wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9485 commits 20 branches 302 tags 153 MiB
Commit graph

1102 commits

Author SHA1 Message Date
Dr. Stephen Henson
48ae85b6ff PR: 1833 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Support for abbreviated handshakes when renegotiating.
 2010-08-26 14:22:40 +00:00
Dr. Stephen Henson
53e7985c8d PR: 1830 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson

Support for RFC5705 key extractor.
 2010-07-18 17:39:46 +00:00
Dr. Stephen Henson
28566b4966 no need for empty fragments with TLS 1.1 and later due to explicit IV 2010-06-27 14:42:43 +00:00
Dr. Stephen Henson
b4b15f68c0 Backport TLS v1.1 support from HEAD, ssl/ changes 2010-06-27 14:22:11 +00:00
Dr. Stephen Henson
e97359435e Fix warnings (From HEAD, original patch by Ben). 2010-06-15 17:25:15 +00:00
Dr. Stephen Henson
72240ab31a PR: 2259 
Submitted By: Artem Chuprina <ran@cryptocom.ru>

Check return values of HMAC in tls_P_hash and tls1_generate_key_block.

Although the previous version could in theory crash that would only happen if a
digest call failed. The standard software methods can never fail and only one
ENGINE currently uses digests and it is not compiled in by default.
 2010-05-17 11:26:56 +00:00
Dr. Stephen Henson
8c1e7de6cb PR: 2230 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix bug in bitmask macros and stop warnings.
 2010-05-03 13:01:50 +00:00
Dr. Stephen Henson
9f827ded1c fix signed/unsigned comparison warnings 2010-04-14 00:41:01 +00:00
Dr. Stephen Henson
1507f3abba PR: 2230 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix various DTLS fragment reassembly bugs.
 2010-04-14 00:17:29 +00:00
Dr. Stephen Henson
30e8defe52 PR: 2229 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Don't drop DTLS connection if mac or decryption failed.
 2010-04-14 00:09:55 +00:00
Dr. Stephen Henson
9f4dd3e3e3 PR: 2228 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix DTLS buffer record MAC failure bug.
 2010-04-14 00:03:13 +00:00
Richard Levitte
d2f098b33d Spelling 2010-04-13 14:34:48 +00:00
Richard Levitte
0a4fe6c8db Undo the previous change, it was incorrect in this branch. 2010-04-13 11:10:07 +00:00
Richard Levitte
7bba401d5d Third argument to dtls1_buffer_record is by reference 2010-04-13 08:41:58 +00:00
Dr. Stephen Henson
acc9938ba5 Add SHA2 algorithms to SSL_library_init(). Although these aren't used 
directly by SSL/TLS SHA2 certificates are becoming more common and
applications that only call SSL_library_init() and not
OpenSSL_add_all_alrgorithms() will fail when verifying certificates.

Update docs.
 2010-04-07 13:18:30 +00:00
Dr. Stephen Henson
6dfd3cf68e PR: 2218 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS replay bug.
 2010-04-06 12:44:55 +00:00
Dr. Stephen Henson
073775cbbb PR: 2219 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS buffering bug.
 2010-04-06 12:40:10 +00:00
Dr. Stephen Henson
e995d5044e PR: 2223 
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS timeout bug
 2010-04-06 12:29:21 +00:00
Bodo Möller
5b5464d525 Fix for "Record of death" vulnerability CVE-2010-0740. 
Also, add missing CHANGES entry for CVE-2009-3245 (code changes submitted to this branch on 23 Feb 2010).
 2010-03-25 11:22:42 +00:00
Dr. Stephen Henson
7b52778eff PR: 1731 and maybe 2197 
Clear error queue in a few places in SSL code where errors are expected
so they don't stay in the queue.
 2010-03-24 23:16:49 +00:00
Dr. Stephen Henson
47333a34d5 Submitted by: Tomas Hoger <thoger@redhat.com> 
Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
 2010-03-03 15:41:00 +00:00
Dr. Stephen Henson
90278430d9 make USE_CRYPTODEV_DIGESTS work 2010-03-01 01:19:36 +00:00
Dr. Stephen Henson
79363339b7 algorithms field has changed in 1.0.0 and later: update 2010-02-28 00:24:24 +00:00
Dr. Stephen Henson
fbe2c6b33e Add Kerberos fix which was in 0.9.8-stable but never committed to HEAD and 
1.0.0. Original fix was on 2007-Mar-09 and had the log message: "Fix kerberos
ciphersuite bugs introduced with PR:1336."
 2010-02-27 23:04:10 +00:00
Dr. Stephen Henson
8321bab39c OR default SSL_OP_LEGACY_SERVER_CONNECT so existing options are preserved 2010-02-17 19:43:46 +00:00
Dr. Stephen Henson
989238802a Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as 
initial connection to unpatched servers. There are no additional security
concerns in doing this as clients don't see renegotiation during an
attack anyway.
 2010-02-17 18:38:10 +00:00
Dr. Stephen Henson
45d6a15ae9 PR: 2171 
Submitted by: Tomas Mraz <tmraz@redhat.com>

Since SSLv2 doesn't support renegotiation at all don't reject it if
legacy renegotiation isn't enabled.

Also can now use SSL2 compatible client hello because RFC5746 supports it.
 2010-02-16 14:20:40 +00:00
Dr. Stephen Henson
8b354e776b PR: 2161 
Submitted by: Doug Goldstein <cardoe@gentoo.org>, Steve.

Make no-dsa, no-ecdsa and no-rsa compile again.
 2010-02-02 13:36:05 +00:00
Dr. Stephen Henson
868f5e44ca PR: 2160 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Make session tickets work with DTLS.
 2010-02-01 16:49:42 +00:00
Dr. Stephen Henson
4e5fdd11ea PR: 2159 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Typo in PR#1949 bug, oops!
 2010-02-01 12:44:11 +00:00
Dr. Stephen Henson
57749b1b9f PR: 1949 
Submitted by: steve@openssl.org

More robust fix and workaround for PR#1949. Don't try to work out if there
is any write pending data as this can be unreliable: always flush.
 2010-01-26 19:46:30 +00:00
Dr. Stephen Henson
f4f2b52995 oops 2010-01-26 13:56:15 +00:00
Dr. Stephen Henson
c7d5edbf5e export OPENSSL_isservice and make update 2010-01-26 13:55:33 +00:00
Richard Levitte
c8ca769d3b Compile t1_reneg on VMS as well. 
Submitted by Steven M. Schweda <sms@antinode.info>
 2010-01-25 00:19:33 +00:00
Dr. Stephen Henson
a377811f15 PR: 2153, 2125 
Submitted by: steve@openssl.org

The original fix for PR#2125 broke compilation on some Unixware platforms:
revert and make conditional on VMS.
 2010-01-24 16:57:38 +00:00
Dr. Stephen Henson
ef1b6b2cf2 The fix for PR#1949 unfortunately broke cases where the BIO_CTRL_WPENDING 
ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround
call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should
both address the original bug and retain compatibility with the old behaviour.
 2010-01-24 13:54:07 +00:00
Dr. Stephen Henson
ad8ee3d7d1 If legacy renegotiation is not permitted then send a fatal alert if a patched 
server attempts to renegotiate with an unpatched client.
 2010-01-22 18:49:19 +00:00
Dr. Stephen Henson
2a4d0dcb89 The use of NIDs in the password based encryption table can result in 
algorithms not found when an application uses PKCS#12 and only calls
SSL_library_init() instead of OpenSSL_add_all_algorithms(). Simple
work around is to add the missing algorithm (40 bit RC2) in
SSL_library_init().
 2010-01-19 19:55:47 +00:00
Dr. Stephen Henson
04aa7441ab PR: 2144 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Better fix for PR#2144
 2010-01-19 19:11:21 +00:00
Dr. Stephen Henson
ddba003d5e PR: 2144 
Submitted by: steve@openssl.org

Fix DTLS connection so new_session is reset if we read second client hello:
new_session is used to detect renegotiation.
 2010-01-16 19:45:59 +00:00
Dr. Stephen Henson
e59d9a34c9 PR: 2133 
Submitted by: steve@openssl.org

Add missing DTLS state strings.
 2010-01-16 19:20:38 +00:00
Dr. Stephen Henson
8043f01b13 PR: 2125 
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com>

Fix gcc-aix compilation issue.
 2010-01-14 17:51:52 +00:00
Dr. Stephen Henson
41c0f68630 Fix version handling so it can cope with a major version >3. 
Although it will be many years before TLS v2.0 or later appears old versions
of servers have a habit of hanging around for a considerable time so best
if we handle this properly now.
 2010-01-13 19:08:29 +00:00
Dr. Stephen Henson
73ff97ad76 Simplify RI+SCSV logic: 
1. Send SCSV is not renegotiating, never empty RI.
2. Send RI if renegotiating.
 2010-01-07 19:05:03 +00:00
Dr. Stephen Henson
eb17330837 Updates to conform with draft-ietf-tls-renegotiation-03.txt: 
1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.
 2010-01-06 17:37:38 +00:00
Dr. Stephen Henson
1f67a3a985 compress_meth should be unsigned 2010-01-05 16:46:39 +00:00
Dr. Stephen Henson
4cba294d79 Client side compression algorithm sanity checks: ensure old compression 
algorithm matches current and give error if compression is disabled and
server requests it (shouldn't happen unless server is broken).
 2010-01-01 14:39:51 +00:00
Dr. Stephen Henson
e642fd7a1c Compression handling on session resume was badly broken: it always 
used compression algorithms in client hello (a legacy from when
the compression algorithm wasn't serialized with SSL_SESSION).
 2010-01-01 00:44:36 +00:00
Dr. Stephen Henson
986093affa Typo 2009-12-27 23:03:25 +00:00
Dr. Stephen Henson
f88e0acb0e Update RI to match latest spec. 
MCSV is now called SCSV.

Don't send SCSV if renegotiating.

Also note if RI is empty in debug messages.
 2009-12-27 22:59:09 +00:00