mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2025-04-25 16:36:54 +02:00
19 lines
1.2 KiB
Text
19 lines
1.2 KiB
Text
zssp has been moved into it's own crate.
|
|
|
|
zssp has been cut up into several files, only the new zssp.rs file contains the critical security path.
|
|
|
|
Standardized the naming conventions for security variables throughout zssp.
|
|
|
|
Implemented a safer version of write_all for zssp to use. This has 3 benefits: it completely prevents unknown io errors, making error handling easier and self-documenting; it completely prevents src from being truncated in dest, putting in an extra barrier to prevent catastrophic key truncation; and it has slightly less performance overhead than a write_all.
|
|
|
|
Implemented a safer version of read_exact for zssp to use. This has similar benefits to the previous change.
|
|
|
|
Refactored most buffer logic to use safe_read_exact and safe_write_all, the resulting code is less verbose and easier to analyze: Because of this refactor the buffer overrun below was caught.
|
|
|
|
Fixed a buffer overrun panic when decoding alice_ratchet_key_fingerprint
|
|
|
|
Renamed variables and added extra intermediate values so encoding and decoding are more obviously symmetric.
|
|
|
|
Added multiple comments.
|
|
|
|
Removed Box<EphemeralOffer>, EphemeralOffer is now passed out by reference instead of returned up the stack.
|