deefecc262 
								
							 
						 
						
							
							
								
								lib/server: Close connection when client app-level handshake fails  
							
							... 
							
							
							
							This fixes the following security vulnerability:
 - CVE-2021-42075 DoS via file descriptor exhaustion
The issue has been reported by Matthias Gerstner <mgerstner@suse.de>. 
							
						 
						
							2021-11-01 05:58:21 +02:00  
				
					
						
							
							
								 
						
							
								20f66fe133 
								
							 
						 
						
							
							
								
								lib/common: Clean up declarations of {S,U}Int{8,16,32} types  
							
							
							
						 
						
							2021-11-01 05:56:53 +02:00  
				
					
						
							
							
								 
						
							
								676fa39f9a 
								
							 
						 
						
							
							
								
								lib/platform: Switch remaining ObjC source files to ObjC++  
							
							
							
						 
						
							2021-11-01 05:56:53 +02:00  
				
					
						
							
							
								 
						
							
								00e182d22e 
								
							 
						 
						
							
							
								
								Merge pull request  #1347  from p12tic/enforce-max-message-length  
							
							... 
							
							
							
							Enforce max message length [SECURITY VULNERABILITY CVE-2021-42076] 
							
						 
						
							2021-11-01 05:56:38 +02:00  
				
					
						
							
							
								 
						
							
								dd31d0a539 
								
							 
						 
						
							
							
								
								Merge pull request  #1348  from p12tic/fix-openssl-windows-applink  
							
							... 
							
							
							
							Include openssl applink shim into Windows builds 
							
						 
						
							2021-11-01 05:56:22 +02:00  
				
					
						
							
							
								 
						
							
								e8ac56b045 
								
							 
						 
						
							
							
								
								lib/net: Include openssl applink shim into Windows builds  
							
							
							
						 
						
							2021-11-01 05:48:26 +02:00  
				
					
						
							
							
								 
						
							
								fd5295eb31 
								
							 
						 
						
							
							
								
								lib/barrier: Disconnect client on too long input packets  
							
							... 
							
							
							
							This commit is the 3/3 part of the fix for the following security
vulnerability:
 - CVE-2021-42076 DoS via excess length messages
The issue has been reported by Matthias Gerstner <mgerstner@suse.de>. 
							
						 
						
							2021-11-01 05:18:53 +02:00  
				
					
						
							
							
								 
						
							
								af90f39b4a 
								
							 
						 
						
							
							
								
								lib/net: Limit the maximum size of TCP or SSL input buffers  
							
							... 
							
							
							
							This commit is the 2/3 part of the fix for the following security
vulnerability:
 - CVE-2021-42076 DoS via excess length messages
The issue has been reported by Matthias Gerstner <mgerstner@suse.de>. 
							
						 
						
							2021-11-01 05:18:52 +02:00  
				
					
						
							
							
								 
						
							
								e33c81b835 
								
							 
						 
						
							
							
								
								lib: Enforce a maximum length of input messages  
							
							... 
							
							
							
							This commit is the 1/3 part of the fix for the following security
vulnerability:
 - CVE-2021-42076 DoS via excess length messages
The issue has been reported by Matthias Gerstner <mgerstner@suse.de>. 
							
						 
						
							2021-11-01 05:18:51 +02:00  
				
					
						
							
							
								 
						
							
								cc369820d4 
								
							 
						 
						
							
							
								
								lib/server: Remove unused code  
							
							
							
						 
						
							2021-11-01 05:18:50 +02:00  
				
					
						
							
							
								 
						
							
								7ab8e0101d 
								
							 
						 
						
							
							
								
								lib/server: Add a note about taking pointer to virtual member function  
							
							
							
						 
						
							2021-11-01 05:18:49 +02:00  
				
					
						
							
							
								 
						
							
								b677a0b419 
								
							 
						 
						
							
							
								
								Merge pull request  #1344  from p12tic/windows-build-cleanup  
							
							... 
							
							
							
							Windows build cleanup 
							
						 
						
							2021-11-01 05:16:09 +02:00  
				
					
						
							
							
								 
						
							
								b5adc93e2b 
								
							 
						 
						
							
							
								
								Merge pull request  #1346  from p12tic/client-identity-verification  
							
							... 
							
							
							
							Implement client identity verification [SECURITY VULNERABILITIES CVE-2021-42072, CVE-2021-42073] 
							
						 
						
							2021-11-01 05:15:48 +02:00  
				
					
						
							
							
								 
						
							
								7cacbd1489 
								
							 
						 
						
							
							
								
								gui: Improve formatting of the fingerprint acceptance dialog  
							
							
							
						 
						
							2021-11-01 04:50:17 +02:00  
				
					
						
							
							
								 
						
							
								165100a0d2 
								
							 
						 
						
							
							
								
								gui: Extract barrier type to separate enum  
							
							
							
						 
						
							2021-11-01 04:50:16 +02:00  
				
					
						
							
							
								 
						
							
								229abab99f 
								
							 
						 
						
							
							
								
								Implement client identity verification  
							
							... 
							
							
							
							This commit fixes two security vulnerabilities: CVE-2021-42072 and
CVE-2021-42073.
The issues have been reported by Matthias Gerstner <mgerstner@suse.de>. 
							
						 
						
							2021-11-01 04:50:15 +02:00  
				
					
						
							
							
								 
						
							
								e79bdf333c 
								
							 
						 
						
							
							
								
								gui: Fix fingerprint database being not populated due to missing dirs  
							
							
							
						 
						
							2021-11-01 04:50:14 +02:00  
				
					
						
							
							
								 
						
							
								57769cffda 
								
							 
						 
						
							
							
								
								lib/net: Pass connection security level to within socket classes  
							
							
							
						 
						
							2021-11-01 04:50:13 +02:00  
				
					
						
							
							
								 
						
							
								5c7d7194d5 
								
							 
						 
						
							
							
								
								lib/net: Use enum for connection security level instead of boolean  
							
							
							
						 
						
							2021-11-01 04:50:12 +02:00  
				
					
						
							
							
								 
						
							
								82b8fa905e 
								
							 
						 
						
							
							
								
								lib/net: Improve name of showCertificate() to reflect what it does  
							
							
							
						 
						
							2021-11-01 04:50:11 +02:00  
				
					
						
							
							
								 
						
							
								133e447fb6 
								
							 
						 
						
							
							
								
								lib/net: Don't hardcode fingerprint DB path in verify_cert_fingerprint()  
							
							
							
						 
						
							2021-11-01 04:50:10 +02:00  
				
					
						
							
							
								 
						
							
								8bc280e0dd 
								
							 
						 
						
							
							
								
								gui: Add configuration for requiring client certificates  
							
							
							
						 
						
							2021-11-01 04:50:09 +02:00  
				
					
						
							
							
								 
						
							
								ed32e2e326 
								
							 
						 
						
							
							
								
								gui: Expand checkboxes in settings dialog through both grid columns  
							
							
							
						 
						
							2021-11-01 04:50:08 +02:00  
				
					
						
							
							
								 
						
							
								4d73ed9fdd 
								
							 
						 
						
							
							
								
								lib/net: Present client certificate when connecting to server  
							
							
							
						 
						
							2021-11-01 04:50:07 +02:00  
				
					
						
							
							
								 
						
							
								92ba6f61e6 
								
							 
						 
						
							
							
								
								gui: Move SSL fingerprint labels out of server frame  
							
							... 
							
							
							
							SSL fingerprints will be used to auth both server and client. 
							
						 
						
							2021-11-01 04:50:06 +02:00  
				
					
						
							
							
								 
						
							
								c0ce893711 
								
							 
						 
						
							
							
								
								lib/net: Load client SSL certificates when connecting  
							
							
							
						 
						
							2021-11-01 04:50:05 +02:00  
				
					
						
							
							
								 
						
							
								cb0480fe84 
								
							 
						 
						
							
							
								
								cmake: Silence tr1 deprecation warning on MSVC  
							
							
							
						 
						
							2021-11-01 04:48:56 +02:00  
				
					
						
							
							
								 
						
							
								f9c051fc82 
								
							 
						 
						
							
							
								
								Use cmake --build to build on Windows  
							
							
							
						 
						
							2021-11-01 04:48:56 +02:00  
				
					
						
							
							
								 
						
							
								6d7eca42b7 
								
							 
						 
						
							
							
								
								Merge pull request  #1345  from p12tic/filesystem-cleanup  
							
							... 
							
							
							
							Filesystem operations cleanup 
							
						 
						
							2021-11-01 04:47:16 +02:00  
				
					
						
							
							
								 
						
							
								0f3afed664 
								
							 
						 
						
							
							
								
								gui: Switch SSL certificate handler to barrier::fs paths  
							
							
							
						 
						
							2021-11-01 04:29:54 +02:00  
				
					
						
							
							
								 
						
							
								b76b332f2f 
								
							 
						 
						
							
							
								
								lib/common: Move SSL certificate path definition to common location  
							
							
							
						 
						
							2021-11-01 04:29:53 +02:00  
				
					
						
							
							
								 
						
							
								d033ffa3d8 
								
							 
						 
						
							
							
								
								lib/net: Use fs::is_regular_file() to check for path existence  
							
							
							
						 
						
							2021-11-01 04:29:52 +02:00  
				
					
						
							
							
								 
						
							
								220f9e8274 
								
							 
						 
						
							
							
								
								lib/common: Remove unused file  
							
							
							
						 
						
							2021-11-01 04:29:51 +02:00  
				
					
						
							
							
								 
						
							
								a2ca7e29f5 
								
							 
						 
						
							
							
								
								lib/common: Switch data directories to fs::path  
							
							
							
						 
						
							2021-11-01 04:29:50 +02:00  
				
					
						
							
							
								 
						
							
								298980fa86 
								
							 
						 
						
							
							
								
								lib/common: Move DataDirectories to barrier namespace  
							
							
							
						 
						
							2021-11-01 04:29:49 +02:00  
				
					
						
							
							
								 
						
							
								677612d342 
								
							 
						 
						
							
							
								
								lib/common: Replace PathUtilities::basename with barrier::fs equivalent  
							
							
							
						 
						
							2021-11-01 04:29:48 +02:00  
				
					
						
							
							
								 
						
							
								e7d936b5d7 
								
							 
						 
						
							
							
								
								lib/common: Replace PathUtilities::concat with barrier::fs equivalent  
							
							
							
						 
						
							2021-11-01 04:29:47 +02:00  
				
					
						
							
							
								 
						
							
								bcafdc6783 
								
							 
						 
						
							
							
								
								src/lib: Switch to ghc::filesystem in path utilities  
							
							
							
						 
						
							2021-11-01 04:29:46 +02:00  
				
					
						
							
							
								 
						
							
								a987605513 
								
							 
						 
						
							
							
								
								lib/io: Rename fstream.h to filesystem.h  
							
							
							
						 
						
							2021-11-01 04:29:45 +02:00  
				
					
						
							
							
								 
						
							
								801a5a7084 
								
							 
						 
						
							
							
								
								ext: Add  https://github.com/gulrak/filesystem  for filesystem operations  
							
							
							
						 
						
							2021-11-01 04:29:44 +02:00  
				
					
						
							
							
								 
						
							
								22ac14be8c 
								
							 
						 
						
							
							
								
								Merge pull request  #1343  from p12tic/sha256-fingerprints  
							
							... 
							
							
							
							Add support for SHA256 fingerprints 
							
						 
						
							2021-11-01 04:21:17 +02:00  
				
					
						
							
							
								 
						
							
								a428b61c7d 
								
							 
						 
						
							
							
								
								gui: Add support for SHA256 fingerprints  
							
							... 
							
							
							
							For the time being both SHA1 and SHA256 fingerprints will be shown in
the UI. This allows users to verify new connections between old and new
versions of Barrier. After the initial verification we use SHA256
fingerprints.
The issue has been reported by Matthias Gerstner <mgerstner@suse.de>. 
							
						 
						
							2021-11-01 04:07:09 +02:00  
				
					
						
							
							
								 
						
							
								c7e6fc6c7e 
								
							 
						 
						
							
							
								
								gui: Set the size of the window to the size of the contents  
							
							
							
						 
						
							2021-11-01 04:07:09 +02:00  
				
					
						
							
							
								 
						
							
								b7757fbd68 
								
							 
						 
						
							
							
								
								lib/net: Implement a way to generate fingerprint randomart  
							
							... 
							
							
							
							The code has been copied from OpenSSH. 
							
						 
						
							2021-11-01 04:07:09 +02:00  
				
					
						
							
							
								 
						
							
								a238b27879 
								
							 
						 
						
							
							
								
								gui: Simplify isCertificateValid()  
							
							
							
						 
						
							2021-11-01 04:07:09 +02:00  
				
					
						
							
							
								 
						
							
								7cced74119 
								
							 
						 
						
							
							
								
								lib/net: Use FingerprintData to represent fingerprints  
							
							
							
						 
						
							2021-11-01 04:07:09 +02:00  
				
					
						
							
							
								 
						
							
								50534ecb43 
								
							 
						 
						
							
							
								
								lib/net: Use new FingerprintDatabase to handle fingerprints  
							
							
							
						 
						
							2021-11-01 04:07:09 +02:00  
				
					
						
							
							
								 
						
							
								be8ba0d132 
								
							 
						 
						
							
							
								
								gui: Use new FingerprintDatabase to handle fingerprints  
							
							
							
						 
						
							2021-11-01 04:07:09 +02:00  
				
					
						
							
							
								 
						
							
								9cac96b4af 
								
							 
						 
						
							
							
								
								lib/net: Implement a reusable fingerprint database  
							
							
							
						 
						
							2021-11-01 04:07:09 +02:00  
				
					
						
							
							
								 
						
							
								3e71b468f6 
								
							 
						 
						
							
							
								
								lib: Remove useless empty constructors  
							
							
							
						 
						
							2021-11-01 04:07:09 +02:00