Skip to content
  1. Aug 26, 2015
    • Matt Caswell's avatar
      Fix DTLS session ticket renewal · ee4ffd6f
      Matt Caswell authored
      
      
      A DTLS client will abort a handshake if the server attempts to renew the
      session ticket. This is caused by a state machine discrepancy between DTLS
      and TLS discovered during the state machine rewrite work.
      
      The bug can be demonstrated as follows:
      
      Start a DTLS s_server instance:
      openssl s_server -dtls
      
      Start a client and obtain a session but no ticket:
      openssl s_client -dtls -sess_out session.pem -no_ticket
      
      Now start a client reusing the session, but allow a ticket:
      openssl s_client -dtls -sess_in session.pem
      
      The client will abort the handshake.
      
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      ee4ffd6f
  2. Aug 25, 2015
  3. Aug 24, 2015
  4. Aug 21, 2015
  5. Aug 17, 2015
  6. Aug 16, 2015
  7. Aug 14, 2015
  8. Aug 13, 2015
  9. Aug 12, 2015
  10. Aug 11, 2015
    • Rich Salz's avatar
      Remove Gost94 signature algorithm. · ade44dcb
      Rich Salz authored
      
      
      This was obsolete in 2001.  This is not the same as Gost94 digest.
      Thanks to Dmitry Belyavsky <beldmit@gmail.com> for review and advice.
      
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      ade44dcb
    • Matt Caswell's avatar
      Fix "make test" seg fault with SCTP enabled · f75d5171
      Matt Caswell authored
      
      
      When config'd with "sctp" running "make test" causes a seg fault. This is
      actually due to the way ssltest works - it dives under the covers and frees
      up BIOs manually and so some BIOs are NULL when the SCTP code does not
      expect it. The simplest fix is just to add some sanity checks to make sure
      the BIOs aren't NULL before we use them.
      
      This problem occurs in master and 1.0.2. The fix has also been applied to
      1.0.1 to keep the code in sync.
      
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      f75d5171