- 30 10月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
The function ssl3_get_message gets a whole message from the underlying bio and returns it to the state machine code. The new state machine code will split this into two discrete steps: get the message header and get the message body. This commit splits the existing function into these two sub steps to facilitate the state machine implementation. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 24 10月, 2015 2 次提交
-
-
由 Alessandro Ghedini 提交于
RT#4081 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Alessandro Ghedini 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 21 10月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Change the sanity check in PACKET_buf_init to check for excessive length buffers, which should catch the interesting cases where len has been cast from a negative value whilst avoiding any undefined behaviour. RT#4094 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 15 10月, 2015 2 次提交
-
-
由 Emilia Kasper 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Emilia Kasper 提交于
False positive: gcc (4.8) can't figure out the SSL_IS_DTLS logic. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 11 10月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
PR#4035 Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 09 10月, 2015 1 次提交
-
-
由 Emilia Kasper 提交于
Note that this commit constifies a user callback parameter and therefore will break compilation for applications using this callback. But unless they are abusing write access to the buffer, the fix is trivial. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 08 10月, 2015 1 次提交
-
-
由 Emilia Kasper 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 07 10月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
The function ssl_check_for_safari fingerprints the incoming extensions to see whether it is one of the broken versions of safari. However it was failing to reset the PACKET back to the same position it started in, hence causing some extensions to be skipped incorrectly. Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Emilia Kasper 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 06 10月, 2015 6 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Alessandro Ghedini 提交于
RT#4069 Reviewed-by: NEmilia Käsper <emilia@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Emilia Kasper 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Emilia Kasper 提交于
The user callback takes a non-const pointer, so don't pass PACKET data to it directly; rather, grab a local copy. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Emilia Kasper 提交于
Fix alerts. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Emilia Kasper 提交于
Move all packet parsing to the beginning of the method. This limits the SSLv2 compatibility soup to the parsing, and makes the rest of the processing uniform. This is also needed for simpler EMS support: EMS servers need to do an early scan for EMS to make resumption decisions. This'll be easier when the entire ClientHello is parsed in the beginning. As a side effect, 1) PACKETize ssl_get_prev_session and tls1_process_ticket; and 2) Delete dead code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 05 10月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NBen Laurie <ben@openssl.org>
-
- 03 10月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 01 10月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
This patch updates the "DEFAULT" cipherstring to be "ALL:!COMPLEMENTOFDEFAULT:!eNULL". COMPLEMENTOFDEFAULT is now defined internally by a flag on each ciphersuite indicating whether it should be excluded from DEFAULT or not. This gives us control at an individual ciphersuite level as to exactly what is in DEFAULT and what is not. Finally all DES, RC4 and RC2 ciphersuites are added to COMPLEMENTOFDEFAULT and hence removed from DEFAULT. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 30 9月, 2015 1 次提交
-
-
由 David Woodhouse 提交于
Much related/similar work also done by Ivan Nestlerode <ivan.nestlerode@sonos.com> +Replace FILE BIO's with dummy ops that fail. +Include <stdio.h> for sscanf() even with no-stdio (since the declaration is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment variable, since it can be larger than a 'long'. And we don't rely on the availability of strtoull(). +Remove OPENSSL_stderr(); not used. +Make OPENSSL_showfatal() do nothing (currently without stdio there's nothing we can do). +Remove file-based functionality from ssl/. The function prototypes were already gone, but not the functions themselves. +Remove unviable conf functionality via SYS_UEFI +Add fallback definition of BUFSIZ. +Remove functions taking FILE * from header files. +Add missing DECLARE_PEM_write_fp_const +Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out, so remove its prototype. +Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid(). +Eliminate SRP_VBASE_init() and supporting functions. Users will need to build the verifier manually instead. +Eliminate compiler warning for unused do_pk8pkey_fp(). +Disable TEST_ENG_OPENSSL_PKEY. +Disable GOST engine as is uses [f]printf all over the place. +Eliminate compiler warning for unused send_fp_chars(). Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 28 9月, 2015 2 次提交
-
-
由 Emilia Kasper 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Emilia Kasper 提交于
RFC 5077 section 3.3 says: If the server determines that it does not want to include a ticket after it has included the SessionTicket extension in the ServerHello, then it sends a zero-length ticket in the NewSessionTicket handshake message. Previously the client would fail upon attempting to allocate a zero-length buffer. Now, we have the client ignore the empty ticket and keep the existing session. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 25 9月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Previously you could only set both the default path and file locations together. This adds the ability to set one without the other. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 23 9月, 2015 5 次提交
-
-
由 Matt Caswell 提交于
Add a sanity check that the cookie_len returned by app_gen_cookie_cb is valid. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Matt Caswell 提交于
The old implementation of DTLSv1_listen which has now been replaced still had a few vestiges scattered throughout the code. This commit removes them. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Matt Caswell 提交于
The existing implementation of DTLSv1_listen() is fundamentally flawed. This function is used in DTLS solutions to listen for new incoming connections from DTLS clients. A client will send an initial ClientHello. The server will respond with a HelloVerifyRequest containing a unique cookie. The client the responds with a second ClientHello - which this time contains the cookie. Once the cookie has been verified then DTLSv1_listen() returns to user code, which is typically expected to continue the handshake with a call to (for example) SSL_accept(). Whilst listening for incoming ClientHellos, the underlying BIO is usually in an unconnected state. Therefore ClientHellos can come in from *any* peer. The arrival of the first ClientHello without the cookie, and the second one with it, could be interspersed with other intervening messages from different clients. The whole purpose of this mechanism is as a defence against DoS attacks. The idea is to avoid allocating state on the server until the client has verified that it is capable of receiving messages at the address it claims to come from. However the existing DTLSv1_listen() implementation completely fails to do this. It attempts to super-impose itself on the standard state machine and reuses all of this code. However the standard state machine expects to operate in a stateful manner with a single client, and this can cause various problems. A second more minor issue is that the return codes from this function are quite confused, with no distinction made between fatal and non-fatal errors. Most user code treats all errors as non-fatal, and simply retries the call to DTLSv1_listen(). This commit completely rewrites the implementation of DTLSv1_listen() and provides a stand alone implementation that does not rely on the existing state machine. It also provides more consistent return codes. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Emilia Kasper 提交于
Get rid of the third field that is no longer needed. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Emilia Kasper 提交于
Since SSLv3, a CipherSuite is always 2 bytes. The only place where we need 3-byte ciphers is SSLv2-compatible ClientHello processing. So, remove the ssl_put_cipher_by_char indirection. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 20 9月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 9月, 2015 2 次提交
-
-
由 Emilia Kasper 提交于
It's unused, and the same functionality can be achieved with saving a copy of the struct. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Emilia Kasper 提交于
The bookmark API results in a lot of boilerplate error checking that can be much more easily achieved with a simple struct copy. It also lays the path for removing the third PACKET field. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 17 9月, 2015 3 次提交
-
-
由 Filipe DA SILVA 提交于
Make sure it's valid very early. Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Emilia Kasper 提交于
Simplify encrypted premaster secret reading by using new methods in the PACKET API. Don't overwrite the packet buffer. RSA decrypt accepts truncated ciphertext with leading zeroes omitted, so it's even possible that by crafting a valid ciphertext with several leading zeroes, this could cause a few bytes out-of-bounds write. The write is harmless because of the size of the underlying message buffer, but nevertheless we shouldn't write into the packet. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Kurt Roeckx 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> MR #1128
-
- 16 9月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 15 9月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
For server use a PSK identity hint value in the CERT structure which is inherited when SSL_new is called and which allows applications to set hints on a per-SSL basis. The previous version of SSL_use_psk_identity_hint tried (wrongly) to use the SSL_SESSION structure. PR#4039 Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 11 9月, 2015 1 次提交
-
-
由 Ben Laurie 提交于
-Wincompatible-pointer-types-discards-qualifiers (the latter did not require any code changes). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 10 9月, 2015 1 次提交
-
-
由 Emilia Kasper 提交于
Reviewed-by: NDr Stephen Henson <steve@openssl.org>
-
- 09 9月, 2015 1 次提交
-
-
由 Emilia Kasper 提交于
Use each once in s3_srvr.c to show how they work. Also fix a bug introduced in c3fc7eea and made apparent by this change: ssl3_get_next_proto wasn't updating next_proto_negotiated_len Reviewed-by: NMatt Caswell <matt@openssl.org>
-