Skip to content
  1. Oct 31, 2017
  2. Oct 25, 2017
  3. Oct 07, 2017
  4. Aug 30, 2017
  5. Aug 27, 2017
  6. Aug 15, 2017
  7. Aug 07, 2017
  8. Jul 25, 2017
  9. Jul 03, 2017
  10. Jun 29, 2017
  11. Jun 28, 2017
  12. Jun 27, 2017
    • Richard Levitte's avatar
      util/mkerr.pl: allow module names prefixed with OSSL_ or OPENSSL_ · 4b2799c1
      Richard Levitte authored
      
      
      To make sure that our symbols don't clash with other libraries, we
      claim the namespaces OSSL and OPENSSL.  Because C doesn't provide
      namespaces, the only solution is to have them as prefixes on symbols,
      thus we allow OSSL_ and OPENSSL_ as prefixes.
      
      These namespace prefixes are optional for the foreseeable future, and
      will only be used for new modules as needed on a case by case basis,
      until further notice.
      
      For extra safety, there's an added requirement that module names -
      apart from the namespace prefix - be at least 2 characters long.
      
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/3781)
      4b2799c1
  13. Jun 19, 2017
  14. Jun 16, 2017
  15. Jun 08, 2017
  16. Jun 02, 2017
  17. May 31, 2017
  18. May 25, 2017
  19. May 17, 2017
    • Matt Caswell's avatar
      Don't allow fragmented alerts · bd990e25
      Matt Caswell authored
      
      
      An alert message is 2 bytes long. In theory it is permissible in SSLv3 -
      TLSv1.2 to fragment such alerts across multiple records (some of which
      could be empty). In practice it make no sense to send an empty alert
      record, or to fragment one. TLSv1.3 prohibts this altogether and other
      libraries (BoringSSL, NSS) do not support this at all. Supporting it adds
      significant complexity to the record layer, and its removal is unlikely
      to cause inter-operability issues.
      
      The DTLS code for this never worked anyway and it is not supported at a
      protocol level for DTLS. Similarly fragmented DTLS handshake records only
      work at a protocol level where at least the handshake message header
      exists within the record. DTLS code existed for trying to handle fragmented
      handshake records smaller than this size. This code didn't work either so
      has also been removed.
      
      Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/3476)
      bd990e25
  20. Apr 27, 2017
  21. Apr 20, 2017
  22. Apr 10, 2017
  23. Apr 07, 2017
  24. Mar 30, 2017
  25. Mar 29, 2017
  26. Mar 28, 2017
  27. Mar 15, 2017
  28. Mar 14, 2017
  29. Mar 13, 2017
  30. Mar 02, 2017
  31. Feb 28, 2017
  32. Feb 24, 2017
  33. Feb 16, 2017
  34. Feb 01, 2017
  35. Jan 26, 2017
  36. Nov 28, 2016
    • Emilia Kasper's avatar
      Test mac-then-encrypt · b3618f44
      Emilia Kasper authored
      
      
      Verify that the encrypt-then-mac negotiation is handled
      correctly. Additionally, when compiled with no-asm, this test ensures
      coverage for the constant-time MAC copying code in
      ssl3_cbc_copy_mac. The proxy-based CBC padding test covers that as
      well but it's nevertheless better to have an explicit handshake test
      for mac-then-encrypt.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      b3618f44
  37. Nov 13, 2016
  38. Nov 10, 2016