Skip to content
  1. Oct 15, 2014
  2. Oct 10, 2014
    • Dr. Stephen Henson's avatar
      Preserve digests for SNI. · 4e05aedb
      Dr. Stephen Henson authored
      
      
      SSL_set_SSL_CTX is normally called for SNI after ClientHello has
      received and the digest to use for each certificate has been decided.
      The original ssl->cert contains the negotiated digests and is now
      copied to the new ssl->cert.
      
      PR: 3560
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      4e05aedb
  3. Oct 06, 2014
  4. Sep 29, 2014
    • Dr. Stephen Henson's avatar
      Add additional DigestInfo checks. · 55614f89
      Dr. Stephen Henson authored
      
      
      Reencode DigestInto in DER and check against the original: this
      will reject any improperly encoded DigestInfo structures.
      
      Note: this is a precautionary measure, there is no known attack
      which can exploit this.
      
      Thanks to Brian Smith for reporting this issue.
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      55614f89
  5. Sep 25, 2014
  6. Sep 24, 2014
  7. Sep 21, 2014
  8. Sep 10, 2014
  9. Sep 08, 2014
  10. Sep 05, 2014
    • Adam Langley's avatar
      psk_client_callback, 128-byte id bug. · 13ce52be
      Adam Langley authored
      
      
      Fix a bug in handling of 128 byte long PSK identity in
      psk_client_callback.
      
      OpenSSL supports PSK identities of up to (and including) 128 bytes in
      length. PSK identity is obtained via the psk_client_callback,
      implementors of which are expected to provide a NULL-terminated
      identity. However, the callback is invoked with only 128 bytes of
      storage thus making it impossible to return a 128 byte long identity and
      the required additional NULL byte.
      
      This CL fixes the issue by passing in a 129 byte long buffer into the
      psk_client_callback. As a safety precaution, this CL also zeroes out the
      buffer before passing it into the callback, uses strnlen for obtaining
      the length of the identity returned by the callback, and aborts the
      handshake if the identity (without the NULL terminator) is longer than
      128 bytes.
      
      (Original patch amended to achieve strnlen in a different way.)
      
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      (cherry picked from commit be0d8517)
      13ce52be
  11. Sep 04, 2014
  12. Sep 03, 2014
  13. Sep 02, 2014
  14. Aug 30, 2014
  15. Aug 29, 2014