsky
Make irq_fpu_usable() return true for Tempesta softirqs so that
f40fa64 
SIMD crypto algorithms won't be called through cryptd.
Some cleanups.
@vankoven
gfsm: fix incorrect fsm hook call
a6a492c 
tfw_gfsm_switch() can be called multiple times during tfw_gfsm_move()
call. After each tfw_gfsm_switch() call current FSM is switched
to FSM stated in fsm_hooks. Thus FSM(st) actually points on
child FSM state, not parent one.
@aleksostapenko
Place redir mark after authority during redirection (#535).
9ddd07c
i-rinat
i-rinat reviewed Jan 15, 2019
View reviewed changes
tempesta_fw/msg.c Outdated Show resolved Hide resolved
i-rinat and others added 3 commits January 16, 2019 23:05
@i-rinat
recreate Content-Type request header for multipart/form-data requests
b55524e
@i-rinat
Merge pull request #1139 from tempesta-tech/ri-post-hdr-sanitize
4d9662f 
Sanitize Content-Type for multipart/form-data requests
@i-rinat
follow-up changes (see #1139)
754bf18 
* req->vhost is expected to be non-NULL, as it was checked before;
* disallow multiple instances of http_post_validate at topmost level;
* a typo.
krizhanovsky
krizhanovsky requested changes Jan 18, 2019
View reviewed changes
Copy link
Contributor

@krizhanovsky krizhanovsky left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch and the bug may introduce very nasty crashes and stranges in behaviour, so please merge it ASAP.

Generally agree with @i-rinat on comments except that @frag is checked from NULL at the begin of TFW_STR_FOR_EACH_CHUNK() loop, so it's still needed to initialize frag before first entry to the loop. Also frag assignment in the else branch is required for the check after jumping to this_chunk.

@i-rinat
Copy link
Contributor

i-rinat commented Jan 18, 2019

except that frag is checked from NULL at the begin of TFW_STR_FOR_EACH_CHUNK() loop, so it's still needed to initialize frag before first entry to the loop.

That check looks like a remainder from the older code. The current version tests whenever frag is NULL, but then before it's used, frag is changed again anyway.

i-rinat and others added 5 commits January 18, 2019 22:05
@i-rinat
Merge pull request #1154 from tempesta-tech/ri-pr1139-fixups
3ccc7f4 
follow-up changes (see #1139)
@avbelov23
replace void ptr by union
c457b18
@avbelov23
Merge pull request #1150 from tempesta-tech/ab-str
3d6f8d4 
Replace void ptr by union
@vankoven
fix #1147 : init frag variable before use.
a53a09d
@vankoven
Keep arguments of ss_skb_frag_next syncronized
a6cf66d 
The function receives TfwMsgIter as argumrnt (as the arguments actually),
The 'skb' and 'f' point to specific fragment of the skb. If the condition
is false, then TfwMsgIter->skb and TfwMsgIter->frag may point to
unexisting skb fragment.
@vankoven vankoven force-pushed the ik-fix-uninited-var branch 2 times, most recently from 2121aa5 to f174be8 Compare January 24, 2019 11:32
i-rinat
i-rinat reviewed Jan 25, 2019
View reviewed changes
tempesta_fw/msg.c Outdated Show resolved Hide resolved
i-rinat
i-rinat approved these changes Jan 25, 2019
View reviewed changes
Copy link
Contributor

@i-rinat i-rinat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

@vankoven vankoven mentioned this pull request Jan 28, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@i-rinat i-rinat i-rinat approved these changes

@krizhanovsky krizhanovsky Awaiting requested review from krizhanovsky

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@vankoven @i-rinat @krizhanovsky @aleksostapenko @craig @vladtcvs @avbelov23