gogrlx/nats-server
1
0
Fork 0
mirror of https://github.com/gogrlx/nats-server.git synced 2026-04-14 18:20:42 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
9ff8bcde2e46009e98bd9e88f598af355f62c168
nats-server/server
History
Ivan Kozlovic 9ff8bcde2e [FIXED] Possible panic if server receives a maliciously crafted JWT 
This addresses [CVE-2020-26521](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26521)

This is mainly a port of #1624 with some other updates related
to tests.

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
2020-10-21 10:22:57 -06:00
..
configs
Implement basePath for monitoring endpoints
2020-05-13 23:29:11 +02:00
pse
fix string trim func usage in pse
2019-10-15 23:55:13 +08:00
accounts_test.go
[UPDATED] TCP Write and SlowConsumer handling
2019-12-31 15:06:27 -07:00
accounts.go
[FIXED] Possible panic if server receives a maliciously crafted JWT
2020-10-21 10:22:57 -06:00
auth_test.go
Added parser for new style authorizations
2018-08-22 20:41:48 -07:00
auth.go
[FIXED] Better support for distinguishedNameMatch in TLS Auth
2020-09-03 10:12:06 -06:00
ciphersuites.go
Add TLS 1.3 (and new ciphers) in the tlsVersion output
2020-03-18 10:09:23 -06:00
client_test.go
[FIXED] Connection name in log statement for some IPv6 addresses
2020-09-01 08:23:45 -06:00
client.go
[FIXED] Connection name in log statement for some IPv6 addresses
2020-09-01 08:23:45 -06:00
closed_conns_test.go
Fixed issues reported by staticcheck
2019-12-04 17:04:58 -07:00
config_check_test.go
Tune some code/test for Windows
2019-11-21 14:32:46 -07:00
const.go
Release 2.1.8
2020-09-03 15:39:47 -06:00
errors_test.go
Renaming IsErr to ErrorIs
2020-02-25 19:53:09 -05:00
errors.go
Renaming IsErr to ErrorIs
2020-02-25 19:53:09 -05:00
events_test.go
[FIXES] Unnecessary account reloads and pointer to old accounts
2020-05-11 21:51:41 -04:00
events.go
[FIXES] Unnecessary account reloads and pointer to old accounts
2020-05-11 21:51:41 -04:00
gateway_test.go
Fix flappers
2020-08-27 17:07:04 -06:00
gateway.go
[FIXED] Race condition during implicit Gateway reconnection
2020-08-27 14:36:54 -06:00
jwt_test.go
[FIXED] Possible panic if server receives a maliciously crafted JWT
2020-10-21 10:22:57 -06:00
jwt.go
Make ReadOperatorJWT public for embedded use case. Fixes #1050
2019-07-01 11:14:21 -07:00
leafnode_test.go
Fix flappers
2020-08-27 17:07:04 -06:00
leafnode.go
[FIXED] LeafNode solicit failure race could leave conn registered
2020-08-27 15:04:40 -06:00
log_test.go
[FIXED] Log file size limit not honored after re-open signal
2020-09-01 08:11:34 -06:00
log.go
[FIXED] Log file size limit not honored after re-open signal
2020-09-01 08:11:34 -06:00
monitor_sort_opts.go
lint updates
2019-05-06 15:41:38 -07:00
monitor_test.go
Implement basePath for monitoring endpoints
2020-05-13 23:29:11 +02:00
monitor.go
Implement basePath for monitoring endpoints
2020-05-13 23:29:11 +02:00
nkey_test.go
Refactor async client tests
2019-12-12 11:58:24 -07:00
nkey.go
Don't erase nonce on reload
2018-12-06 15:09:14 -08:00
norace_test.go
Fix flappers
2020-08-27 17:07:04 -06:00
opts_test.go
Implement basePath for monitoring endpoints
2020-05-13 23:29:11 +02:00
opts.go
Implement basePath for monitoring endpoints
2020-05-13 23:29:11 +02:00
parser_test.go
Moving inbound tracing to the caller (client.parse)
2020-03-04 17:31:18 -05:00
parser.go
Remove double trace on split buffer
2020-03-13 21:06:30 -04:00
ping_test.go
Update for client rename
2019-05-10 15:11:30 -07:00
reload_test.go
Fix flappers
2020-08-27 17:07:04 -06:00
reload.go
Move reset of internal client to after the account sublist was moved.
2020-05-13 15:52:29 -04:00
ring_test.go
ring buffer test
2018-10-06 14:06:14 -07:00
ring.go
Adding an option to include subscription details in monitoring responses.
2020-03-23 12:25:51 -04:00
route.go
[FIXED] Update remote gateway URLs when node goes away in cluster
2020-04-20 13:48:47 -06:00
routes_test.go
Fix flappers
2020-08-27 17:07:04 -06:00
server_test.go
Fix flappers
2020-08-27 17:07:04 -06:00
server.go
[FIXED] Possible panic if server receives a maliciously crafted JWT
2020-10-21 10:22:57 -06:00
service_test.go
Update license to Apache 2
2018-03-15 22:31:07 -07:00
service_windows.go
Shutdown on Ctrl+C
2019-11-14 20:05:32 -07:00
service.go
Update license to Apache 2
2018-03-15 22:31:07 -07:00
signal_test.go
Update go.mod to satisfy v2 requirements
2019-06-03 19:45:47 -06:00
signal_windows.go
Shutdown on Ctrl+C
2019-11-14 20:05:32 -07:00
signal.go
Shutdown on Ctrl+C
2019-11-14 20:05:32 -07:00
split_test.go
Refactor async client tests
2019-12-12 11:58:24 -07:00
sublist_test.go
Fixed benchmark tests to be able to run with Go 1.13+
2020-02-26 12:12:18 -07:00
sublist.go
[FIXEd] subsz monitoring endpoint did not account for accounts.
2020-05-06 15:48:51 -04:00
trust_test.go
Updates for operator based configurations.
2018-12-02 20:34:33 -08:00
util_test.go
enhance ut for server
2019-01-18 10:54:04 +08:00
util.go
Update to connect/reconnect error reports logic
2019-05-26 17:51:01 -06:00