Stephan Heinrich issues

Results 4 issues of


                                            Stephan Heinrich

remove SSL_OP_NO_TICKET

disabling the tls session resumption causes with the command SSL_shutdown() high memory consumption, when a client authenticates with TLS mutual on /cacerts or/and /csrattrs fixes #56

fix memory leak in /cacert operation on clientside

there is a memory leak on the clientside #### openssl manpage (https://www.openssl.org/docs/man1.0.2/crypto/X509_STORE_CTX_init.html): X509_STORE_CTX_cleanup() internally cleans up an X509_STORE_CTX structure. The context can then be reused with an new call to...

Possible Buffer overflow: add length checks to header creation

### est_client.c: When the generated header is bigger than EST_HTTP_HDR_MAX the ```C /* * Build the HTTP body containing the pkcs10 request */ memcpy_s(http_data + hdr_len, EST_HTTP_REQ_DATA_MAX, bptr->data, (rsize_t)bptr->length); hdr_len...

High heap allocation by the /cacerts-operation on the server

I was able to reach more than **100 MiB** ram usage on the server by issuing /cacerts requests. This only happens when using TLS mutual authentication. When i use http...