- 16 3月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Missed one file in the #ifdef merge; thanks Kurt. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 15 3月, 2015 1 次提交
-
-
由 Kurt Roeckx 提交于
It created the cert structure in SSL_CTX or SSL if it was NULL, but they can never be NULL as the comments already said. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 12 3月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
If SSL_check_chain is called with a NULL X509 object or a NULL EVP_PKEY or the type of the public key is unrecognised then the local variable |cpk| in tls1_check_chain does not get initialised. Subsequently an attempt is made to deref it (after the "end" label), and a seg fault will result. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 Andy Polyakov 提交于
[and respect error return value in ssltest.c] Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 11 3月, 2015 3 次提交
-
-
由 Rich Salz 提交于
Suggested by John Foley <foleyj@cisco.com>. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
Cleanse various intermediate buffers used by the PRF. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Emilia Kasper 提交于
Ensure all malloc failures return -1. Reported by Adam Langley (Google). Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 10 3月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Fix security issue where under certain conditions a client can complete a handshake with an unseeded PRNG. The conditions are: - Client is on a platform where the PRNG has not been seeded, and the user has not seeded manually - A protocol specific client method version has been used (i.e. not SSL_client_methodv23) - A ciphersuite is used that does not require additional random data from the PRNG beyond the initial ClientHello client random (e.g. PSK-RC4-SHA) If the handshake succeeds then the client random that has been used will have been generated from a PRNG with insufficient entropy and therefore the output may be predictable. For example using the following command with an unseeded openssl will succeed on an unpatched platform: openssl s_client -psk 1a2b3c4d -tls1_2 -cipher PSK-RC4-SHA CVE-2015-0285 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 09 3月, 2015 2 次提交
-
-
由 David Woodhouse 提交于
Since commit 741c9959 ("DTLS revision."), we put the wrong protocol version into our ClientHello for DTLS1_BAD_VER. The old DTLS code which used ssl->version was replaced by the more generic SSL3 code which uses ssl->client_version. The Cisco ASA no longer likes our ClientHello. RT#3711 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Commit 9cf0f187 in HEAD, and 68039af3 in 1.0.2, removed a version check from dtls1_buffer_message() which was needed to distinguish between DTLS 1.x and Cisco's pre-standard version of DTLS (DTLS1_BAD_VER). Based on an original patch by David Woodhouse <dwmw2@infradead.org> RT#3703 Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 05 3月, 2015 2 次提交
-
-
由 Kurt Cancemi 提交于
This patch uses warning/fatal constants instead of numbers with comments for warning/alerts in d1_pkt.c and s3_pkt.c RT#3725 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Miscellaneous unchecked malloc fixes. Also fixed some mem leaks on error paths as I spotted them along the way. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 02 3月, 2015 1 次提交
-
-
由 Rich Salz 提交于
These ciphers are removed: TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA TLS1_CK_DHE_DSS_WITH_RC4_128_SHA They were defined in a long-expired IETF internet-draft: draft-ietf-tls-56-bit-ciphersuites-01.txt Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 28 2月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Some Cisco appliances use a pre-standard version number for DTLS. We support this as DTLS1_BAD_VER within the code. This change fixes d2i_SSL_SESSION for that DTLS version. Based on an original patch by David Woodhouse <dwmw2@infradead.org> RT#3704 Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 27 2月, 2015 4 次提交
-
-
由 Matt Caswell 提交于
Added various missing return value checks in tls1_change_cipher_state. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Fixed various missing return value checks in ssl3_send_newsession_ticket. Also a mem leak on error. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
NETSCAPE_HANG_BUG is a workaround for a browser bug from many years ago (2000). It predates DTLS, so certainly has no place in d1_srvr.c. In s3_srvr.c it forces the ServerDone to appear in the same record as the CertificateRequest when doing client auth. BoringSSL have already made the same commit: 79ae85e4f777f94d91b7be19e8a62016cb55b3c5 Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
the "-hack" option from s_server that set this option. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 24 2月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 13 2月, 2015 1 次提交
-
-
由 Eric Dequin 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 11 2月, 2015 4 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
When writing out the hint, if the hint > 0, then we write it out otherwise we skip it. Previously when reading the hint back in, if were expecting to see one (because the ticket length > 0), but it wasn't present then we set the hint to -1, otherwise we set it to 0. This fails to set the hint to the same as when it was written out. The hint should never be negative because the RFC states the hint is unsigned. It is valid for a server to set the hint to 0 (this means the lifetime is unspecified according to the RFC). If the server set it to 0, it should still be 0 when we read it back in. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
SSL_SESSION_get_ticket_lifetime_hint. The latter has been reported as required to fix Qt for OpenSSL 1.1.0. I have also added the former in order to determine whether a ticket is present or not - otherwise it is difficult to know whether a zero lifetime hint is because the server set it to 0, or because there is no ticket. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
From RFC4507: "The ticket_lifetime_hint field contains a hint from the server about how long the ticket should be stored. The value indicates the lifetime in seconds as a 32-bit unsigned integer in network byte order." Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 07 2月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
There is no mechanism to do that at the moment - SSL_set_bio makes changes to the wbio even if you pass in SSL_get_wbio(). This commit introduces two new API functions SSL_set_rbio() and SSL_set_wbio(). These do the same job as SSL_set_bio() except they enable you to manage the rbio and wbio individually. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 06 2月, 2015 5 次提交
-
-
由 Rich Salz 提交于
I left many "#if 0" lines, usually because I thought we would probably want to revisit them later, or because they provided some useful internal documentation tips. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Rich Salz 提交于
The mkstack.pl script now generates the entire safestack.h file. It generates output that follows the coding style. Also, removed all instances of the obsolete IMPLEMENT_STACK_OF macro. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Matt Caswell 提交于
This is an ancient bug workaround for Netscape clients. The documentation talks about versions 3.x and 4.x beta. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
A few minor cleanups to remove pre-processor "#if 1" stuff. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 04 2月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 03 2月, 2015 8 次提交
-
-
由 Dr. Stephen Henson 提交于
Document SSL_get_extms_support(). Modify behaviour of SSL_get_extms_support() so it returns -1 if the master secret support of the peer is not known (e.g. handshake in progress). Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Update master secret calculation to support extended master secret. TLS 1.2 client authentication adds a complication because we need to cache the handshake messages. This is simpllified however because the point at which the handshake hashes are calculated for extended master secret is identical to that required for TLS 1.2 client authentication (immediately after client key exchange which is also immediately before certificate verify). Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Add and retrieve extended master secret extension, setting the flag SSL_SESS_FLAG_EXTMS appropriately. Note: this just sets the flag and doesn't include the changes to master secret generation. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Rewrite ssl3_send_client_key_exchange to retain the premaster secret instead of using it immediately. This is needed because the premaster secret is used after the client key exchange message has been sent to compute the extended master secret. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Retrieve handshake hashes in a separate function. This tidies the existing code and will be used for extended master secret generation. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Add a "flags" field to SSL_SESSION. This will contain various flags such as encrypt-then-mac and extended master secret support. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 01 2月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-