Skip to content
  1. Dec 07, 2015
  2. Dec 03, 2015
  3. Dec 02, 2015
  4. Dec 01, 2015
    • Matt Caswell's avatar
      Remove cookie validation return value trick · 94f98a90
      Matt Caswell authored
      
      
      In the DTLS ClientHello processing the return value is stored in |ret| which
      by default is -1. |ret| is only updated to a positive value once we are past
      all points where we could hit an error. We wish to return 1 on success or 2
      on success *and* we have validated the DTLS cookie. Previously on successful
      validation of the cookie we were setting |ret| to -2, and then once we were
      past all error points we set |ret = -ret|. This is non-obvious behaviour and
      could be error prone. This commit tries to make this a bit more intuitive.
      
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      94f98a90
  5. Nov 30, 2015
  6. Nov 24, 2015
  7. Nov 23, 2015
  8. Nov 22, 2015
  9. Nov 21, 2015
  10. Nov 20, 2015
  11. Nov 19, 2015
  12. Nov 18, 2015
  13. Nov 16, 2015
  14. Nov 13, 2015
  15. Nov 11, 2015
  16. Nov 10, 2015
    • Matt Caswell's avatar
      Stop DTLS servers asking for unsafe legacy renegotiation · d40ec4ab
      Matt Caswell authored
      
      
      If a DTLS client that does not support secure renegotiation connects to an
      OpenSSL DTLS server then, by default, renegotiation is disabled. If a
      server application attempts to initiate a renegotiation then OpenSSL is
      supposed to prevent this. However due to a discrepancy between the TLS and
      DTLS code, the server sends a HelloRequest anyway in DTLS.
      
      This is not a security concern because the handshake will still fail later
      in the process when the client responds with a ClientHello.
      
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      d40ec4ab
    • Matt Caswell's avatar
      Only call ssl3_init_finished_mac once for DTLS · 15a7164e
      Matt Caswell authored
      
      
      In DTLS if an IO retry occurs during writing of a fragmented ClientHello
      then we can end up reseting the finish mac variables on the retry, which
      causes a handshake failure. We should only reset on the first attempt not
      on retries.
      
      Thanks to BoringSSL for reporting this issue.
      
      RT#4119
      
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      15a7164e
  17. Nov 09, 2015
    • Matt Caswell's avatar
      Remove redundant check from tls1_get_curvelist · 822d265c
      Matt Caswell authored
      
      
      The function tls1_get_curvelist() has an explicit check to see if s->cert
      is NULL or not. However the check appears *after* calling the tls1_suiteb
      macro which derefs s->cert. In reality s->cert can never be NULL because
      it is created in SSL_new(). If the malloc fails then the SSL_new call fails
      and no SSL object is created.
      
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      (cherry picked from commit 6329b609)
      
      Conflicts:
      	ssl/t1_lib.c
      822d265c