- no need to disable SSL 2.0 for SSL_CTRL_SET_TLSEXT_HOSTNAME
now that ssl23_client_hello takes care of that
- fix buffer overrun checks in ssl_add_serverhello_tlsext()
- add a workaround provided by Victor Duchovni so that 128- and
256-bit variants of otherwise identical ciphersuites are treated
correctly;
- also, correctly skip invalid parts of ciphersuite description strings.
Submitted by: Victor Duchovni, Bodo Moeller
Use OPENSSL_NO_RFC3779 instead of OPENSSL_RFC3779: this makes the Win32 scripts
work and is consistent with other options.
Fix Win32 scripts and Configure to process OPENSSL_NO_RFC3779 properly.
Update ordinals.
Change some prototypes for LSB because VC++ 6 doesn't like the */ sequence and thinks it is an invalid end of comment.
1) Certificate Message with no certs
OpenSSL implementation sends the Certificate message during SSL
handshake, however as per the specification, these have been omitted.
-- RFC 2712 --
CertificateRequest, and the ServerKeyExchange shown in Figure 1
will be omitted since authentication and the establishment of a
master secret will be done using the client's Kerberos credentials
for the TLS server. The client's certificate will be omitted for
the same reason.
-- RFC 2712 --
3) Pre-master secret Protocol version
The pre-master secret generated by OpenSSL does not have the correct
client version.
RFC 2712 says, if the Kerberos option is selected, the pre-master
secret structure is the same as that used in the RSA case.
TLS specification defines pre-master secret as:
struct {
ProtocolVersion client_version;
opaque random[46];
} PreMasterSecret;
where client_version is the latest protocol version supported by the
client
The pre-master secret generated by OpenSSL does not have the correct
client version. The implementation does not update the first 2 bytes
of random secret for Kerberos Cipher suites. At the server-end, the
client version from the pre-master secret is not validated.
PR: 1336
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937) [Steve Henson]
Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
Fix SSL client code which could crash if connecting to a
malicious SSLv2 server. (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
