Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
大约 1 年 前同步成功

通知 9
Star 18
Fork 1
T
Third Party Openssl

体验新版 GitCode,发现更多精彩内容 >>

切换分支/标签
  1. 18 7月, 2016 5 次提交
    • M
      Try and make the transition tests for CKE message clearer · 0f512756
      Matt Caswell 提交于 
      The logic testing whether a CKE message is allowed or not was a little
difficult to follow. This tries to clean it up.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
      0f512756
    • M
      Simplify key_exchange_expected() logic · 7d2c13a7
      Matt Caswell 提交于 
      The static function key_exchange_expected() used to return -1 on error.
Commit 361a1191 changed that so that it can never fail. This means that
some tidy up can be done to simplify error handling in callers of that
function.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
      7d2c13a7
    • M
      Make sure we call ssl3_digest_cached_records() when necessary · 149c2ef5
      Matt Caswell 提交于 
      Having received a ClientKeyExchange message instead of a Certificate we
know that we are not going to receive a CertificateVerify message. This
means we can free up the handshake_buffer. However we better call
ssl3_digest_cached_records() instead of just freeing it up, otherwise we
later try and use it anyway and a core dump results. This could happen,
for example, in SSLv3 where we send a CertificateRequest but the client
sends no Certificate message at all. This is valid in SSLv3 (in TLS
clients are required to send an empty Certificate message).

Found using the BoringSSL test suite.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
      149c2ef5
    • M
      Fix SSLv3 alert if no Client Ceritifcate sent after a request for one · 672f3337
      Matt Caswell 提交于 
      In TLS if the server sends a CertificateRequest and the client does not
provide one, if the server cannot continue it should send a
HandshakeFailure alert. In SSLv3 the same should happen, but instead we
were sending an UnexpectedMessage alert. This is incorrect - the message
isn't unexpected - it is valid for the client not to send one - its just
that we cannot continue without one.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
      672f3337
    • M
      Prepare the client certificate earlier · 05c4f1d5
      Matt Caswell 提交于 
      Move the preparation of the client certificate to be post processing work
after reading the CertificateRequest message rather than pre processing
work prior to writing the Certificate message. As part of preparing the
client certificate we may discover that we do not have one available. If
we are also talking SSLv3 then we won't send the Certificate message at
all. However, if we don't discover this until we are about to send the
Certificate message it is too late and we send an empty one anyway. This
is wrong for SSLv3.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
      05c4f1d5
  3. 17 7月, 2016 1 次提交
  5. 15 7月, 2016 1 次提交
  7. 13 7月, 2016 1 次提交
  9. 12 7月, 2016 1 次提交
    • V
      Perform DANE-EE(3) name checks by default · 5ae4ceb9
      Viktor Dukhovni 提交于 
      In light of potential UKS (unknown key share) attacks on some
applications, primarily browsers, despite RFC761, name checks are
by default applied with DANE-EE(3) TLSA records.  Applications for
which UKS is not a problem can optionally disable DANE-EE(3) name
checks via the new SSL_CTX_dane_set_flags() and friends.
Reviewed-by: NRich Salz <rsalz@openssl.org>
      5ae4ceb9
  11. 09 7月, 2016 1 次提交
  13. 03 7月, 2016 1 次提交
  15. 02 7月, 2016 1 次提交
    • M
      Avoid an overflow in constructing the ServerKeyExchange message · 1e16987f
      Matt Caswell 提交于 
      We calculate the size required for the ServerKeyExchange message and then
call BUF_MEM_grow_clean() on the buffer. However we fail to take account of
2 bytes required for the signature algorithm and 2 bytes for the signature
length, i.e. we could overflow by 4 bytes. In reality this won't happen
because the buffer is pre-allocated to a large size that means it should be
big enough anyway.

Addresses an OCAP Audit issue.
Reviewed-by: NRich Salz <rsalz@openssl.org>
      1e16987f
  17. 29 6月, 2016 2 次提交
  19. 27 6月, 2016 1 次提交
  21. 23 6月, 2016 1 次提交
  23. 22 6月, 2016 2 次提交
  25. 19 6月, 2016 1 次提交
  27. 16 6月, 2016 1 次提交
  29. 15 6月, 2016 1 次提交
    • K
      Initialize the session_id · 947f3156
      Kurt Roeckx 提交于 
      ssl_session_hash() always looks at the first 4 bytes, regardless of the length.
A client can send a session id that's shorter, and the callback could also
generate one that's shorter.  So we make sure that the rest of the buffer is
initliazed to 0 so that we always calculate the same hash.

Found by tis-interpreter, also previously reported as RT #2871
Reviewed-by: NRich Salz <rsalz@openssl.org>

MR: #2911
      947f3156
  31. 14 6月, 2016 3 次提交
  33. 11 6月, 2016 1 次提交
  35. 10 6月, 2016 2 次提交
    • L
      RT3720 Increment session miss counter properly · 4f6eaa59
      Laszlo Kovacs 提交于 
      Reviewed-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>
      4f6eaa59
    • T
      Fix session ticket and SNI · 5c753de6
      Todd Short 提交于 
      When session tickets are used, it's possible that SNI might swtich the
SSL_CTX on an SSL. Normally, this is not a problem, because the
initial_ctx/session_ctx are used for all session ticket/id processes.

However, when the SNI callback occurs, it's possible that the callback
may update the options in the SSL from the SSL_CTX, and this could
cause SSL_OP_NO_TICKET to be set. If this occurs, then two bad things
can happen:

1. The session ticket TLSEXT may not be written when the ticket expected
flag is set. The state machine transistions to writing the ticket, and
the client responds with an error as its not expecting a ticket.
2. When creating the session ticket, if the ticket key cb returns 0
the crypto/hmac contexts are not initialized, and the code crashes when
trying to encrypt the session ticket.

To fix 1, if the ticket TLSEXT is not written out, clear the expected
ticket flag.
To fix 2, consider a return of 0 from the ticket key cb a recoverable
error, and write a 0 length ticket and continue. The client-side code
can explicitly handle this case.

Fix these two cases, and add unit test code to validate ticket behavior.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1098)
      5c753de6
  37. 08 6月, 2016 7 次提交
  39. 04 6月, 2016 2 次提交
  41. 01 6月, 2016 2 次提交
  43. 31 5月, 2016 1 次提交
  45. 28 5月, 2016 1 次提交