wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9829 commits 20 branches 302 tags 153 MiB
Commit graph

11 commits

Author SHA1 Message Date
David Woodhouse
6a14feb048 Check DTLS_BAD_VER for version number. 
Need to check DTLS_BAD_VER as well as DTLS1_VERSION.
PR:2984
 2013-02-12 15:09:44 +00:00
Andy Polyakov
6a2f94b39a s3_cbc.c: make CBC_MAC_ROTATE_IN_PLACE universal. 
(cherry picked from commit f93a41877d)
 2013-02-08 21:37:30 +01:00
Andy Polyakov
6ba1d561eb s3_cbc.c: get rid of expensive divisions [from master]. 
(cherry picked from commit e9baceab5a)
 2013-02-08 17:01:31 +01:00
Dr. Stephen Henson
be125aa5ba Fix IV check and padding removal. 
Fix the calculation that checks there is enough room in a record
after removing padding and optional explicit IV. (by Steve)

For AEAD remove the correct number of padding bytes (by Andy)
(cherry picked from commit 32cc2479b4)

Resolved conflicts:

	ssl/s3_cbc.c
 2013-02-08 11:12:49 +01:00
Andy Polyakov
413cbfe68d ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility. 
Kludge alert. This is arranged by passing padding length in unused
bits of SSL3_RECORD->type, so that orig_len can be reconstructed.
(cherry picked from commit 8bfd4c659f)
 2013-02-07 13:43:51 +00:00
Adam Langley
ee463921ed Fix for EXP-RC2-CBC-MD5 
MD5 should use little endian order. Fortunately the only ciphersuite
affected is EXP-RC2-CBC-MD5 (TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5) which
is a rarely used export grade ciphersuite.
 2013-02-06 15:50:42 +00:00
Andy Polyakov
33f44acbbe s3/s3_cbc.c: allow for compilations with NO_SHA256|512. 
(cherry picked from commit d5371324d9)
 2013-02-05 16:46:18 +00:00
Andy Polyakov
11c48a0fd2 ssl/s3_cbc.c: md_state alignment portability fix. 
RISCs are picky and alignment granted by compiler for md_state can be
insufficient for SHA512.
(cherry picked from commit 36260233e7)
 2013-02-05 16:46:18 +00:00
Andy Polyakov
3cdaca2436 ssl/s3_cbc.c: uint64_t portability fix. 
Break dependency on uint64_t. It's possible to declare bits as
unsigned int, because TLS packets are limited in size and 32-bit
value can't overflow.
(cherry picked from commit cab13fc847)
 2013-02-05 16:46:17 +00:00
Ben Laurie
080f395392 Fixups from previous commit. 2013-02-05 16:46:17 +00:00
Ben Laurie
f852b60797 Oops. Add missing file. 
(cherry picked from commit 014265eb02)
 2013-02-05 16:46:16 +00:00