Dr. Stephen Henson
a00c3c4019
Properly check EVP_VerifyFinal() and similar return values
...
(CVE-2008-5077).
Submitted by: Ben Laurie, Bodo Moeller, Google Security Team
2009-01-07 10:48:23 +00:00
Lutz Jänicke
f4677b7960
Fix compilation with -no-comp by adding some more #ifndef OPENSSL_NO_COMP
...
Some #include statements were not properly protected. This will go unnoted
on most systems as openssl/comp.h tends to be installed as a system header
file by default but may become visible when cross compiling.
2009-01-05 14:43:07 +00:00
Dr. Stephen Henson
4b253d904d
Avoid signed/unsigned compare warnings.
2008-12-29 00:17:36 +00:00
Dr. Stephen Henson
2c17b493b1
Make -DKSSL_DEBUG work again.
2008-11-10 18:55:07 +00:00
Lutz Jänicke
4db3e88459
Firstly, the bitmap we use for replay protection was ending up with zero
...
length, so a _single_ pair of packets getting switched around would
cause one of them to be 'dropped'.
Secondly, it wasn't even _dropping_ the offending packets, in the
non-blocking case. It was just returning garbage instead.
PR: #1752
Submitted by: David Woodhouse <dwmw2@infradead.org>
2008-10-13 06:43:06 +00:00
Lutz Jänicke
ab073bad4f
When the underlying BIO_write() fails to send a datagram, we leave the
...
offending record queued as 'pending'. The DTLS code doesn't expect this,
and we end up hitting an OPENSSL_assert() in do_dtls1_write().
The simple fix is just _not_ to leave it queued. In DTLS, dropping
packets is perfectly acceptable -- and even preferable. If we wanted a
service with retries and guaranteed delivery, we'd be using TCP.
PR: #1703
Submitted by: David Woodhouse <dwmw2@infradead.org>
2008-10-10 10:41:32 +00:00
Bodo Möller
d875413a0b
Make sure that SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG can't
...
enable disabled ciphersuites.
2008-09-22 21:22:51 +00:00
Dr. Stephen Henson
e852835da6
Make update: delete duplicate error code.
2008-09-17 17:11:09 +00:00
Dr. Stephen Henson
52702f6f92
Updates to build system from FIPS branch. Make fipscanisterbuild work and
...
build FIPS test programs.
2008-09-17 15:56:42 +00:00
Bodo Möller
446881468c
update comment
2008-09-14 19:50:53 +00:00
Bodo Möller
c198c26226
oops
2008-09-14 18:16:09 +00:00
Andy Polyakov
54d6ddba69
dtls1_write_bytes consumers expect amount of bytes written per call, not
...
overall [from HEAD].
PR: 1604
2008-09-14 17:57:03 +00:00
Dr. Stephen Henson
1af12ff1d1
Fix error code discrepancy.
...
Make update.
2008-09-14 16:43:37 +00:00
Bodo Möller
200d00c854
Fix SSL state transitions.
...
Submitted by: Nagendra Modadugu
2008-09-14 14:02:01 +00:00
Bodo Möller
36a4a67b2b
Some precautions to avoid potential security-relevant problems.
2008-09-14 13:42:40 +00:00
Andy Polyakov
3413424f01
DTLS didn't handle alerts correctly [from HEAD].
...
PR: 1632
2008-09-13 18:25:36 +00:00
Dr. Stephen Henson
8f59c61d1d
If tickets disabled behave as if no ticket received to support
...
stateful resume.
2008-09-03 22:13:04 +00:00
Bodo Möller
f9f6f0e9f0
sanity check
...
PR: 1679
2008-08-13 19:44:44 +00:00
Dr. Stephen Henson
14748adb09
Make ssl code consistent with FIPS branch. The new code has no effect
...
at present because it asserts either noop flags or is inside
OPENSSL_FIPS #ifdef's.
2008-06-16 16:56:43 +00:00
Dr. Stephen Henson
0278e15fa3
If auto load ENGINE lookup fails retry adding builtin ENGINEs.
2008-06-05 15:13:03 +00:00
Dr. Stephen Henson
56ef1cbc40
include engine.h if needed.
2008-06-05 11:23:35 +00:00
Dr. Stephen Henson
591371566e
Update from HEAD.
2008-06-04 22:39:29 +00:00
Dr. Stephen Henson
4aefb1dd98
Backport more ENGINE SSL client auth code to 0.9.8.
2008-06-04 18:35:27 +00:00
Dr. Stephen Henson
aa03989791
Backport ssl client auth ENGINE support to 0.9.8.
2008-06-04 18:01:40 +00:00
Bodo Möller
cec9bce126
fix whitespace
2008-05-28 22:22:50 +00:00
Mark J. Cox
2c0fa03dc6
Fix flaw if 'Server Key exchange message' is omitted from a TLS
...
handshake which could lead to a cilent crash as found using the
Codenomicon TLS test suite (CVE-2008-1672)
Reviewed by: openssl-security@openssl.org
Obtained from: mark@awe.com
2008-05-28 07:29:27 +00:00
Mark J. Cox
d3b3a6d389
Fix double-free in TLS server name extensions which could lead to a remote
...
crash found by Codenomicon TLS test suite (CVE-2008-0891)
Reviewed by: openssl-security@openssl.org
Obtained from: jorton@redhat.com
2008-05-28 07:26:33 +00:00
Lutz Jänicke
b0118409a9
Reword comment to be much shorter to stop other people from complaining
...
about "overcommenting"
2008-05-26 06:21:10 +00:00
Lutz Jänicke
5f23288692
Clear error queue when starting SSL_CTX_use_certificate_chain_file
...
PR: 1417, 1513
Submitted by: Erik de Castro Lopo <mle+openssl@mega-nerd.com>
2008-05-23 10:37:22 +00:00
Dr. Stephen Henson
db533c96e3
TLS ticket key setting callback: this allows and application to set
...
its own TLS ticket keys.
2008-04-30 16:11:33 +00:00
Dr. Stephen Henson
8831eb7624
Do not permit stateless session resumption is session IDs mismatch.
2008-04-29 17:22:01 +00:00
Dr. Stephen Henson
3c8f315021
Support ticket renewal in state machine (not used at present).
2008-04-29 16:41:53 +00:00
Dr. Stephen Henson
0f2e636602
Status strings for ticket states.
2008-04-29 16:38:26 +00:00
Dr. Stephen Henson
d3eef3e5af
Fix from HEAD.
2008-04-25 16:27:25 +00:00
Dr. Stephen Henson
3edad44d6e
Avoid "initializer not constant" errors when compiling in pedantic mode.
2008-04-02 11:15:05 +00:00
Ben Laurie
9c04747623
Make depend.
2007-11-15 13:32:53 +00:00
Dr. Stephen Henson
236860735e
Allow new session ticket when resuming.
2007-11-03 13:07:39 +00:00
Dr. Stephen Henson
5f95651316
Ensure the ticket expected flag is reset when a stateless resumption is
...
successful.
2007-10-18 11:39:11 +00:00
Andy Polyakov
ccac657556
New unused field crippled ssl_ctx_st in 0.9.8"f".
2007-10-17 21:22:58 +00:00
Andy Polyakov
a9c23ea079
Don't let DTLS ChangeCipherSpec increment handshake sequence number. From
...
HEAD with a twist: server interoperates with non-compliant client.
PR: 1587
2007-10-17 21:17:49 +00:00
Dr. Stephen Henson
33ffe2a7f7
Don't try to lookup zero length session.
2007-10-17 17:30:15 +00:00
Dr. Stephen Henson
7c717aafc6
Allow TLS tickets and session ID to both be present if lifetime hint is -1.
...
This never happens in normal SSL sessions but can be useful if the session
is being used as a "blob" to contain other data.
2007-10-17 11:27:25 +00:00
Andy Polyakov
ffe181c366
Make ssl compile.
2007-10-14 14:07:46 +00:00
Dr. Stephen Henson
43490dfb89
Avoid shadow and signed/unsigned warnings.
2007-10-12 00:29:06 +00:00
Dr. Stephen Henson
a523276786
Backport certificate status request TLS extension support to 0.9.8.
2007-10-12 00:00:36 +00:00
Ben Laurie
bb99ce5f80
make update, and more DTLS stuff.
2007-10-11 14:36:59 +00:00
Andy Polyakov
49f42ec0f6
Respect cookie length set by app_gen_cookie_cb [from HEAD].
...
Submitted by: Alex Lam
2007-10-09 19:31:53 +00:00
Andy Polyakov
91d509f0d9
Make DTLS1 record layer MAC calculation RFC compliant. From HEAD with a
...
twist: server interoperates with non-compliant pre-0.9.8f client.
2007-10-09 19:22:01 +00:00
Andy Polyakov
d5e858c55f
Prohibit RC4 in DTLS [from HEAD].
2007-10-05 21:05:27 +00:00
Andy Polyakov
d4736ae701
Set client_version earlier in DTLS (this is 0.9.8 specific).
2007-10-03 10:18:06 +00:00