[OpenSIPS-Devel] [OpenSIPS/opensips] 41f788: rest_client: Add the 'max_transfer_size' setting
Liviu Chircu
noreply at github.com
Wed Nov 17 13:37:00 EST 2021
Branch: refs/heads/3.2
Home: https://github.com/OpenSIPS/opensips
Commit: 41f78830af42be7508b515eabf986ae8db9f9adb
https://github.com/OpenSIPS/opensips/commit/41f78830af42be7508b515eabf986ae8db9f9adb
Author: Liviu Chircu <liviu at opensips.org>
Date: 2021-11-17 (Wed, 17 Nov 2021)
Changed paths:
M modules/rest_client/doc/rest_client_admin.xml
M modules/rest_client/rest_cb.c
M modules/rest_client/rest_cb.h
M modules/rest_client/rest_client.c
M modules/rest_client/rest_client.h
Log Message:
-----------
rest_client: Add the 'max_transfer_size' setting
Sets a limit on the maximum size of a single download. May be important
for security purposes, to prevent certain attack vectors such as
malicious "x5u" certificate URLs in STIR/SHAKEN setups.
Default: 0 KB (check disabled)
Issue discovered during OpenSIPIt'02,
by Alfred Farrugia & Sandro Gauci (Enable Security)
More information about the Devel
mailing list