wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9401 commits 20 branches 302 tags 153 MiB
Commit graph

1090 commits

Author SHA1 Message Date
Richard Levitte
0a4fe6c8db Undo the previous change, it was incorrect in this branch. 2010-04-13 11:10:07 +00:00
Richard Levitte
7bba401d5d Third argument to dtls1_buffer_record is by reference 2010-04-13 08:41:58 +00:00
Dr. Stephen Henson
acc9938ba5 Add SHA2 algorithms to SSL_library_init(). Although these aren't used 
directly by SSL/TLS SHA2 certificates are becoming more common and
applications that only call SSL_library_init() and not
OpenSSL_add_all_alrgorithms() will fail when verifying certificates.

Update docs.
 2010-04-07 13:18:30 +00:00
Dr. Stephen Henson
6dfd3cf68e PR: 2218 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS replay bug.
 2010-04-06 12:44:55 +00:00
Dr. Stephen Henson
073775cbbb PR: 2219 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS buffering bug.
 2010-04-06 12:40:10 +00:00
Dr. Stephen Henson
e995d5044e PR: 2223 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS timeout bug
 2010-04-06 12:29:21 +00:00
Bodo Möller
5b5464d525 Fix for "Record of death" vulnerability CVE-2010-0740. 
Also, add missing CHANGES entry for CVE-2009-3245 (code changes submitted to this branch on 23 Feb 2010).
 2010-03-25 11:22:42 +00:00
Dr. Stephen Henson
7b52778eff PR: 1731 and maybe 2197 
Clear error queue in a few places in SSL code where errors are expected
so they don't stay in the queue.
 2010-03-24 23:16:49 +00:00
Dr. Stephen Henson
47333a34d5 Submitted by: Tomas Hoger <thoger@redhat.com> 
Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
 2010-03-03 15:41:00 +00:00
Dr. Stephen Henson
90278430d9 make USE_CRYPTODEV_DIGESTS work 2010-03-01 01:19:36 +00:00
Dr. Stephen Henson
79363339b7 algorithms field has changed in 1.0.0 and later: update 2010-02-28 00:24:24 +00:00
Dr. Stephen Henson
fbe2c6b33e Add Kerberos fix which was in 0.9.8-stable but never committed to HEAD and 
1.0.0. Original fix was on 2007-Mar-09 and had the log message: "Fix kerberos
ciphersuite bugs introduced with PR:1336."
 2010-02-27 23:04:10 +00:00
Dr. Stephen Henson
8321bab39c OR default SSL_OP_LEGACY_SERVER_CONNECT so existing options are preserved 2010-02-17 19:43:46 +00:00
Dr. Stephen Henson
989238802a Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as 
initial connection to unpatched servers. There are no additional security
concerns in doing this as clients don't see renegotiation during an
attack anyway.
 2010-02-17 18:38:10 +00:00
Dr. Stephen Henson
45d6a15ae9 PR: 2171 
Submitted by: Tomas Mraz <tmraz@redhat.com>

Since SSLv2 doesn't support renegotiation at all don't reject it if
legacy renegotiation isn't enabled.

Also can now use SSL2 compatible client hello because RFC5746 supports it.
 2010-02-16 14:20:40 +00:00
Dr. Stephen Henson
8b354e776b PR: 2161 
Submitted by: Doug Goldstein <cardoe@gentoo.org>, Steve.

Make no-dsa, no-ecdsa and no-rsa compile again.
 2010-02-02 13:36:05 +00:00
Dr. Stephen Henson
868f5e44ca PR: 2160 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Make session tickets work with DTLS.
 2010-02-01 16:49:42 +00:00
Dr. Stephen Henson
4e5fdd11ea PR: 2159 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Typo in PR#1949 bug, oops!
 2010-02-01 12:44:11 +00:00
Dr. Stephen Henson
57749b1b9f PR: 1949 
Submitted by: steve@openssl.org

More robust fix and workaround for PR#1949. Don't try to work out if there
is any write pending data as this can be unreliable: always flush.
 2010-01-26 19:46:30 +00:00
Dr. Stephen Henson
f4f2b52995 oops 2010-01-26 13:56:15 +00:00
Dr. Stephen Henson
c7d5edbf5e export OPENSSL_isservice and make update 2010-01-26 13:55:33 +00:00
Richard Levitte
c8ca769d3b Compile t1_reneg on VMS as well. 
Submitted by Steven M. Schweda <sms@antinode.info>
 2010-01-25 00:19:33 +00:00
Dr. Stephen Henson
a377811f15 PR: 2153, 2125 
Submitted by: steve@openssl.org

The original fix for PR#2125 broke compilation on some Unixware platforms:
revert and make conditional on VMS.
 2010-01-24 16:57:38 +00:00
Dr. Stephen Henson
ef1b6b2cf2 The fix for PR#1949 unfortunately broke cases where the BIO_CTRL_WPENDING 
ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround
call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should
both address the original bug and retain compatibility with the old behaviour.
 2010-01-24 13:54:07 +00:00
Dr. Stephen Henson
ad8ee3d7d1 If legacy renegotiation is not permitted then send a fatal alert if a patched 
server attempts to renegotiate with an unpatched client.
 2010-01-22 18:49:19 +00:00
Dr. Stephen Henson
2a4d0dcb89 The use of NIDs in the password based encryption table can result in 
algorithms not found when an application uses PKCS#12 and only calls
SSL_library_init() instead of OpenSSL_add_all_algorithms(). Simple
work around is to add the missing algorithm (40 bit RC2) in
SSL_library_init().
 2010-01-19 19:55:47 +00:00
Dr. Stephen Henson
04aa7441ab PR: 2144 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Better fix for PR#2144
 2010-01-19 19:11:21 +00:00
Dr. Stephen Henson
ddba003d5e PR: 2144 
Submitted by: steve@openssl.org

Fix DTLS connection so new_session is reset if we read second client hello:
new_session is used to detect renegotiation.
 2010-01-16 19:45:59 +00:00
Dr. Stephen Henson
e59d9a34c9 PR: 2133 
Submitted by: steve@openssl.org

Add missing DTLS state strings.
 2010-01-16 19:20:38 +00:00
Dr. Stephen Henson
8043f01b13 PR: 2125 
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com>

Fix gcc-aix compilation issue.
 2010-01-14 17:51:52 +00:00
Dr. Stephen Henson
41c0f68630 Fix version handling so it can cope with a major version >3. 
Although it will be many years before TLS v2.0 or later appears old versions
of servers have a habit of hanging around for a considerable time so best
if we handle this properly now.
 2010-01-13 19:08:29 +00:00
Dr. Stephen Henson
73ff97ad76 Simplify RI+SCSV logic: 
1. Send SCSV is not renegotiating, never empty RI.
2. Send RI if renegotiating.
 2010-01-07 19:05:03 +00:00
Dr. Stephen Henson
eb17330837 Updates to conform with draft-ietf-tls-renegotiation-03.txt: 
1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.
 2010-01-06 17:37:38 +00:00
Dr. Stephen Henson
1f67a3a985 compress_meth should be unsigned 2010-01-05 16:46:39 +00:00
Dr. Stephen Henson
4cba294d79 Client side compression algorithm sanity checks: ensure old compression 
algorithm matches current and give error if compression is disabled and
server requests it (shouldn't happen unless server is broken).
 2010-01-01 14:39:51 +00:00
Dr. Stephen Henson
e642fd7a1c Compression handling on session resume was badly broken: it always 
used compression algorithms in client hello (a legacy from when
the compression algorithm wasn't serialized with SSL_SESSION).
 2010-01-01 00:44:36 +00:00
Dr. Stephen Henson
986093affa Typo 2009-12-27 23:03:25 +00:00
Dr. Stephen Henson
f88e0acb0e Update RI to match latest spec. 
MCSV is now called SCSV.

Don't send SCSV if renegotiating.

Also note if RI is empty in debug messages.
 2009-12-27 22:59:09 +00:00
Dr. Stephen Henson
54bc369ad7 Alert to use is now defined in spec: update code 2009-12-17 15:42:43 +00:00
Dr. Stephen Henson
675564835c New option to enable/disable connection to unpatched servers 2009-12-16 20:28:30 +00:00
Dr. Stephen Henson
2456cd58c4 Allow initial connection (but no renegoriation) to servers which don't support 
RI.

Reorganise RI checking code and handle some missing cases.
 2009-12-14 13:55:39 +00:00
Ben Laurie
43a107026d Missing error code. 2009-12-12 15:57:53 +00:00
Dr. Stephen Henson
f1784f2fd2 Move SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION out of SSL_OP_ALL 2009-12-11 00:20:58 +00:00
Dr. Stephen Henson
b41a614686 Check s3 is not NULL 2009-12-09 14:53:51 +00:00
Dr. Stephen Henson
52a08e90d1 Add ctrls to clear options and mode. 
Change RI ctrl so it doesn't clash.
 2009-12-09 13:25:38 +00:00
Dr. Stephen Henson
6b5f0458fe Send no_renegotiation alert as required by spec. 2009-12-08 19:06:09 +00:00
Dr. Stephen Henson
b52a2738d4 Add ctrl and macro so we can determine if peer support secure renegotiation. 2009-12-08 13:42:32 +00:00
Dr. Stephen Henson
10f99d7b77 Add support for magic cipher suite value (MCSV). Make secure renegotiation 
work in SSLv3: initial handshake has no extensions but includes MCSV, if
server indicates RI support then renegotiation handshakes include RI.

NB: current MCSV value is bogus for testing only, will be updated when we
have an official value.

Change mismatch alerts to handshake_failure as required by spec.

Also have some debugging fprintfs so we can clearly see what is going on
if OPENSSL_RI_DEBUG is set.
 2009-12-08 13:15:12 +00:00
Dr. Stephen Henson
593222afe1 PR: 2121 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Add extension support to DTLS code mainly using existing implementation for
TLS.
 2009-12-08 11:38:18 +00:00
Dr. Stephen Henson
d5b8c46499 PR: 2115 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Add Renegotiation extension to DTLS, fix DTLS ClientHello processing bug.
 2009-12-01 17:41:42 +00:00