summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorGab Virebent <gab@virebent.art>2026-06-26 19:20:00 +0200
committerGab Virebent <gab@virebent.art>2026-06-26 19:20:00 +0200
commitfb48d1308d2f63f8e9b23c5d1d921783fa0dacbe (patch)
treeceecce2f057cd4ea1e6724305fcd52915939c419 /include
parent41c4bfecc770ea7c914e845e4ac3792cb4a473d3 (diff)
downloadgmnisrv-main.tar.gz
gmnisrv-main.tar.xz
gmnisrv-main.zip
Serve CA full chain (Let's Encrypt), TLS 1.3, fix handshake buffer overflowHEADmain
- tls.c/config.h: read full PEM chain into STACK_OF(X509), send via SSL_set1_chain - tls.c: minimum protocol TLS 1.2 -> TLS 1.3 - server.c: drain handshake output via local buffer loop instead of staging into the fixed 4 KB client buffer (a full CA chain overflowed it -> assert) - FORK.md: describe the fork
Diffstat (limited to 'include')
-rw-r--r--include/config.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/include/config.h b/include/config.h
index f893b20..071c253 100644
--- a/include/config.h
+++ b/include/config.h
@@ -38,6 +38,7 @@ struct gmnisrv_host {
char *hostname;
X509 *x509;
EVP_PKEY *pkey;
+ STACK_OF(X509) *chain;
struct gmnisrv_route *routes;