summary refs log tree commit diff stats
path: root/lib/pure/net.nim
Commit message (Collapse)AuthorAgeFilesLines
* Only allow IPv4 literals in strict form (#18656)Christian Ulrich2021-08-081-3/+22
| | | | | | | | | | | | | * Only allow IPv4 literals in strict form The strict form as defined in RFC 6943, section 3.1.1 only allows the dotted form ddd.ddd.ddd.ddd of IPv4 literals, where ddd is a one to three digit decimal number between 0 and 255. Until now octal numbers (with a leading zero) were interpreted as decimal numbers which has security implications, see CVE-2021-29922 and CVE-2021-29923. * Update lib/pure/net.nim Co-authored-by: Dominik Picheta <dominikpicheta@googlemail.com>
* various small documentation improvements (#18602)Miran2021-07-281-4/+4
|
* termux ssl (#18520)Paul Roberts2021-07-201-1/+1
|
* deprecate cuchar, don't redefine it (#18505)Andreas Rumpf2021-07-161-3/+3
|
* improve rendering of newOSError.additionalInfo (#18443)Timothee Cour2021-07-071-1/+3
| | | | | * improve rendering of newOSError.additionalInfo * fixup
* std/net: show addr+port on address already in use error; code-block => ↵Timothee Cour2021-07-051-43/+37
| | | | | | | runnableExamples (#18428) * std/net: show addr+port on address already in use error; code-block => runnableExamples * var=>let
* Export sslHandle in `net` and `asyncnet`. (#17573)Ardek Romak2021-05-061-0/+5
|
* Fix buffer-overrun bug in net (#17728) [backport:1.0]shirleyquirk2021-04-161-4/+3
|
* Small doc fixes in net (#17566)Danil Yarantsev2021-03-291-4/+2
|
* Fix net.readLine infine loop #17534 (#17535)ben2021-03-291-0/+1
| | | | | * Fix net.readLine infine loop #17534 * fix #17534 add return to template
* Free the certificate after checking in `checkCertName` (#17558) [backport:1.2]Danil Yarantsev2021-03-291-3/+4
| | | | | | * Fix small leak in checkCertName * Size is not needed either * Free the certificate after checking
* remove redundant void return in stdlib (#17464)Timothee Cour2021-03-231-1/+1
|
* Use `.. warning::` (#17320)konsumlamm2021-03-101-8/+8
|
* use lowercase --define switches (#17283)flywind2021-03-071-1/+1
|
* Replace double backticks with single backticks - Part 3 out of ~7 (#17207)Danil Yarantsev2021-02-281-99/+99
|
* fixes yet another SSL problem on Windows [backport:1.2] (#17167)Andreas Rumpf2021-02-241-1/+1
|
* fix #15215 (#17142)rockcavera2021-02-221-5/+12
| | | | | | | | | | | | | | | | * fix 15215 * fix test * end line * Update tests/stdlib/tnetconnect.nim Co-authored-by: flywind <xzsflywind@gmail.com> * Update lib/pure/net.nim Co-authored-by: flywind <xzsflywind@gmail.com> Co-authored-by: Andreas Rumpf <rumpf_a@web.de>
* add -d:nimStrictMode in CI to keep code from regressing; fixes ↵Timothee Cour2021-02-171-2/+3
| | | | ConvFromXtoItselfNotNeeded, UnusedImport notes (#16764)
* final SSL changes [backport:1.2] (#16983)Andreas Rumpf2021-02-091-0/+11
|
* basic cleanups regarding SSL handling (#16940) [backport:1.0]Andreas Rumpf2021-02-081-3/+5
| | | | | | | * basic cleanups regarding SSL handling * enabled certificate checking on Windows * updated the SSL test * quoting helps
* fix some warnings (#16952)flywind2021-02-081-6/+6
|
* use typeof instead type (#16962)flywind2021-02-081-2/+2
|
* Deprecate TaintedString (#15423)Juan Carlos2021-01-151-4/+4
| | | | Co-authored-by: Timothee Cour <timothee.cour2@gmail.com> Co-authored-by: Dominik Picheta <dominikpicheta@googlemail.com>
* styleCheck: Fix some inconsistent identifiers (#16177)ee72020-12-211-4/+4
|
* Fix broken links in docs (#16336)Elliot Waite2020-12-141-1/+1
| | | | | * Fix broken links in docs * Fix rand HSlice links
* fix #15698 (#15699)rockcavera2020-10-251-0/+4
| | | | | | | | | | | * fix in the net.`$` to print zeros that are not in the compressed group * Update lib/pure/net.nim Co-authored-by: Andreas Rumpf <rumpf_a@web.de> * Update net.nim Co-authored-by: Andreas Rumpf <rumpf_a@web.de>
* close socket in getPrimaryIPAddr even if exception occurs (#15558)Christian Ulrich2020-10-121-3/+5
|
* close socket in getPrimaryIPAddr (#15538) [backport]Christian Ulrich2020-10-101-1/+2
|
* Fixing issue #15302 -- lwip doesn't support signals (#15303)Jaremy Creechley2020-09-141-2/+2
| | | | | | | | * Fixing issue #15302 -- lwip doesn't support signals * Adding test to catch issue #15302 -- lwip/freertos net library don't try to build / run on windows, it'll compile only but not run Fixing issue #15302 -- reworking test to compile on other platforms
* Add SSL_CTX_set_session_id_context (#15233)IDF2020-09-041-0/+16
| | | | | | | | | * Added SSL_CTX_set_session_id_context() * Added basic nimdoc * Raise an error if sessionIdContext is longer than the maximum length * Update nimdocs
* Added more SSL documentation to `net` module. (#15206)John Dupuy2020-08-221-3/+17
| | | | | | | | | | | | | | | | | | | | | | * Added more SSL documentation to `net` module. * Changed two of the net.nim doc refs to links. * Update lib/pure/net.nim doc wording. Co-authored-by: Dominik Picheta <dominikpicheta@googlemail.com> * Update lib/pure/net.nim - added space to doc URI Co-authored-by: alaviss <leorize+oss@disroot.org> * Fixed another doc URI in net module. * For net module doc added warning to connect procedure. * Update net.nim Co-authored-by: Dominik Picheta <dominikpicheta@googlemail.com> Co-authored-by: alaviss <leorize+oss@disroot.org>
* fixes #15177, the error message is now what it should have been (#15195)Andreas Rumpf2020-08-171-1/+1
|
* net: allow close() to ignore SSL failures due to disconnections (#15120)alaviss2020-08-011-8/+98
| | | | | | | | | | | | | | * net: allow close() to ignore SSL failures due to disconnections Comes with this PR is also a SIGPIPE handling contraption. * net: don't do selectSigpipe() on macOS macOS sockets have SO_NOSIGPIPE set, so an EPIPE doesn't necessary mean that a SIGPIPE happened. * net: fix alreadyBlocked logic * net: WSAESHUTDOWN is also a disconnection error
* asyncnet, net: don't attempt SSL_shutdown if a fatal error occurred (#15066)alaviss2020-07-301-30/+43
| | | | | | | | | | | | | | | | | | | | | | | | | * asyncnet, net: don't attempt SSL_shutdown if a fatal error occurred Per TLS standard and SSL_shutdown(3ssl). This should prevent errors coming from a close() after a bad event (ie. the other end of the pipe is closed before shutdown can be negotiated). Ref #9867 * tssl: try sending until an error occur * tssl: cleanup * tssl: actually run the test I forgot to make the test run :P * tssl: run the test on ARC, maybe then it'll be happy * tssl: turns off ARC, switch tlsEmulation on for freebsd * tssl: document why tlsEmulation is employed * net: move SafeDisconn handling logic to socketError
* Fix style inconsistencies due to the previous commitnarimiran2020-07-061-55/+55
|
* revert 0944b0f4narimiran2020-07-061-55/+55
|
* {.deprecated: [existsFile: fileExists].} (#14735)Timothee Cour2020-07-021-2/+2
| | | | | | | | | * {.deprecated: [existsFile: fileExists].} * s/existsFile/fileExists/ except under deps * workaround pending #14819 * fix test
* SSL_CTX_load_verify_locations parameters are reversed (#14815) [backport]aguspiza2020-06-291-1/+1
|
* net: also set TLSv1.3 cipher suitesLeorize2020-06-061-0/+7
|
* net: revert compatibility changes for WindowsLeorize2020-06-061-5/+2
| | | | | This reverts commit d53a6355f3ad4401731142d8fc66b95ecfdfb321 and 688b1f250ed058ecc49737dc75fd089206fa25b9.
* net: use CiphersOld list for WindowsLeorize2020-06-061-1/+4
| | | | | | | The default DLLs shipped are too old, switch to CiphersOld list to ensure compatibility. This commit should be reverted before any future release.
* net: don't call set_ecdh_auto for super old OpenSSLLeorize2020-06-061-1/+1
| | | | | And the fun thing is that currently we use a super old OpenSSL on Windows.
* net: enable automatic EC curve selection for OpenSSL 1.0.2Leorize2020-06-061-0/+7
| | | | | This setting is required for servers running OpenSSL < 1.1.0 to support EC-based secure ciphers that is now part of the default cipher list.
* net: use a secure cipher list by defaultLeorize2020-06-061-1/+2
| | | | | | | | | | | Previously, the `net` module use the blanket "ALL" as the default cipher list. This list may contain security ciphers that are weak and/or outdated according to the current standard. This commit introduces a new module `ssl_config` that contains the latest OpenSSL configurations as recommended by Mozilla OpSec, and make the `net` module use the cipher list targeting `intermediate` compatibility level as the default.
* asyncnet, net: clear openssl error queue before performing I/OLeorize2020-06-061-0/+7
| | | | | | | | | | | | Per SSL_get_error(3): The current thread's error queue must be empty before the TLS/SSL I/O operation is attempted, or SSL_get_error() will not work reliably. There has been records of not clearing the error queue causing weird SSL errors when there shouldn't be any, see: https://github.com/openssl/openssl/issues/11889
* openssl: fix erroneous function signaturesLeorize2020-06-061-2/+0
| | | | Now matches the declaration in openssl/err.h
* net: don't clear error queue unless shutdown() will be performedLeorize2020-06-061-1/+1
|
* Revert "net: don't clear all errors on close"Leorize2020-06-061-0/+1
| | | | | | | You're supposed to clear the error queue before any I/O operations. Per SSL_get_error(3) man page. This reverts commit ee3ed37300743addb1344e39bc46d3cd2b89a718.
* net: don't clear all errors on closeLeorize2020-06-061-1/+0
| | | | | | | Closing a socket clears the error queue of the entire thread, which seems to be a bit too invasive. Also I don't find any reason in the PR that added this.
* asyncnet, net: call SSL_shutdown only when connection establishedLeorize2020-06-061-9/+13
| | | | | | This commit prevents "SSL_shutdown while in init" errors from happening. See https://github.com/openssl/openssl/issues/710#issuecomment-253897666
generated by cgit-pink 1.4.1-2-gfad0 (git 2.36.2.497.gbbea4dcf42) at 2025-07-21 15:47:44 +0000