- Nov 10, 2016
-
-
Andy Polyakov authored
This is done by taking one vector, "corrupting" last bit of the tag value and verifying that decrypt fails. Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
Don't set choice selector on parse failure: this can pass unexpected values to the choice callback. Instead free up partial structure directly. CVE-2016-7053 Thanks to Tyler Nighswander of ForAllSecure for reporting this issue. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
The offset to the memory to clear was incorrect, causing a heap buffer overflow. CVE-2016-7054 Thanks to Robert Święcki for reporting this Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Some of stone-age assembler can't cope with r0 in address. It's actually sensible thing to do, because r0 is shunted to 0 in address arithmetic and by refusing r0 assembler effectively makes you understand that. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Skip the test if the value after ":" is a disabled algorithm, rather than failing it Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Nov 09, 2016
-
-
Matt Caswell authored
Added some TODOs, refactored a couple of things and added a SSL_IS_TLS13() macro. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
No need to have a supported versions table and a versions table. They should be the same. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
There were a few places where we weren't checking to see if we were using the draft TLS1.3 version or not. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Renegotiation does not exist in TLS1.3, so we need to disable it at some point. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Send a TLS1.4 ClientHello with supported_versions and get TLS1.3 Send a TLS1.3 ClientHello without supported_versions and get TLS1.2 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Replace a bare ";" with "continue;" for the body of a for loop. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
If supported_versions is present it takes precedence. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
We can end up with a NULL SSL_METHOD function if a method has been disabled. If that happens then we shouldn't call vent->smeth(). Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
EasySec authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1859)
-
Emilia Kasper authored
Simple tests only need to implement register_tests(). Tests that need a custom main() should implement test_main(). This will be wrapped in a main() that performs common setup/teardown (currently crypto-mdebug). Note that for normal development, enable-asan is usually sufficient for detecting leaks, and more versatile. enable-crypto-mdebug is stricter as it will also insist that all static variables be freed. This is useful for debugging library init/deinit; however, it also means that test_main() must free everything it allocates. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
EasySec authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Fixes a travis failure Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Nothing is using this yet, it just adds the underlying functions necesary for generating the TLS1.3 secrets. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Normally WPACKETs will use a BUF_MEM which can grow as required. Sometimes though that may be overkill for what is needed - a static buffer may be sufficient. This adds that capability. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
At the moment you can only do an HKDF Extract and Expand in one go. For TLS1.3 we need to be able to do an Extract first, and the subsequently do a number of Expand steps on the same PRK. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
FdaSilvaYY authored
Split x509_verify_param_zero code to the right place Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
There were a few places where they could be declared const so this commit does that. Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
The name and type of the argument to ssl_check_for_safari() has changed. Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
The size if fixed by the protocol and won't change even if sizeof(clienthello.random) does. Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-