Skip to content
  1. Jun 03, 2019
    • Matt Caswell's avatar
      Defer sending a KeyUpdate until after pending writes are complete · 6c2f347c
      Matt Caswell authored
      
      
      If we receive a KeyUpdate message (update requested) from the peer while
      we are in the middle of a write, we should defer sending the responding
      KeyUpdate message until after the current write is complete. We do this
      by waiting to send the KeyUpdate until the next time we write and there is
      no pending write data.
      
      This does imply a subtle change in behaviour. Firstly the responding
      KeyUpdate message won't be sent straight away as it is now. Secondly if
      the peer sends multiple KeyUpdates without us doing any writing then we
      will only send one response, as opposed to previously where we sent a
      response for each KeyUpdate received.
      
      Fixes #8677
      
      Reviewed-by: default avatarBen Kaduk <kaduk@mit.edu>
      (Merged from https://github.com/openssl/openssl/pull/8773)
      
      (cherry picked from commit feb9e31c40c49de6384dd0413685e9b5a15adc99)
      6c2f347c
    • Shane Lontis's avatar
      Add the content type attribute to additional CMS signerinfo. · d63d841f
      Shane Lontis authored
      
      
      Fixes #8923
      
      Found using the openssl cms -resign option.
      This uses an alternate path to do the signing which was not adding the required signed attribute
      content type. The content type attribute should always exist since it is required is there are
      any signed attributes.
      As the signing time attribute is always added in code, the content type attribute is also required.
      The CMS_si_check_attributes() method adds validity checks for signed and unsigned attributes
      e.g. The message digest attribute is a signed attribute that must exist if any signed attributes
      exist, it cannot be an unsigned attribute and there must only be one instance containing a single
      value.
      
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/8944)
      
      (cherry picked from commit 19e512a8244a6f527d0194339a8f9fc45468537a)
      d63d841f
  2. May 31, 2019
  3. May 30, 2019
  4. May 29, 2019
  5. May 28, 2019
  6. May 27, 2019
  7. May 26, 2019
  8. May 24, 2019
  9. May 23, 2019
  10. May 22, 2019
  11. May 21, 2019
  12. May 20, 2019
  13. May 16, 2019
  14. May 09, 2019
  15. May 08, 2019
  16. May 07, 2019