Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
732d31be
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
8
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
732d31be
编写于
11月 16, 2010
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
bring HEAD up to date, add CVE-2010-3864 fix, update NEWS files
上级
f7d2f17a
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
67 addition
and
20 deletion
+67
-20
CHANGES
CHANGES
+8
-0
NEWS
NEWS
+6
-0
STATUS
STATUS
+11
-2
ssl/t1_lib.c
ssl/t1_lib.c
+42
-18
未找到文件。
CHANGES
浏览文件 @
732d31be
...
...
@@ -161,6 +161,10 @@
Changes between 1.0.0a and 1.0.0b [xx XXX xxxx]
*) Fix extension code to avoid race conditions which can result in a buffer
overrun vulnerability: resumed sessions must not be modified as they can
be shared by multiple threads. CVE-2010-3864
*) Fix WIN32 build system to correctly link an ENGINE directory into
a DLL.
[Steve Henson]
...
...
@@ -1014,6 +1018,10 @@
Changes between 0.9.8o and 0.9.8p [xx XXX xxxx]
*) Fix extension code to avoid race conditions which can result in a buffer
overrun vulnerability: resumed sessions must not be modified as they can
be shared by multiple threads. CVE-2010-3864
*) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
[Steve Henson]
...
...
NEWS
浏览文件 @
732d31be
...
...
@@ -5,6 +5,12 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b:
o Fix for security issue CVE-2010-3864.
o Fix for CVE-2010-2939
o Fix WIN32 build system for GOST ENGINE.
Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a:
o Fix for security issue CVE-2010-1633.
...
...
STATUS
浏览文件 @
732d31be
OpenSSL STATUS Last modified at
______________ $Date: 20
09/04/03 11:45:14
$
______________ $Date: 20
10/11/16 14:18:51
$
DEVELOPMENT STATE
o OpenSSL 1.0.0-beta1: Released on April 1st, 2009
o OpenSSL 1.1.0: Under development...
o OpenSSL 1.0.0b: Released on November 16th, 2010
o OpenSSL 1.0.0a: Released on June 1st, 2010
o OpenSSL 1.0.0: Released on March 29th, 2010
o OpenSSL 0.9.8n: Released on March 24th, 2010
o OpenSSL 0.9.8m: Released on February 25th, 2010
o OpenSSL 0.9.8l: Released on November 5th, 2009
o OpenSSL 0.9.8k: Released on March 25th, 2009
o OpenSSL 0.9.8j: Released on January 7th, 2009
o OpenSSL 0.9.8i: Released on September 15th, 2008
o OpenSSL 0.9.8h: Released on May 28th, 2008
o OpenSSL 0.9.8g: Released on October 19th, 2007
o OpenSSL 0.9.8f: Released on October 11th, 2007
...
...
ssl/t1_lib.c
浏览文件 @
732d31be
...
...
@@ -751,14 +751,23 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
switch
(
servname_type
)
{
case
TLSEXT_NAMETYPE_host_name
:
if
(
s
->
session
->
tlsext_hostname
==
NULL
)
if
(
!
s
->
hit
)
{
if
(
len
>
TLSEXT_MAXLEN_host_name
||
((
s
->
session
->
tlsext_hostname
=
OPENSSL_malloc
(
len
+
1
))
==
NULL
))
if
(
s
->
session
->
tlsext_hostname
)
{
*
al
=
SSL_AD_DECODE_ERROR
;
return
0
;
}
if
(
len
>
TLSEXT_MAXLEN_host_name
)
{
*
al
=
TLS1_AD_UNRECOGNIZED_NAME
;
return
0
;
}
if
((
s
->
session
->
tlsext_hostname
=
OPENSSL_malloc
(
len
+
1
))
==
NULL
)
{
*
al
=
TLS1_AD_INTERNAL_ERROR
;
return
0
;
}
memcpy
(
s
->
session
->
tlsext_hostname
,
sdata
,
len
);
s
->
session
->
tlsext_hostname
[
len
]
=
'\0'
;
if
(
strlen
(
s
->
session
->
tlsext_hostname
)
!=
len
)
{
...
...
@@ -771,7 +780,8 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
}
else
s
->
servername_done
=
strlen
(
s
->
session
->
tlsext_hostname
)
==
len
s
->
servername_done
=
s
->
session
->
tlsext_hostname
&&
strlen
(
s
->
session
->
tlsext_hostname
)
==
len
&&
strncmp
(
s
->
session
->
tlsext_hostname
,
(
char
*
)
sdata
,
len
)
==
0
;
break
;
...
...
@@ -802,15 +812,22 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
*
al
=
TLS1_AD_DECODE_ERROR
;
return
0
;
}
s
->
session
->
tlsext_ecpointformatlist_length
=
0
;
if
(
s
->
session
->
tlsext_ecpointformatlist
!=
NULL
)
OPENSSL_free
(
s
->
session
->
tlsext_ecpointformatlist
);
if
((
s
->
session
->
tlsext_ecpointformatlist
=
OPENSSL_malloc
(
ecpointformatlist_length
))
==
NULL
)
if
(
!
s
->
hit
)
{
*
al
=
TLS1_AD_INTERNAL_ERROR
;
return
0
;
if
(
s
->
session
->
tlsext_ecpointformatlist
)
{
*
al
=
TLS1_AD_DECODE_ERROR
;
return
0
;
}
s
->
session
->
tlsext_ecpointformatlist_length
=
0
;
if
((
s
->
session
->
tlsext_ecpointformatlist
=
OPENSSL_malloc
(
ecpointformatlist_length
))
==
NULL
)
{
*
al
=
TLS1_AD_INTERNAL_ERROR
;
return
0
;
}
s
->
session
->
tlsext_ecpointformatlist_length
=
ecpointformatlist_length
;
memcpy
(
s
->
session
->
tlsext_ecpointformatlist
,
sdata
,
ecpointformatlist_length
);
}
s
->
session
->
tlsext_ecpointformatlist_length
=
ecpointformatlist_length
;
memcpy
(
s
->
session
->
tlsext_ecpointformatlist
,
sdata
,
ecpointformatlist_length
);
#if 0
fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ecpointformatlist (length=%i) ", s->session->tlsext_ecpointformatlist_length);
sdata = s->session->tlsext_ecpointformatlist;
...
...
@@ -831,15 +848,22 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
*
al
=
TLS1_AD_DECODE_ERROR
;
return
0
;
}
s
->
session
->
tlsext_ellipticcurvelist_length
=
0
;
if
(
s
->
session
->
tlsext_ellipticcurvelist
!=
NULL
)
OPENSSL_free
(
s
->
session
->
tlsext_ellipticcurvelist
);
if
((
s
->
session
->
tlsext_ellipticcurvelist
=
OPENSSL_malloc
(
ellipticcurvelist_length
))
==
NULL
)
if
(
!
s
->
hit
)
{
*
al
=
TLS1_AD_INTERNAL_ERROR
;
return
0
;
if
(
s
->
session
->
tlsext_ellipticcurvelist
)
{
*
al
=
TLS1_AD_DECODE_ERROR
;
return
0
;
}
s
->
session
->
tlsext_ellipticcurvelist_length
=
0
;
if
((
s
->
session
->
tlsext_ellipticcurvelist
=
OPENSSL_malloc
(
ellipticcurvelist_length
))
==
NULL
)
{
*
al
=
TLS1_AD_INTERNAL_ERROR
;
return
0
;
}
s
->
session
->
tlsext_ellipticcurvelist_length
=
ellipticcurvelist_length
;
memcpy
(
s
->
session
->
tlsext_ellipticcurvelist
,
sdata
,
ellipticcurvelist_length
);
}
s
->
session
->
tlsext_ellipticcurvelist_length
=
ellipticcurvelist_length
;
memcpy
(
s
->
session
->
tlsext_ellipticcurvelist
,
sdata
,
ellipticcurvelist_length
);
#if 0
fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ellipticcurvelist (length=%i) ", s->session->tlsext_ellipticcurvelist_length);
sdata = s->session->tlsext_ellipticcurvelist;
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录