- Nov 20, 2014
-
-
Emilia Kasper authored
once the ChangeCipherSpec message is received. Previously, the server would set the flag once at SSL3_ST_SR_CERT_VRFY and again at SSL3_ST_SR_FINISHED. This would allow a second CCS to arrive and would corrupt the server state. (Because the first CCS would latch the correct keys and subsequent CCS messages would have to be encrypted, a MitM attacker cannot exploit this, though.) Thanks to Joeri de Ruiter for reporting this issue. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Emilia Kasper authored
The server must send a NewSessionTicket message if it advertised one in the ServerHello, so make a missing ticket message an alert in the client. An equivalent change was independently made in BoringSSL, see commit 6444287806d801b9a45baf1f6f02a0e3a16e144c. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Emilia Kasper authored
The client sends a session ID with the session ticket, and uses the returned ID to detect resumption, so we do not need to peek at handshake messages: s->hit tells us explicitly if we're resuming. An equivalent change was independently made in BoringSSL, see commit 407886f589cf2dbaed82db0a44173036c3bc3317. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Emilia Kasper authored
The same change was independently made in BoringSSL, see commit 9eaeef81fa2d4fd6246dc02b6203fa936a5eaf67 Reviewed-by: Matt Caswell <matt@openssl.org>
-
Emilia Kasper authored
This ensures that it's zeroed even if the SSL object is reused (as in ssltest.c). It also ensures that it applies to DTLS, too. Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Nov 19, 2014
-
-
Matt Caswell authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Dr. Stephen Henson authored
If no keyfile has been specified use the certificate file instead. Fix typo: we need to check the chain is not NULL, not the chain file. Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 786370b1b09b919d9306f27336e13783e4fe3fd0)
-
Dr. Stephen Henson authored
When no-ssl3 is set only make SSLv3 disabled by default. Retain -ssl3 options for s_client/s_server/ssltest. When no-ssl3-method is set SSLv3_*method() is removed and all -ssl3 options. We should document this somewhere, e.g. wiki, FAQ or manual page. Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Dr. Stephen Henson authored
Don't send or parse any extensions other than RI (which is needed to handle secure renegotation) for SSLv3. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
The supported signature algorithms extension needs to be processed before the certificate to use is decided and before a cipher is selected (as the set of shared signature algorithms supported may impact the choice). Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 56e8dc54) Conflicts: ssl/ssl.h ssl/ssl_err.c
-
- Nov 18, 2014
-
-
Matt Caswell authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
- Nov 17, 2014
-
-
Jan Hykel authored
Don't attempt to access msg structure if recvmsg returns an error. PR#3483 Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Nov 16, 2014
-
-
Mike Bland authored
Change-Id: I626d751f19f24df6b967c17498d6189cc0acb96c Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Mike Bland authored
This is the only Makefile without SRC defined. This change enables a standard Makefile include directive to cover crypto/jpake/*.d files. This was automatically applied by AddSrcVarIfNeeded() in: https://code.google.com/p/mike-bland/source/browse/openssl/update_makefiles.py Change-Id: I030204a1bc873b5de5b06c8ddc0b94bb224c6650 Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Mike Bland authored
These correspond to targets of the same name in test/Makefile that clash when using the single-makefile build method using GitConfigure and GitMake. Change-Id: If7e900c75f4341b446608b6916a3d76f202026ea Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Mike Bland authored
Before this change, variables for which a '=' appeared in the assignment would be parsed as the entire string up until the final '='. For example: BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ would result in the variable name "BUILD_CMD=shlib_target". This doesn't appear to harm the current generation of MINFO, but creates problems for other Makefile-related work I'm attempting. Change-Id: I1f3a606d67fd5464bb459e8f36c23b3e967b77e1 Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Mike Bland authored
These are based on debug-ben-debug-64-clang and is intended to produce consistent settings for folks involved in the unit testing effort detailed at: http://wiki.openssl.org/index.php/Unit_Testing -fsanitize has been removed from the set of clang flags for now. Apparently clang 3.1, which ships with FreeBSD 9.1, completely ignores -fsanitize. Clang 3.3, which ships with FreeBSD 9.2, compiles with it, but fails to link due to the absence of libasan: http://lists.freebsd.org/pipermail/freebsd-hackers/2013-December/043995.html https://www.mail-archive.com/cfe-commits@cs.uiuc.edu/msg92260.html http://reviews.llvm.org/D2644 We need -Wno-error=unused-const-variable because of this error: .../crypto/ec/ec_lib.c:74:19: error: unused variable 'EC_version' [-Werror,-Wunused-const-variable] static const char EC_version[] = "EC" OPENSSL_VERSION_PTEXT; Change-Id: I2cba53537137186114c083049ea1233550a741f9 Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Mike Bland authored
This fixes the errors when trying to assemble .s files using GitMake on OS X. Change-Id: I2221f558619302d22e0c57d7203173d634155678 Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Mike Bland authored
cscope.out is generated by cscope as described in: http://wiki.openssl.org/index.php/Testing_and_Development_Tools_and_Tips .d files are compiler-generated Makefile dependency files (e.g. using 'gcc -MMD -MP foo.c'). Change-Id: I2338858a6b6ee0527837d10a8b55cff1689023fd Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Nov 13, 2014
-
-
Dr. Stephen Henson authored
Print out more details of the conection in ssltest specifically: server certificate curve name for EC, server temporary key (if any) and peer signing digest. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Add command line support for SSL_CONF: server side arguments are prefixed by -s_ (e.g. -s_no_ssl3) and client side with -c_. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
If the hash or public key algorithm is "undef" the signature type will receive special handling and shouldn't be included in the cross reference table. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Nov 12, 2014
-
-
Alok Menghrajani authored
Out is the buffer which needs to contain at least inl + cipher_block_size - 1 bytes. Outl is just an int*. Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Michal Bozon authored
PR#3535 Reviewed-by: Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
- Nov 11, 2014
-
-
Kurt Roeckx authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Nov 10, 2014
-
-
Russell Coker authored
This doesn't really fix the datarace but changes it so it can only happens once. This isn't really a problem since we always just set it to the same value. We now just stop writing it after the first time. PR3584, https://bugs.debian.org/534534 Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Kurt Roeckx authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Oct 30, 2014
-
-
Andy Polyakov authored
PR: 3474 Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
- Oct 29, 2014
-
-
Dr. Stephen Henson authored
The trial division and probable prime with coprime tests are disabled on WIN32 builds because they use internal functions not exported from the WIN32 DLLs. Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Stephen Henson <steve@openssl.org>
-
- Oct 28, 2014
-
-
Samuel Neves authored
Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Emilia Kasper authored
Tighten client-side session ticket handling during renegotiation: ensure that the client only accepts a session ticket if the server sends the extension anew in the ServerHello. Previously, a TLS client would reuse the old extension state and thus accept a session ticket if one was announced in the initial ServerHello. Reviewed-by: Bodo Moeller <bodo@openssl.org>
-
- Oct 27, 2014
-
-
Emilia Kasper authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Geoff Thorpe <geoff@openssl.org>
-