wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6026 commits 20 branches 302 tags 153 MiB
Commit graph

23 commits

Author SHA1 Message Date
Richard Levitte
920b700d4a Cleanse memory using the new OPENSSL_cleanse() function. 
I've covered all the memset()s I felt safe modifying, but may have missed some.
 2002-11-28 08:06:36 +00:00
Bodo Möller
0ac51fcf0b emtpy fragments are not necessary for SSL_eNULL 
(but noone uses it anyway)
 2002-07-09 08:48:03 +00:00
Bodo Möller
32a76f2c75 New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC 
vulnerability workaround (included in SSL_OP_ALL).

PR: #90
 2002-06-14 12:19:34 +00:00
Bodo Möller
82c77c1b32 Implement known-IV countermeasure. 
Fix length checks in ssl3_get_client_hello().

Use s->s3->in_read_app_data differently to fix ssl3_read_internal().
 2002-04-13 22:49:28 +00:00
Bodo Möller
ae9010abd5 comment 2001-09-24 07:57:20 +00:00
Bodo Möller
e41c5bd730 Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't 
reveal whether illegal block cipher padding was found or a MAC
verification error occured.

In ssl/s2_pkt.c, verify that the purported number of padding bytes is in
the legal range.
 2001-09-20 18:34:36 +00:00
Bodo Möller
dab4c2824f pay attention to blocksize before attempting decryption 2001-06-15 18:06:06 +00:00
Richard Levitte
e90323844f Use memmove() instead of memcpy() on areas that may overlap. 
Spotted by Nalin Dahyabhai <nalin@redhat.com>
 2001-06-07 04:45:55 +00:00
Bodo Möller
9a22ce66c9 This change should be suitable as a workaround for the Solaris x86 
compiler bug reported in <01032110293775.22278@weba3.iname.net>
(the '++seq[i]' condition is evaluated as 256 rather than 0
when the previous value is 255).
 2001-04-03 13:46:36 +00:00
Richard Levitte
26a3a48d65 There have been a number of complaints from a number of sources that names 
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages.  That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.
 2000-06-01 22:19:21 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Bodo Möller
245206eadd Use prototypes. 2000-01-05 23:31:47 +00:00
Ulf Möller
d02f751ce1 Message digest stuff. 1999-04-27 04:18:53 +00:00
Bodo Möller
ec577822f9 Change #include filenames from <foo.h> to <openssl.h>. 
Submitted by:
Reviewed by:
PR:
 1999-04-23 22:13:45 +00:00
Ben Laurie
61f5b6f338 Work with -pedantic! 1999-04-23 15:01:15 +00:00
Ben Laurie
e4aac1cb68 const correctness. 1999-04-19 23:43:11 +00:00
Ulf Möller
6b691a5c85 Change functions to ANSI C. 1999-04-19 21:31:43 +00:00
Ben Laurie
e778802f53 Massive constification. 1999-04-17 21:25:43 +00:00
Ben Laurie
06ab81f9f7 Add support for new TLS export ciphersuites. 1999-02-21 20:03:24 +00:00
Mark J. Cox
413c4f45ed Updates to the new SSL compression code 
[Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]

Fix so that the version number in the master secret, when passed
     via RSA, checks that if TLS was proposed, but we roll back to SSLv3
     (because the server will not accept higher), that the version number
     is 0x03,0x01, not 0x03,0x00
     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]

Submitted by:
Reviewed by:
PR:
 1999-02-16 09:22:21 +00:00
Ben Laurie
436d318c80 In the absence of feedback either way, commit the fix that looks right for 
wrong keylength with export null ciphers.
 1999-02-13 12:39:50 +00:00
Ralf S. Engelschall
dfeab0689f Import of old SSLeay release: SSLeay 0.9.1b (unreleased) 1998-12-21 11:00:56 +00:00
Ralf S. Engelschall
58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00