- 02 Dec, 2014 1 commit
-
-
Kurt Roeckx authored
If SSLv2 and SSLv3 are both disabled we still support SSL/TLS. Reviewed-by:Richard Levitte <levitte@openssl.org>
-
- 28 Nov, 2014 4 commits
-
-
Richard Levitte authored
Reviewed-by:Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Previously, state variant was not advanced, which resulted in state being stuck in the st1 variant (usually "_A"). This broke certificate callback retry logic when accepting connections that were using SSLv2 ClientHello (hence reusing the message), because their state never advanced to SSL3_ST_SR_CLNT_HELLO_C variant required for the retry code path. Reported by Yichun Zhang (agentzh). Signed-off-by:
Piotr Sikora <piotr@cloudflare.com> Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Alok Menghrajani authored
The current documentation contains a bunch of spelling and grammar mistakes. I also found it hard to understand some paragraphs, so here is my attempt to improve its readability. Reviewed-by:
-
- 27 Nov, 2014 12 commits
-
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
PR#1767 Reviewed-by: -
Matt Caswell authored
PR#3613 Reviewed-by:
-
Matt Caswell authored
Reviewed-by:Dr. Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
Reviewed-by:
-
André Guerreiro authored
PR#3612 Reviewed-by:
-
Guenter authored
Workaround for NetWare CodeWarrior compiler which doesn't properly lookup includes when in same directory as the C file which includes it. PR#3569 Reviewed-by:
-
Matt Caswell authored
Minor changes made by Matt Caswell Reviewed-by:
-
Matt Caswell authored
Minor changes made by Matt Caswell. Reviewed-by:
-
Matt Caswell authored
Minor changes made by Matt Caswell. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
- 26 Nov, 2014 1 commit
-
-
Matt Caswell authored
PR#3608 Reviewed-by:
Tim Hudson <tjh@openssl.org> (cherry picked from commit 8a35dbb6)
-
- 25 Nov, 2014 1 commit
-
-
Matt Caswell authored
PR#3574 Reviewed-by:
-
- 20 Nov, 2014 6 commits
-
-
David Benjamin authored
the session's version (server). See also BoringSSL's commit bdf5e72f50e25f0e45e825c156168766d8442dde. Reviewed-by:
-
Emilia Kasper authored
once the ChangeCipherSpec message is received. Previously, the server would set the flag once at SSL3_ST_SR_CERT_VRFY and again at SSL3_ST_SR_FINISHED. This would allow a second CCS to arrive and would corrupt the server state. (Because the first CCS would latch the correct keys and subsequent CCS messages would have to be encrypted, a MitM attacker cannot exploit this, though.) Thanks to Joeri de Ruiter for reporting this issue. Reviewed-by:
-
Emilia Kasper authored
The server must send a NewSessionTicket message if it advertised one in the ServerHello, so make a missing ticket message an alert in the client. An equivalent change was independently made in BoringSSL, see commit 6444287806d801b9a45baf1f6f02a0e3a16e144c. Reviewed-by:
-
Emilia Kasper authored
The client sends a session ID with the session ticket, and uses the returned ID to detect resumption, so we do not need to peek at handshake messages: s->hit tells us explicitly if we're resuming. An equivalent change was independently made in BoringSSL, see commit 407886f589cf2dbaed82db0a44173036c3bc3317. Reviewed-by:
-
Emilia Kasper authored
The same change was independently made in BoringSSL, see commit 9eaeef81fa2d4fd6246dc02b6203fa936a5eaf67 Reviewed-by:
-
Emilia Kasper authored
This ensures that it's zeroed even if the SSL object is reused (as in ssltest.c). It also ensures that it applies to DTLS, too. Reviewed-by:
-
- 19 Nov, 2014 1 commit
-
-
Dr. Stephen Henson authored
When no-ssl3 is set only make SSLv3 disabled by default. Retain -ssl3 options for s_client/s_server/ssltest. When no-ssl3-method is set SSLv3_*method() is removed and all -ssl3 options. We should document this somewhere, e.g. wiki, FAQ or manual page. Reviewed-by:
Emilia Käsper <emilia@openssl.org> (cherry picked from commit 3881d810) Conflicts: util/mkdef.pl
-
- 18 Nov, 2014 1 commit
-
-
Matt Caswell authored
Reviewed-by:
-
- 17 Nov, 2014 1 commit
-
-
Jan Hykel authored
Don't attempt to access msg structure if recvmsg returns an error. PR#3483 Reviewed-by:
-
- 13 Nov, 2014 1 commit
-
-
Dr. Stephen Henson authored
If the hash or public key algorithm is "undef" the signature type will receive special handling and shouldn't be included in the cross reference table. Reviewed-by:
-
- 12 Nov, 2014 3 commits
-
-
Alok Menghrajani authored
Out is the buffer which needs to contain at least inl + cipher_block_size - 1 bytes. Outl is just an int*. Reviewed-by:
-
Michal Bozon authored
PR#3535 Reviewed-by: -
Matt Caswell authored
Reviewed-by:
-
- 11 Nov, 2014 1 commit
-
-
Kurt Roeckx authored
Reviewed-by:
-
- 10 Nov, 2014 1 commit
-
-
Russell Coker authored
This doesn't really fix the datarace but changes it so it can only happens once. This isn't really a problem since we always just set it to the same value. We now just stop writing it after the first time. PR3584, https://bugs.debian.org/534534 Signed-off-by:
Kurt Roeckx <kurt@roeckx.be> Reviewed-by:
Rich Salz <rsalz@openssl.org>
-
- 29 Oct, 2014 1 commit
-
-
Andy Polyakov authored
Reviewed-by:
-
- 28 Oct, 2014 2 commits
-
-
Samuel Neves authored
Signed-off-by:
-
Emilia Kasper authored
Tighten client-side session ticket handling during renegotiation: ensure that the client only accepts a session ticket if the server sends the extension anew in the ServerHello. Previously, a TLS client would reuse the old extension state and thus accept a session ticket if one was announced in the initial ServerHello. Reviewed-by:
Bodo Moeller <bodo@openssl.org> (cherry picked from commit d663df23) Conflicts: CHANGES
-
- 27 Oct, 2014 1 commit
-
-
Emilia Kasper authored
Reviewed-by:
Geoff Thorpe <geoff@openssl.org> (cherry picked from commit fd28a41e) Conflicts: ssl/ssltest.c
-
- 21 Oct, 2014 2 commits
-
-
Bodo Moeller authored
Reviewed-by: -
Bodo Moeller authored
listed after TLS_FALLBACK_SCSV. RT: 3575 Reviewed-by:
-
