- 11 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 06 5月, 2015 3 次提交
-
-
由 Rich Salz 提交于
Just as with the OPENSSL_malloc calls, consistently use sizeof(*ptr) for memset and memcpy. Remove needless casts for those functions. For memset, replace alternative forms of zero with 0. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Ensure all fatal errors transition into the new error state on the server side. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Reusing an SSL object when it has encountered a fatal error can have bad consequences. This is a bug in application code not libssl but libssl should be more forgiving and not crash. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 04 5月, 2015 1 次提交
-
-
由 mancha security 提交于
Incorrect name used for SSL_AD_INTERNAL_ERROR. Signed-off-by: Nmancha security <mancha1@zoho.com> Signed-off-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 02 5月, 2015 2 次提交
-
-
由 Rich Salz 提交于
After the finale, the "real" final part. :) Do a recursive grep with "-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are an "if NULL" check that can be removed. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Rich Salz 提交于
There were a dozen-plus instances of this construct: if (0) { label: ..... } Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 01 5月, 2015 2 次提交
-
-
由 Rich Salz 提交于
Don't check for NULL before calling OPENSSL_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Don't check for NULL before calling a free routine. This gets X509_.*free: x509_name_ex_free X509_policy_tree_free X509_VERIFY_PARAM_free X509_STORE_free X509_STORE_CTX_free X509_PKEY_free X509_OBJECT_free_contents X509_LOOKUP_free X509_INFO_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 18 4月, 2015 1 次提交
-
-
由 Emilia Kasper 提交于
A 0-length ciphers list is never permitted. The old code only used to reject an empty ciphers list for connections with a session ID. It would later error out on a NULL structure, so this change just moves the alert closer to the problem source. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 17 4月, 2015 1 次提交
-
-
由 Viktor Dukhovni 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 14 4月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
The ClientHello processing is insufficiently rigorous in its checks to make sure that we don't read past the end of the message. This does not have security implications due to the size of the underlying buffer - but still needs to be fixed. With thanks to Qinghao Tang for reporting this issue. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 28 3月, 2015 1 次提交
-
-
由 Rich Salz 提交于
EVP_.*free; this gets: EVP_CIPHER_CTX_free EVP_PKEY_CTX_free EVP_PKEY_asn1_free EVP_PKEY_asn1_set_free EVP_PKEY_free EVP_PKEY_free_it EVP_PKEY_meth_free; and also EVP_CIPHER_CTX_cleanup Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 26 3月, 2015 1 次提交
-
-
由 Rich Salz 提交于
This gets EC_GROUP_clear_free EC_GROUP_free, EC_KEY_free, EC_POINT_clear_free, EC_POINT_free Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 25 3月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
Ensure RAND_bytes return value is checked correctly, and that we no longer use RAND_pseudo_bytes. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
In ssl3_send_new_session_ticket the message to be sent is constructed. We skip adding the length of the session ticket initially, then call ssl_set_handshake_header, and finally go back and add in the length of the ticket. Unfortunately, in DTLS, ssl_set_handshake_header also has the side effect of buffering the message for subsequent retransmission if required. By adding the ticket length after the call to ssl_set_handshake_header the message that is buffered is incomplete, causing an invalid message to be sent on retransmission. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 24 3月, 2015 1 次提交
-
-
由 Kurt Roeckx 提交于
Also removes for it being NULL Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 23 3月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
Change ssl_set_handshake_header from return void to returning int, and handle error return code appropriately. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Ensure that all functions have their return values checked where appropriate. This covers all functions defined and called from within libssl. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 19 3月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
If client auth is used then a server can seg fault in the event of a DHE cipher being used and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack. CVE-2015-1787 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 16 3月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Missed one file in the #ifdef merge; thanks Kurt. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 11 3月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Suggested by John Foley <foleyj@cisco.com>. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 27 2月, 2015 3 次提交
-
-
由 Matt Caswell 提交于
Fixed various missing return value checks in ssl3_send_newsession_ticket. Also a mem leak on error. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
NETSCAPE_HANG_BUG is a workaround for a browser bug from many years ago (2000). It predates DTLS, so certainly has no place in d1_srvr.c. In s3_srvr.c it forces the ServerDone to appear in the same record as the CertificateRequest when doing client auth. BoringSSL have already made the same commit: 79ae85e4f777f94d91b7be19e8a62016cb55b3c5 Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
the "-hack" option from s_server that set this option. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 06 2月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
This is an ancient bug workaround for Netscape clients. The documentation talks about versions 3.x and 4.x beta. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 03 2月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Update master secret calculation to support extended master secret. TLS 1.2 client authentication adds a complication because we need to cache the handshake messages. This is simpllified however because the point at which the handshake hashes are calculated for extended master secret is identical to that required for TLS 1.2 client authentication (immediately after client key exchange which is also immediately before certificate verify). Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 28 1月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Remove support for SHA0 and DSS0 (they were broken), and remove the ability to attempt to build without SHA (it didn't work). For simplicity, remove the option of not building various SHA algorithms; you could argue that SHA_224/256/384/512 should be kept, since they're like crypto algorithms, but I decided to go the other way. So these options are gone: GENUINE_DSA OPENSSL_NO_SHA0 OPENSSL_NO_SHA OPENSSL_NO_SHA1 OPENSSL_NO_SHA224 OPENSSL_NO_SHA256 OPENSSL_NO_SHA384 OPENSSL_NO_SHA512 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 22 1月, 2015 5 次提交
-
-
由 Matt Caswell 提交于
This should be a one off operation (subsequent invokation of the script should not move them) Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Conflicts: demos/tunala/tunala.h engines/e_padlock.c ssl/s2_clnt.c ssl/s2_lib.c ssl/s2_srvr.c ssl/s3_srvr.c Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 08 1月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Fix to prevent use of DH client certificates without sending certificate verify message. If we've used a client certificate to generate the premaster secret ssl3_get_client_key_exchange returns 2 and ssl3_get_cert_verify is never called. We can only skip the certificate verify message in ssl3_get_cert_verify if the client didn't send a certificate. Thanks to Karthikeyan Bhargavan for reporting this issue. CVE-2015-0205 Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 06 1月, 2015 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Dr. Stephen Henson 提交于
OpenSSL clients would tolerate temporary RSA keys in non-export ciphersuites. It also had an option SSL_OP_EPHEMERAL_RSA which enabled this server side. Remove both options as they are a protocol violation. Thanks to Karthikeyan Bhargavan for reporting this issue. (CVE-2015-0204) Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 03 1月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
MS Server gated cryptography is obsolete and dates from the time of export restrictions on strong encryption and is only used by ancient versions of MSIE. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 31 12月, 2014 1 次提交
-
-
由 Tim Hudson 提交于
indent will not alter them when reformatting comments Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 17 12月, 2014 2 次提交
-
-
由 Adam Langley 提交于
From BoringSSL - Send an alert when the client key exchange isn't correctly formatted. - Reject overly short RSA ciphertexts to avoid a (benign) out-of-bounds memory access. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-