Skip to content
  1. Mar 25, 2015
    • Matt Caswell's avatar
      Add more HMAC tests · b7279ed5
      Matt Caswell authored
      
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      b7279ed5
    • Matt Caswell's avatar
      Fix RAND_(pseudo_)?_bytes returns · 8f8e4e4f
      Matt Caswell authored
      
      
      Ensure all calls to RAND_bytes and RAND_pseudo_bytes have their return
      value checked correctly
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      8f8e4e4f
    • Matt Caswell's avatar
      Add ticket length before buffering DTLS message · a20718fa
      Matt Caswell authored
      
      
      In ssl3_send_new_session_ticket the message to be sent is constructed. We
      skip adding the length of the session ticket initially, then call
      ssl_set_handshake_header, and finally go back and add in the length of the
      ticket. Unfortunately, in DTLS, ssl_set_handshake_header also has the side
      effect of buffering the message for subsequent retransmission if required.
      By adding the ticket length after the call to ssl_set_handshake_header the
      message that is buffered is incomplete, causing an invalid message to be
      sent on retransmission.
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      (cherry picked from commit 4f9fab6b)
      
      Conflicts:
      	ssl/s3_srvr.c
      a20718fa
    • Matt Caswell's avatar
      Ensure last_write_sequence is saved in DTLS1.2 · 4285b851
      Matt Caswell authored
      
      
      In DTLS, immediately prior to epoch change, the write_sequence is supposed
      to be stored in s->d1->last_write_sequence. The write_sequence is then reset
      back to 00000000. In the event of retransmits of records from the previous
      epoch, the last_write_sequence is restored. This commit fixes a bug in
      DTLS1.2 where the write_sequence was being reset before last_write_sequence
      was saved, and therefore retransmits are sent with incorrect sequence
      numbers.
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      (cherry picked from commit d5d0a1cb)
      4285b851
  2. Mar 24, 2015
  3. Mar 23, 2015
  4. Mar 22, 2015
  5. Mar 20, 2015
  6. Mar 19, 2015
  7. Mar 18, 2015
  8. Mar 17, 2015