- 02 7月, 2018 3 次提交
-
-
由 Matt Caswell 提交于
Fixes #6389 Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6469)
-
由 Matt Caswell 提交于
Fixes #6574 Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6593)
-
由 Benjamin Kaduk 提交于
We need to check the provided SSL_SESSION* for NULL before attempting to derference it to see if it's a TLS 1.3 session. Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/6622)
-
- 29 6月, 2018 1 次提交
-
-
由 Pauli 提交于
In ssl/t1_lib.c. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6613)
-
- 27 6月, 2018 6 次提交
-
-
由 Matt Caswell 提交于
Currently if you encounter application data while waiting for a close_notify from the peer, and you have called SSL_shutdown() then you will get a -1 return (fatal error) and SSL_ERROR_SYSCALL from SSL_get_error(). This isn't accurate (it should be SSL_ERROR_SSL) and isn't persistent (you can call SSL_shutdown() again and it might then work). We change this into a proper fatal error that is persistent. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/6340)
-
由 Matt Caswell 提交于
In the case where we are shutdown for writing and awaiting a close_notify back from a subsequent SSL_shutdown() call we skip over handshake data that is received. This should not be treated as an error - instead it should be signalled with SSL_ERROR_WANT_READ. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/6340)
-
由 Matt Caswell 提交于
If we've sent a close_notify and we're waiting for one back we drop incoming records until we see the close_notify we're looking for. If SSL_MODE_AUTO_RETRY is on, then we should immediately try and read the next record. Fixes #6262 Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/6340)
-
由 Matt Caswell 提交于
During anti-replay we cache the ticket anyway, so there is no point in using a full stateless ticket. Fixes #6391 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6563)
-
由 Matt Caswell 提交于
Implement support for stateful TLSv1.3 tickets, and use them if SSL_OP_NO_TICKET is set. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6563)
-
由 Matt Caswell 提交于
Separate out as a new function the code to write out data which is specific to a stateless ticket. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6563)
-
- 26 6月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Make SSL_SESSION_print() show a bit more information for TLSv1.3 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6590)
-
- 25 6月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Sessions should be immutable once they are in the cache because they could be shared with other threads. If you change them then this can cause corruptions and races Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6561)
-
- 22 6月, 2018 1 次提交
-
-
由 Nicola Tuveri 提交于
These headers are internal and never exposed to a cpp compiler, hence no need for the preamble. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/6554)
-
- 21 6月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
An alpn_selected value containing NUL bytes in it will result in ext.alpn_selected_len having a larger value than the number of bytes allocated in ext.alpn_selected. Issue found by OSS-fuzz. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6507)
-
- 20 6月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Commit 4aa5a566 accidentally missed off the catch all case of ignoring all warning alerts that are otherwise unhandled. This breaks the SSLv3 tests which send a "no certificate" warning alert. Fixes #6496 [extended tests] Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/6509)
-
- 11 6月, 2018 3 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6370)
-
由 Matt Caswell 提交于
TLSv1.3 ignores the alert level, so we should suppress sending of warning only alerts. Fixes #6211 Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6370)
-
由 Matt Caswell 提交于
In TLSv1.3 we should ignore the severity level of an alert according to the spec. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6370)
-
- 07 6月, 2018 5 次提交
-
-
由 Marcus Huewe 提交于
If the remove_session_cb accesses the session's data (for instance, via SSL_SESSION_get_protocol_version), a potential use after free can occur. For this, consider the following scenario when adding a new session via SSL_CTX_add_session: - The session cache is full (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) - Only the session cache has a reference to ctx->session_cache_tail (that is, ctx->session_cache_tail->references == 1) Since the cache is full, remove_session_lock is called to remove ctx->session_cache_tail from the cache. That is, it SSL_SESSION_free()s the session, which free()s the data. Afterwards, the free()d session is passed to the remove_session_cb. If the callback accesses the session's data, we have a use after free. The free before calling the callback behavior was introduced in commit e4612d02 ("Remove sessions from external cache, even if internal cache not used."). CLA: trivial Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6222)
-
由 Matt Caswell 提交于
Improves readability Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6415)
-
由 Matt Caswell 提交于
We generate the secrets based on the nonce immediately so there is no need to keep the nonce. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6415)
-
由 Matt Caswell 提交于
All tickets on a connection need to have a unique nonce. When this was originally implemented we only ever sent one ticket on the conneciton so this didn't matter. We were just using the value 0. Now we can get multiple tickets to we need to start doing the ticket nonce properly. Fixes #6387 Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6415)
-
由 Matt Caswell 提交于
Commit 61fb5923 broke EAP-FAST support. This fixes it. Fixes #6395 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6428)
-
- 31 5月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Fix some instances where we weren't checking the error return. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6373)
-
- 30 5月, 2018 2 次提交
-
-
由 Dmitry Belyavskiy 提交于
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6168)
-
由 Dmitry Belyavskiy 提交于
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6168)
-
- 29 5月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6371)
-
- 25 5月, 2018 1 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6353)
-
- 23 5月, 2018 2 次提交
-
-
由 Matt Caswell 提交于
The TLSv1.3 spec requires us to use the client application traffic secret during generation of the Finished message following a post handshake authentication. Fixes #6263 Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/6297)
-
由 Kurt Roeckx 提交于
Because TLS 1.3 sends more non-application data records some clients run into problems because they don't expect SSL_read() to return and set SSL_ERROR_WANT_READ after processing it. This can cause problems for clients that use blocking I/O and use select() to see if data is available. It can be cleared using SSL_CTX_clear_mode(). Reviewed-by: NMatt Caswell <matt@openssl.org> GH: #6260
-
- 22 5月, 2018 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6321)
-
由 Tilman Keskinöz 提交于
NULL-check for cipher is redundant, instead check if cipher->name is NULL While here fix formatting of BIO_printf calls as suggested by Andy Polyakov. CLA: trivial Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6282)
-
- 21 5月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
In TLSv1.2 and below we always cache new sessions by default on the server side in the internal cache (even when we're using session tickets). This is in order to support resumption from a session id. In TLSv1.3 there is no session id. It is only possible to resume using the ticket. Therefore, in the default case, there is no point in caching the session in the internal store. There is still a reason to call the external cache new session callback because applications may be using the callbacks just to know about when sessions are created (and not necessarily implementing a full cache). If the application also implements the remove session callback then we are forced to also store it in the internal cache so that we can create timeout events. Otherwise the external cache could just fill up indefinitely. This mostly addresses the issue described in #5628. That issue also proposes having an option to not create full stateless tickets when using the internal cache. That aspect hasn't been addressed yet. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/6293)
-
- 17 5月, 2018 3 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5227)
-
由 Matt Caswell 提交于
Also allows the apps to set it. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5227)
-
由 Matt Caswell 提交于
We send a session ticket automatically in TLSv1.3 at the end of the handshake. This commit provides the ability to set how many tickets should be sent. By default this is one. Fixes #4978 Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5227)
-
- 15 5月, 2018 2 次提交
-
-
由 Matt Caswell 提交于
Also retains support for drafts 27 and 26 Fixes #6257 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6258)
-
由 Matt Caswell 提交于
Fixes #6239 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6253)
-
- 12 5月, 2018 2 次提交
-
-
由 Kurt Roeckx 提交于
Found by OSS-fuzz Bug introduced in commit 61fb5923Reviewed-by: NMatt Caswell <matt@openssl.org> GH: #6235
-
由 Matt Caswell 提交于
In DTLS if we have buffered a fragment for a zero length message (e.g. ServerHelloDone) then, when we unbuffered the fragment, we were attempting to memcpy the contents of the fragment which is zero length and a NULL pointer. This is undefined behaviour. We should check first whether we have a zero length fragment. Fixes a travis issue. [extended tests] Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6223)
-