New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security1 #216
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…laces where it might have gone wrong. Also start adding a decoding depth limit.
locka99
added a commit
that referenced
this pull request
Jun 10, 2022
thedanielhanke
added a commit
to re-gmbh/opcua
that referenced
this pull request
Jun 28, 2022
* mainline/master: (116 commits) Simplify some functions by implementing From trait. Move more async code into session state Give slightly better panic message Fix compiler warning Cleanup import Work in progress Add a default impl for CertificateValidation Allow certificates to look up IP addresses from computer name when generated. Sample key pair set to do this. Add some troubleshooting notes when using demo server for testing Fix unused var warning Add a depth test for decoding nested variants Security1 (locka99#216) Revert "Security1 (locka99#216)" Security1 (locka99#216) Bump regex from 1.5.4 to 1.5.5 (locka99#215) Bump openssl-src from 111.17.0+1.1.1m to 111.20.0+1.1.1o (locka99#214) Move session manager up to server level so sessions are transferrable. Also some enforcement of some but not all activation rules. Fix log4rs.yaml and upgrade crate at same time Create SECURITY.md Some documentation updates ...
thedanielhanke
added a commit
to re-gmbh/opcua
that referenced
this pull request
Jun 28, 2022
* mainline/master: (116 commits) Simplify some functions by implementing From trait. Move more async code into session state Give slightly better panic message Fix compiler warning Cleanup import Work in progress Add a default impl for CertificateValidation Allow certificates to look up IP addresses from computer name when generated. Sample key pair set to do this. Add some troubleshooting notes when using demo server for testing Fix unused var warning Add a depth test for decoding nested variants Security1 (locka99#216) Revert "Security1 (locka99#216)" Security1 (locka99#216) Bump regex from 1.5.4 to 1.5.5 (locka99#215) Bump openssl-src from 111.17.0+1.1.1m to 111.20.0+1.1.1o (locka99#214) Move session manager up to server level so sessions are transferrable. Also some enforcement of some but not all activation rules. Fix log4rs.yaml and upgrade crate at same time Create SECURITY.md Some documentation updates ...
thedanielhanke
added a commit
to re-gmbh/opcua
that referenced
this pull request
Jun 28, 2022
* mainline/master: (116 commits) Simplify some functions by implementing From trait. Move more async code into session state Give slightly better panic message Fix compiler warning Cleanup import Work in progress Add a default impl for CertificateValidation Allow certificates to look up IP addresses from computer name when generated. Sample key pair set to do this. Add some troubleshooting notes when using demo server for testing Fix unused var warning Add a depth test for decoding nested variants Security1 (locka99#216) Revert "Security1 (locka99#216)" Security1 (locka99#216) Bump regex from 1.5.4 to 1.5.5 (locka99#215) Bump openssl-src from 111.17.0+1.1.1m to 111.20.0+1.1.1o (locka99#214) Move session manager up to server level so sessions are transferrable. Also some enforcement of some but not all activation rules. Fix log4rs.yaml and upgrade crate at same time Create SECURITY.md Some documentation updates ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Fixes for potential security issues #211 & #212 - excessive chunks & decoding recursion checks on variants / extension objects