Skip to content
  1. Oct 28, 2016
    • Matt Caswell's avatar
      A zero return from BIO_read()/BIO_write() could be retryable · 4880672a
      Matt Caswell authored
      
      
      A zero return from BIO_read()/BIO_write() could mean that an IO operation
      is retryable. A zero return from SSL_read()/SSL_write() means that the
      connection has been closed down (either cleanly or not). Therefore we
      should not propagate a zero return value from BIO_read()/BIO_write() back
      up the stack to SSL_read()/SSL_write(). This could result in a retryable
      failure being treated as fatal.
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      4880672a
  2. Oct 26, 2016
  3. Oct 25, 2016
  4. Oct 24, 2016
  5. Oct 22, 2016
  6. Oct 21, 2016
  7. Oct 19, 2016
  8. Oct 18, 2016
  9. Oct 17, 2016
    • David Woodhouse's avatar
      Add SSL_OP_NO_ENCRYPT_THEN_MAC · cde6145b
      David Woodhouse authored
      
      
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      cde6145b
    • David Woodhouse's avatar
      Fix encrypt-then-mac implementation for DTLS · e23d5071
      David Woodhouse authored
      
      
      OpenSSL 1.1.0 will negotiate EtM on DTLS but will then not actually *do* it.
      
      If we use DTLSv1.2 that will hopefully be harmless since we'll tend to use
      an AEAD ciphersuite anyway. But if we're using DTLSv1, then we certainly
      will end up using CBC, so EtM is relevant — and we fail to interoperate with
      anything that implements EtM correctly.
      
      Fixing it in HEAD and 1.1.0c will mean that 1.1.0[ab] are incompatible with
      1.1.0c+... for the limited case of non-AEAD ciphers, where they're *already*
      incompatible with other implementations due to this bug anyway. That seems
      reasonable enough, so let's do it. The only alternative is just to turn it
      off for ever... which *still* leaves 1.0.0[ab] failing to communicate with
      non-OpenSSL implementations anyway.
      
      Tested against itself as well as against GnuTLS both with and without EtM.
      
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      e23d5071