Robin Seggelmann
025f7dbdd1
DTLS/SCTP Finished Auth Bug
...
PR: 2808
With DTLS/SCTP the SCTP extension SCTP-AUTH is used to protect DATA and
FORWARD-TSN chunks. The key for this extension is derived from the
master secret and changed with the next ChangeCipherSpec, whenever a new
key has been negotiated. The following Finished then already uses the
new key. Unfortunately, the ChangeCipherSpec and Finished are part of
the same flight as the ClientKeyExchange, which is necessary for the
computation of the new secret. Hence, these messages are sent
immediately following each other, leaving the server very little time to
compute the new secret and pass it to SCTP before the finished arrives.
So the Finished is likely to be discarded by SCTP and a retransmission
becomes necessary. To prevent this issue, the Finished of the client is
still sent with the old key.
(cherry picked from commit 9fb523adce
)
(cherry picked from commit b9ef52b078
)
2013-11-01 22:44:20 +00:00
Ben Laurie
62036c6fc3
Merge branch 'no_gmt_unix_time' of git://github.com/nmathewson/openssl into OpenSSL_1_0_1-stable
2013-10-19 11:46:32 +01:00
Nick Mathewson
3da721dac9
Refactor {client,server}_random to call an intermediate function
...
I'll be using this to make an option for randomizing the time.
2013-10-09 10:28:42 -04:00
Nick Mathewson
f4c93b46ed
Do not include a timestamp in the ServerHello Random field.
...
Instead, send random bytes.
2013-09-16 13:44:10 -04:00
Michael Tuexen
83a3af9f4e
DTLS message_sequence number wrong in rehandshake ServerHello
...
This fix ensures that
* A HelloRequest is retransmitted if not responded by a ClientHello
* The HelloRequest "consumes" the sequence number 0. The subsequent
ServerHello uses the sequence number 1.
* The client also expects the sequence number of the ServerHello to
be 1 if a HelloRequest was received earlier.
This patch fixes the RFC violation.
(cherry picked from commit b62f4daac0
)
2013-08-13 18:55:41 +01:00
Dr. Stephen Henson
63e8f16737
PR: 2778(part)
...
Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com>
Time is always encoded as 4 bytes, not sizeof(Time).
2012-03-31 18:02:43 +00:00
Dr. Stephen Henson
9c284f9651
PR: 2748
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix possible DTLS timer deadlock.
2012-03-06 13:24:16 +00:00
Dr. Stephen Henson
bd6941cfaa
PR: 2658
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Support for TLS/DTLS heartbeats.
2011-12-31 23:00:36 +00:00
Dr. Stephen Henson
e065e6cda2
PR: 2535
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Add SCTP support for DTLS (RFC 6083).
2011-12-25 14:45:40 +00:00
Dr. Stephen Henson
6d24c09a69
PR: 2628
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix for ECC keys and DTLS.
2011-10-27 13:01:20 +00:00
Bodo Möller
3c3f025923
Fix session handling.
2011-09-05 13:36:55 +00:00
Bodo Möller
61ac68f9f6
(EC)DH memory handling fixes.
...
Submitted by: Adam Langley
2011-09-05 10:25:27 +00:00
Dr. Stephen Henson
f1c8db9f8c
PR: 2555
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS sequence number bug
2011-07-20 15:17:42 +00:00
Dr. Stephen Henson
2c9abbd554
PR: 2550
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS HelloVerifyRequest Timer bug
2011-07-20 15:13:43 +00:00
Dr. Stephen Henson
4159ac43aa
Oops use up to date patch for PR#2506
2011-05-25 14:30:05 +00:00
Dr. Stephen Henson
9472baae0d
Backport TLS v1.2 support from HEAD.
...
This includes TLS v1.2 server and client support but at present
client certificate support is not implemented.
2011-05-11 13:37:52 +00:00
Dr. Stephen Henson
ac2024ccbf
PR: 2458
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Don't change state when answering DTLS ClientHello.
2011-04-03 16:25:54 +00:00
Dr. Stephen Henson
c6dd154b3e
oops, revert previous patch
2010-08-27 12:10:12 +00:00
Dr. Stephen Henson
35cae95032
PR: 1833
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix other cases not covered by original patch.
2010-08-27 11:57:42 +00:00
Dr. Stephen Henson
48ae85b6ff
PR: 1833
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Support for abbreviated handshakes when renegotiating.
2010-08-26 14:22:40 +00:00
Dr. Stephen Henson
868f5e44ca
PR: 2160
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Make session tickets work with DTLS.
2010-02-01 16:49:42 +00:00
Dr. Stephen Henson
4e5fdd11ea
PR: 2159
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Typo in PR#1949 bug, oops!
2010-02-01 12:44:11 +00:00
Dr. Stephen Henson
57749b1b9f
PR: 1949
...
Submitted by: steve@openssl.org
More robust fix and workaround for PR#1949. Don't try to work out if there
is any write pending data as this can be unreliable: always flush.
2010-01-26 19:46:30 +00:00
Dr. Stephen Henson
04aa7441ab
PR: 2144
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Better fix for PR#2144
2010-01-19 19:11:21 +00:00
Dr. Stephen Henson
ddba003d5e
PR: 2144
...
Submitted by: steve@openssl.org
Fix DTLS connection so new_session is reset if we read second client hello:
new_session is used to detect renegotiation.
2010-01-16 19:45:59 +00:00
Dr. Stephen Henson
675564835c
New option to enable/disable connection to unpatched servers
2009-12-16 20:28:30 +00:00
Dr. Stephen Henson
593222afe1
PR: 2121
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Add extension support to DTLS code mainly using existing implementation for
TLS.
2009-12-08 11:38:18 +00:00
Dr. Stephen Henson
d5b8c46499
PR: 2115
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Add Renegotiation extension to DTLS, fix DTLS ClientHello processing bug.
2009-12-01 17:41:42 +00:00
Dr. Stephen Henson
53f062d050
PR: 2033
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS listen support.
2009-09-09 17:05:42 +00:00
Dr. Stephen Henson
2e9802b7a7
PR: 2028
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Fix DTLS cookie management bugs.
2009-09-04 17:42:06 +00:00
Dr. Stephen Henson
4e63da0669
PR: 1950
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve@openssl.org
DTLS fragment retransmission bug.
2009-06-05 14:46:49 +00:00
Dr. Stephen Henson
e1f09dfd84
PR: 1921
...
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Reviewed by: steve@openssl.org
Add ECDHE and PSK support to DTLS.
2009-05-31 17:11:24 +00:00
Dr. Stephen Henson
d6584eba8c
PR: 1922
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS Timer bug fix.
2009-05-15 22:58:13 +00:00
Dr. Stephen Henson
b452f43322
PR: 1751
...
Submitted by: David Woodhouse <dwmw2@infradead.org>
Approved by: steve@openssl.org
Compatibility patches for Cisco VPN client DTLS.
2009-04-19 18:03:13 +00:00
Dr. Stephen Henson
aab790a656
PR: 1829
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS Timer Bug fix.
2009-04-14 14:33:12 +00:00
Dr. Stephen Henson
1319aad994
PR: 1647
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Update patch for PR#1647.
2009-04-14 14:22:26 +00:00
Bodo Möller
e65bcbcef0
Fix SSL state transitions.
...
Submitted by: Nagendra Modadugu
2008-09-14 14:02:07 +00:00
Geoff Thorpe
1e26a8baed
Fix a variety of warnings generated by some elevated compiler-fascism,
...
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
2008-03-16 21:05:46 +00:00
Andy Polyakov
a2115c5d17
Respect cookie length set by app_gen_cookie_cb.
...
Submitted by: Alex Lam
2007-10-09 19:31:18 +00:00
Andy Polyakov
0d97d00b6c
DTLS RFC4347 says HelloVerifyRequest resets Finished MAC.
2007-09-30 19:34:36 +00:00
Andy Polyakov
7432d073af
Switch to RFC-compliant version encoding in DTLS.
2007-09-30 18:53:54 +00:00
Bodo Möller
08111768a2
fix warning
2007-09-19 01:43:59 +00:00
Dr. Stephen Henson
c81898cbc4
Update from stable branch.
2007-09-17 17:31:53 +00:00
Dr. Stephen Henson
81025661a9
Update ssl code to support digests other than MD5+SHA1 in handshake.
...
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>
2007-08-31 12:42:53 +00:00
Bodo Möller
7e69565fe6
fix warnings/inconsistencies caused by the recent changes to the
...
ciphersuite selection code in HEAD
Submitted by: Victor Duchovni
2007-02-19 14:53:18 +00:00
Bodo Möller
52b8dad8ec
Reorganize the data used for SSL ciphersuite pattern matching.
...
This change resolves a number of problems and obviates multiple kludges.
A new feature is that you can now say "AES256" or "AES128" (not just
"AES", which enables both).
In some cases the ciphersuite list generated from a given string is
affected by this change. I hope this is just in those cases where the
previous behaviour did not make sense.
2007-02-17 06:45:38 +00:00
Bodo Möller
89bbe14c50
Ciphersuite string bugfixes, and ECC-related (re-)definitions.
2006-06-14 17:40:31 +00:00
Dr. Stephen Henson
7bbcb2f690
Avoid warnings on VC++ 2005.
2005-12-05 17:21:22 +00:00
Dr. Stephen Henson
09b6c2ef15
Make OPENSSL_NO_COMP compile again.
2005-09-30 23:35:33 +00:00
Nils Larsch
4ebb342fcd
Let the TLSv1_method() etc. functions return a const SSL_METHOD
...
pointer and make the SSL_METHOD parameter in SSL_CTX_new,
SSL_CTX_set_ssl_version and SSL_set_ssl_method const.
2005-08-14 21:48:33 +00:00