Skip to content
  1. Mar 25, 2015
    • Matt Caswell's avatar
      Fix misc NULL derefs in sureware engine · 7b611e5f
      Matt Caswell authored
      
      
      Fix miscellaneous NULL pointer derefs in the sureware engine.
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      7b611e5f
    • Matt Caswell's avatar
      Add ticket length before buffering DTLS message · 4f9fab6b
      Matt Caswell authored
      
      
      In ssl3_send_new_session_ticket the message to be sent is constructed. We
      skip adding the length of the session ticket initially, then call
      ssl_set_handshake_header, and finally go back and add in the length of the
      ticket. Unfortunately, in DTLS, ssl_set_handshake_header also has the side
      effect of buffering the message for subsequent retransmission if required.
      By adding the ticket length after the call to ssl_set_handshake_header the
      message that is buffered is incomplete, causing an invalid message to be
      sent on retransmission.
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      4f9fab6b
    • Matt Caswell's avatar
      Ensure last_write_sequence is saved in DTLS1.2 · d5d0a1cb
      Matt Caswell authored
      
      
      In DTLS, immediately prior to epoch change, the write_sequence is supposed
      to be stored in s->d1->last_write_sequence. The write_sequence is then reset
      back to 00000000. In the event of retransmits of records from the previous
      epoch, the last_write_sequence is restored. This commit fixes a bug in
      DTLS1.2 where the write_sequence was being reset before last_write_sequence
      was saved, and therefore retransmits are sent with incorrect sequence
      numbers.
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      d5d0a1cb
    • Rich Salz's avatar
      free NULL cleanup · d6407083
      Rich Salz authored
      
      
      Start ensuring all OpenSSL "free" routines allow NULL, and remove
      any if check before calling them.
      This gets DH_free, DSA_free, RSA_free
      
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      d6407083
  2. Mar 24, 2015
  3. Mar 23, 2015
  4. Mar 21, 2015