xCAT/xNBA
2
0
Fork 0
mirror of https://github.com/xcat2/xNBA.git synced 2024-11-25 19:08:35 +00:00
Code Issues Projects Releases Wiki Activity
xCAT Network Boot Agent
4,292 Commits 4 Branches 0 Tags 13 MiB
C 94.5%
Objective-C 2.1%
Assembly 1.3%
Perl 0.9%
Makefile 0.4%
Other 0.7%
72db14640c
Go to file
Michael Brown 72db14640c [tls] Split received records over multiple I/O buffers 
TLS servers are not obliged to implement the RFC3546 maximum fragment
length extension, and many common servers (including OpenSSL, as used
in Apache's mod_ssl) do not do so.  iPXE may therefore have to cope
with TLS records of up to 16kB.  Allocations for 16kB have a
non-negligible chance of failing, causing the TLS connection to abort.

Fix by maintaining the received record as a linked list of I/O
buffers, rather than a single contiguous buffer.  To reduce memory
pressure, we also decrypt in situ, and deliver the decrypted data via
xfer_deliver_iob() rather than xfer_deliver_raw().

Signed-off-by: Michael Brown <mcb30@ipxe.org>
2012-09-27 01:56:01 +01:00
contrib [contrib] Fix rom-o-matic git version number issues 2012-07-23 17:07:31 +01:00
src [tls] Split received records over multiple I/O buffers 2012-09-27 01:56:01 +01:00
COPYING Initial revision 2005-05-17 16:44:57 +00:00
COPYRIGHTS [build] Rename gPXE to iPXE 2010-04-19 23:43:39 +01:00
README [doc] Re-add README file 2010-05-28 00:03:47 +01:00

README 

iPXE README File

Quick start guide:

   cd src
   make

For any more detailed instructions, see http://ipxe.org