Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge from upstream #48

Merged
merged 10 commits into from
Jul 11, 2018
Merged

Merge from upstream #48

merged 10 commits into from
Jul 11, 2018

Commits on Jul 5, 2018

  1. Increase --abi-serializer-max-time-ms for slow test machines

    @heifner
    heifner committed Jul 5, 2018
    Configuration menu
    Copy the full SHA
    e25b3d0 View commit details
    Browse the repository at this point in the history

  2. Remove rouge '0' from help text

    @spoonincode
    spoonincode committed Jul 5, 2018
    Configuration menu
    Copy the full SHA
    c20903d View commit details
    Browse the repository at this point in the history

  3. 0.1s not enough time for slow darwin test machine

    @heifner
    heifner committed Jul 5, 2018
    Configuration menu
    Copy the full SHA
    1a0a1fb View commit details
    Browse the repository at this point in the history

  4. Merge pull request #4504 from EOSIO/gh#4503-fix-tests 

    Increase --abi-serializer-max-time-ms for slow test machines
    @heifner
    heifner authored Jul 5, 2018
    Configuration menu
    Copy the full SHA
    1a2c7b4 View commit details
    Browse the repository at this point in the history

  5. Merge pull request #4508 from EOSIO/sneaky_zero 

    Remove rouge '0' from help text
    @heifner
    heifner authored Jul 5, 2018
    Configuration menu
    Copy the full SHA
    9871ed6 View commit details
    Browse the repository at this point in the history

Commits on Jul 10, 2018

  1. consolidated security omnibus for 1.0.9 

    - Handle running out of fds on bnet accept
- add basic validation to http `Host` headers on incoming requests
  * the header must exactly match an expected server[:port]
  * missing ports are assumed defaulted based on scheme to 80/443
- add new configuration option `http-alias` to add additional acceptable hosts
  * the host:port present in the http(s) addresses is automatically acceptable but must be exact (localhost === localhost,  localhost !== 127.0.0.1, etc)
- add new configuration option `http-validate-host` which defaults to true, if false these checks are not performed and any `Host` header is acceptable
- correct cleos behavior which was not sending correct `Host` headers when the urls indicated non-default ports

Co-authored-by: Bart Wyatt <bart.wyatt@block.one>
Co-authored-by: Matt Witherspoon <32485495+spoonincode@users.noreply.github.com>
    @b1bart @spoonincode
    b1bart and spoonincode committed Jul 10, 2018
    Configuration menu
    Copy the full SHA
    0a29de7 View commit details
    Browse the repository at this point in the history

Commits on Jul 11, 2018

  1. bump verison to 1.0.9

    @b1bart
    b1bart committed Jul 11, 2018
    Configuration menu
    Copy the full SHA
    4e3d05a View commit details
    Browse the repository at this point in the history

  2. Merge pull request #4580 from EOSIO/feature/1.0.9-security-omnibus 

    consolidated security omnibus for 1.0.9
    @b1bart
    b1bart authored Jul 11, 2018
    Configuration menu
    Copy the full SHA
    71ee626 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #4581 from EOSIO/feature/bump-version-to-1.0.9 

    bump version to 1.0.9
    @b1bart
    b1bart authored Jul 11, 2018
    Configuration menu
    Copy the full SHA
    c6c3923 View commit details
    Browse the repository at this point in the history

  4. Merge pull request #4582 from EOSIO/release/1.0.x 

    Release 1.0.9
    @b1bart
    b1bart authored Jul 11, 2018
    Configuration menu
    Copy the full SHA
    ef654aa View commit details
    Browse the repository at this point in the history