Skip to content
GitLab
  1. 01 Dec, 2013 2 commits
  3. 27 Nov, 2013 1 commit
  5. 18 Nov, 2013 2 commits
  7. 17 Nov, 2013 1 commit
  9. 14 Nov, 2013 2 commits
  11. 13 Nov, 2013 3 commits
    • Dr. Stephen Henson's avatar
      Allow match selecting of current certificate. · ff0bdbed
      Dr. Stephen Henson authored 
      If pointer comparison for current certificate fails check
to see if a match using X509_cmp succeeds for the current
certificate: this is useful for cases where the certificate
pointer is not available.
(cherry picked from commit 6856b288a6e66edd23907b7fa264f42e05ac9fc7)
      ff0bdbed
    • Rob Stradling's avatar
      Additional "chain_cert" functions. · dc4bdf59
      Rob Stradling authored 
      PR#3169

This patch, which currently applies successfully against master and
1_0_2, adds the following functions:

SSL_[CTX_]select_current_cert() - set the current certificate without
disturbing the existing structure.

SSL_[CTX_]get0_chain_certs() - get the current certificate's chain.

SSL_[CTX_]clear_chain_certs() - clear the current certificate's chain.

The patch also adds these functions to, and fixes some existing errors
in, SSL_CTX_add1_chain_cert.pod.
(cherry picked from commit 2f56c9c015dbca45379c9a725915b3b8e765a119)
      dc4bdf59
    • Krzysztof Kwiatkowski's avatar
      Delete duplicate entry. · b03d0513
      Krzysztof Kwiatkowski authored 
      PR#3172
(cherry picked from commit 4f055e34c3598cad00fca097d812fa3e6436d967)
      b03d0513
  13. 12 Nov, 2013 3 commits
  15. 11 Nov, 2013 3 commits
  17. 10 Nov, 2013 1 commit
  19. 09 Nov, 2013 3 commits
  21. 08 Nov, 2013 2 commits
  23. 06 Nov, 2013 2 commits
  25. 03 Nov, 2013 1 commit
  27. 02 Nov, 2013 7 commits
  29. 01 Nov, 2013 2 commits
  31. 30 Oct, 2013 2 commits
    • Robin Seggelmann's avatar
      DTLS/SCTP struct authchunks Bug · f596e3c4
      Robin Seggelmann authored 
      PR: 2809

DTLS/SCTP requires DATA and FORWARD-TSN chunks to be protected with
SCTP-AUTH.  It is checked if this has been activated successfully for
the local and remote peer. Due to a bug, however, the
gauth_number_of_chunks field of the authchunks struct is missing on
FreeBSD, and was therefore not considered in the OpenSSL implementation.
This patch sets the corresponding pointer for the check correctly
whether or not this bug is present.
      f596e3c4
    • Robin Seggelmann's avatar
      DTLS/SCTP Finished Auth Bug · 9fb523ad
      Robin Seggelmann authored 
      PR: 2808

With DTLS/SCTP the SCTP extension SCTP-AUTH is used to protect DATA and
FORWARD-TSN chunks. The key for this extension is derived from the
master secret and changed with the next ChangeCipherSpec, whenever a new
key has been negotiated. The following Finished then already uses the
new key.  Unfortunately, the ChangeCipherSpec and Finished are part of
the same flight as the ClientKeyExchange, which is necessary for the
computation of the new secret. Hence, these messages are sent
immediately following each other, leaving the server very little time to
compute the new secret and pass it to SCTP before the finished arrives.
So the Finished is likely to be discarded by SCTP and a retransmission
becomes necessary. To prevent this issue, the Finished of the client is
still sent with the old key.
      9fb523ad
  33. 21 Oct, 2013 1 commit
  35. 20 Oct, 2013 2 commits
    • Nick Mathewson's avatar
      Fix another gmt_unix_time case in server_random · 070e40e2
      Nick Mathewson authored
      070e40e2
    • Nick Mathewson's avatar
      Do not include a timestamp in the Client/ServerHello Random field. · d757097b
      Nick Mathewson authored 
      Instead, send random bytes, unless SSL_SEND_{CLIENT,SERVER}RANDOM_MODE
is set.

This is a forward-port of commits:
  4af79303
  f4c93b46
  3da721da
  25832701

While the gmt_unix_time record was added in an ostensible attempt to
mitigate the dangers of a bad RNG, its presence leaks the host's view
of the current time in the clear.  This minor leak can help
fingerprint TLS instances across networks and protocols... and what's
worse, it's doubtful thet the gmt_unix_time record does any good at
all for its intended purpose, since:

    * It's quite possible to open two TLS connections in one second.

    * If the PRNG output is prone to repeat itself, ephemeral
      handshakes (and who knows what else besides) are broken.
      d757097b