Bodo Möller
a288aaefc4
Assorted bugfixes:
...
- safestack macro changes for C++ were incomplete
- RLE decompression boundary case
- SSL 2.0 key arg length check
Submitted by: Google (Adam Langley, Neel Mehta, Bodo Moeller)
2011-02-03 12:03:57 +00:00
Bodo Möller
346601bc32
CVE-2010-4180 fix (from OpenSSL_1_0_0-stable)
2011-02-03 10:42:00 +00:00
Dr. Stephen Henson
e1435034ae
FIPS_allow_md5() no longer exists and is no longer required
2011-01-26 12:25:51 +00:00
Dr. Stephen Henson
4577b38d22
Don't use decryption_failed alert for TLS v1.1 or later.
2011-01-04 19:39:42 +00:00
Dr. Stephen Henson
a8515e2d28
Since DTLS 1.0 is based on TLS 1.1 we should never return a decryption_failed
...
alert.
2011-01-04 19:33:30 +00:00
Richard Levitte
90d02be7c5
First attempt at adding the possibility to set the pointer size for the builds on VMS.
...
PR: 2393
2010-12-14 19:18:58 +00:00
Dr. Stephen Henson
6c36ca4628
PR: 2240
...
Submitted by: Jack Lloyd <lloyd@randombit.net>, "Mounir IDRASSI" <mounir.idrassi@idrix.net>, steve
Reviewed by: steve
As required by RFC4492 an absent supported points format by a server is
not an error: it should be treated as equivalent to an extension only
containing uncompressed.
2010-11-25 12:27:39 +00:00
Dr. Stephen Henson
9c61c57896
using_ecc doesn't just apply to TLSv1
2010-11-25 11:51:46 +00:00
Dr. Stephen Henson
95eef4df79
use generalised mac API for SSL key generation
2010-11-24 13:17:48 +00:00
Dr. Stephen Henson
a25c98ac73
remove duplicate statement
2010-11-18 17:33:44 +00:00
Dr. Stephen Henson
2d1e9ce753
oops, reinstate TLSv1 string
2010-11-17 18:16:57 +00:00
Dr. Stephen Henson
6e21ce592e
fix CVE-2010-3864
2010-11-17 17:36:29 +00:00
Dr. Stephen Henson
1a8ecda3ee
Only use explicit IV if cipher is in CBC mode.
2010-11-14 17:47:21 +00:00
Dr. Stephen Henson
d36c7b618d
Get correct GOST private key instead of just assuming the last one is
...
correct: this isn't always true if we have more than one certificate.
2010-11-14 13:50:42 +00:00
Dr. Stephen Henson
3fa29765fd
PR: 2314
...
Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
Reviewed by: steve
Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
2010-10-10 12:27:19 +00:00
Dr. Stephen Henson
36778eb231
PR: 1833
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix other cases not covered by original patch. (correct patch this time!)
2010-08-27 12:12:07 +00:00
Dr. Stephen Henson
c6dd154b3e
oops, revert previous patch
2010-08-27 12:10:12 +00:00
Dr. Stephen Henson
35cae95032
PR: 1833
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix other cases not covered by original patch.
2010-08-27 11:57:42 +00:00
Bodo Möller
02ba02604c
Patch from PR #1833 was broken: there's no s->s3->new_session
...
(only s->new_session).
2010-08-26 14:54:18 +00:00
Dr. Stephen Henson
48ae85b6ff
PR: 1833
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Support for abbreviated handshakes when renegotiating.
2010-08-26 14:22:40 +00:00
Dr. Stephen Henson
53e7985c8d
PR: 1830
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson
Support for RFC5705 key extractor.
2010-07-18 17:39:46 +00:00
Dr. Stephen Henson
28566b4966
no need for empty fragments with TLS 1.1 and later due to explicit IV
2010-06-27 14:42:43 +00:00
Dr. Stephen Henson
b4b15f68c0
Backport TLS v1.1 support from HEAD, ssl/ changes
2010-06-27 14:22:11 +00:00
Dr. Stephen Henson
e97359435e
Fix warnings (From HEAD, original patch by Ben).
2010-06-15 17:25:15 +00:00
Dr. Stephen Henson
72240ab31a
PR: 2259
...
Submitted By: Artem Chuprina <ran@cryptocom.ru>
Check return values of HMAC in tls_P_hash and tls1_generate_key_block.
Although the previous version could in theory crash that would only happen if a
digest call failed. The standard software methods can never fail and only one
ENGINE currently uses digests and it is not compiled in by default.
2010-05-17 11:26:56 +00:00
Dr. Stephen Henson
8c1e7de6cb
PR: 2230
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix bug in bitmask macros and stop warnings.
2010-05-03 13:01:50 +00:00
Dr. Stephen Henson
9f827ded1c
fix signed/unsigned comparison warnings
2010-04-14 00:41:01 +00:00
Dr. Stephen Henson
1507f3abba
PR: 2230
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix various DTLS fragment reassembly bugs.
2010-04-14 00:17:29 +00:00
Dr. Stephen Henson
30e8defe52
PR: 2229
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Don't drop DTLS connection if mac or decryption failed.
2010-04-14 00:09:55 +00:00
Dr. Stephen Henson
9f4dd3e3e3
PR: 2228
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix DTLS buffer record MAC failure bug.
2010-04-14 00:03:13 +00:00
Richard Levitte
d2f098b33d
Spelling
2010-04-13 14:34:48 +00:00
Richard Levitte
0a4fe6c8db
Undo the previous change, it was incorrect in this branch.
2010-04-13 11:10:07 +00:00
Richard Levitte
7bba401d5d
Third argument to dtls1_buffer_record is by reference
2010-04-13 08:41:58 +00:00
Dr. Stephen Henson
acc9938ba5
Add SHA2 algorithms to SSL_library_init(). Although these aren't used
...
directly by SSL/TLS SHA2 certificates are becoming more common and
applications that only call SSL_library_init() and not
OpenSSL_add_all_alrgorithms() will fail when verifying certificates.
Update docs.
2010-04-07 13:18:30 +00:00
Dr. Stephen Henson
6dfd3cf68e
PR: 2218
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fixes for DTLS replay bug.
2010-04-06 12:44:55 +00:00
Dr. Stephen Henson
073775cbbb
PR: 2219
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fixes for DTLS buffering bug.
2010-04-06 12:40:10 +00:00
Dr. Stephen Henson
e995d5044e
PR: 2223
...
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>
Fixes for DTLS timeout bug
2010-04-06 12:29:21 +00:00
Bodo Möller
5b5464d525
Fix for "Record of death" vulnerability CVE-2010-0740.
...
Also, add missing CHANGES entry for CVE-2009-3245 (code changes submitted to this branch on 23 Feb 2010).
2010-03-25 11:22:42 +00:00
Dr. Stephen Henson
7b52778eff
PR: 1731 and maybe 2197
...
Clear error queue in a few places in SSL code where errors are expected
so they don't stay in the queue.
2010-03-24 23:16:49 +00:00
Dr. Stephen Henson
47333a34d5
Submitted by: Tomas Hoger <thoger@redhat.com>
...
Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
2010-03-03 15:41:00 +00:00
Dr. Stephen Henson
90278430d9
make USE_CRYPTODEV_DIGESTS work
2010-03-01 01:19:36 +00:00
Dr. Stephen Henson
79363339b7
algorithms field has changed in 1.0.0 and later: update
2010-02-28 00:24:24 +00:00
Dr. Stephen Henson
fbe2c6b33e
Add Kerberos fix which was in 0.9.8-stable but never committed to HEAD and
...
1.0.0. Original fix was on 2007-Mar-09 and had the log message: "Fix kerberos
ciphersuite bugs introduced with PR:1336."
2010-02-27 23:04:10 +00:00
Dr. Stephen Henson
8321bab39c
OR default SSL_OP_LEGACY_SERVER_CONNECT so existing options are preserved
2010-02-17 19:43:46 +00:00
Dr. Stephen Henson
989238802a
Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as
...
initial connection to unpatched servers. There are no additional security
concerns in doing this as clients don't see renegotiation during an
attack anyway.
2010-02-17 18:38:10 +00:00
Dr. Stephen Henson
45d6a15ae9
PR: 2171
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Since SSLv2 doesn't support renegotiation at all don't reject it if
legacy renegotiation isn't enabled.
Also can now use SSL2 compatible client hello because RFC5746 supports it.
2010-02-16 14:20:40 +00:00
Dr. Stephen Henson
8b354e776b
PR: 2161
...
Submitted by: Doug Goldstein <cardoe@gentoo.org>, Steve.
Make no-dsa, no-ecdsa and no-rsa compile again.
2010-02-02 13:36:05 +00:00
Dr. Stephen Henson
868f5e44ca
PR: 2160
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Make session tickets work with DTLS.
2010-02-01 16:49:42 +00:00
Dr. Stephen Henson
4e5fdd11ea
PR: 2159
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Typo in PR#1949 bug, oops!
2010-02-01 12:44:11 +00:00
Dr. Stephen Henson
57749b1b9f
PR: 1949
...
Submitted by: steve@openssl.org
More robust fix and workaround for PR#1949. Don't try to work out if there
is any write pending data as this can be unreliable: always flush.
2010-01-26 19:46:30 +00:00
Dr. Stephen Henson
f4f2b52995
oops
2010-01-26 13:56:15 +00:00
Dr. Stephen Henson
c7d5edbf5e
export OPENSSL_isservice and make update
2010-01-26 13:55:33 +00:00
Richard Levitte
c8ca769d3b
Compile t1_reneg on VMS as well.
...
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:19:33 +00:00
Dr. Stephen Henson
a377811f15
PR: 2153, 2125
...
Submitted by: steve@openssl.org
The original fix for PR#2125 broke compilation on some Unixware platforms:
revert and make conditional on VMS.
2010-01-24 16:57:38 +00:00
Dr. Stephen Henson
ef1b6b2cf2
The fix for PR#1949 unfortunately broke cases where the BIO_CTRL_WPENDING
...
ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround
call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should
both address the original bug and retain compatibility with the old behaviour.
2010-01-24 13:54:07 +00:00
Dr. Stephen Henson
ad8ee3d7d1
If legacy renegotiation is not permitted then send a fatal alert if a patched
...
server attempts to renegotiate with an unpatched client.
2010-01-22 18:49:19 +00:00
Dr. Stephen Henson
2a4d0dcb89
The use of NIDs in the password based encryption table can result in
...
algorithms not found when an application uses PKCS#12 and only calls
SSL_library_init() instead of OpenSSL_add_all_algorithms(). Simple
work around is to add the missing algorithm (40 bit RC2) in
SSL_library_init().
2010-01-19 19:55:47 +00:00
Dr. Stephen Henson
04aa7441ab
PR: 2144
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Better fix for PR#2144
2010-01-19 19:11:21 +00:00
Dr. Stephen Henson
ddba003d5e
PR: 2144
...
Submitted by: steve@openssl.org
Fix DTLS connection so new_session is reset if we read second client hello:
new_session is used to detect renegotiation.
2010-01-16 19:45:59 +00:00
Dr. Stephen Henson
e59d9a34c9
PR: 2133
...
Submitted by: steve@openssl.org
Add missing DTLS state strings.
2010-01-16 19:20:38 +00:00
Dr. Stephen Henson
8043f01b13
PR: 2125
...
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com>
Fix gcc-aix compilation issue.
2010-01-14 17:51:52 +00:00
Dr. Stephen Henson
41c0f68630
Fix version handling so it can cope with a major version >3.
...
Although it will be many years before TLS v2.0 or later appears old versions
of servers have a habit of hanging around for a considerable time so best
if we handle this properly now.
2010-01-13 19:08:29 +00:00
Dr. Stephen Henson
73ff97ad76
Simplify RI+SCSV logic:
...
1. Send SCSV is not renegotiating, never empty RI.
2. Send RI if renegotiating.
2010-01-07 19:05:03 +00:00
Dr. Stephen Henson
eb17330837
Updates to conform with draft-ietf-tls-renegotiation-03.txt:
...
1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.
2010-01-06 17:37:38 +00:00
Dr. Stephen Henson
1f67a3a985
compress_meth should be unsigned
2010-01-05 16:46:39 +00:00
Dr. Stephen Henson
4cba294d79
Client side compression algorithm sanity checks: ensure old compression
...
algorithm matches current and give error if compression is disabled and
server requests it (shouldn't happen unless server is broken).
2010-01-01 14:39:51 +00:00
Dr. Stephen Henson
e642fd7a1c
Compression handling on session resume was badly broken: it always
...
used compression algorithms in client hello (a legacy from when
the compression algorithm wasn't serialized with SSL_SESSION).
2010-01-01 00:44:36 +00:00
Dr. Stephen Henson
986093affa
Typo
2009-12-27 23:03:25 +00:00
Dr. Stephen Henson
f88e0acb0e
Update RI to match latest spec.
...
MCSV is now called SCSV.
Don't send SCSV if renegotiating.
Also note if RI is empty in debug messages.
2009-12-27 22:59:09 +00:00
Dr. Stephen Henson
54bc369ad7
Alert to use is now defined in spec: update code
2009-12-17 15:42:43 +00:00
Dr. Stephen Henson
675564835c
New option to enable/disable connection to unpatched servers
2009-12-16 20:28:30 +00:00
Dr. Stephen Henson
2456cd58c4
Allow initial connection (but no renegoriation) to servers which don't support
...
RI.
Reorganise RI checking code and handle some missing cases.
2009-12-14 13:55:39 +00:00
Ben Laurie
43a107026d
Missing error code.
2009-12-12 15:57:53 +00:00
Dr. Stephen Henson
f1784f2fd2
Move SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION out of SSL_OP_ALL
2009-12-11 00:20:58 +00:00
Dr. Stephen Henson
b41a614686
Check s3 is not NULL
2009-12-09 14:53:51 +00:00
Dr. Stephen Henson
52a08e90d1
Add ctrls to clear options and mode.
...
Change RI ctrl so it doesn't clash.
2009-12-09 13:25:38 +00:00
Dr. Stephen Henson
6b5f0458fe
Send no_renegotiation alert as required by spec.
2009-12-08 19:06:09 +00:00
Dr. Stephen Henson
b52a2738d4
Add ctrl and macro so we can determine if peer support secure renegotiation.
2009-12-08 13:42:32 +00:00
Dr. Stephen Henson
10f99d7b77
Add support for magic cipher suite value (MCSV). Make secure renegotiation
...
work in SSLv3: initial handshake has no extensions but includes MCSV, if
server indicates RI support then renegotiation handshakes include RI.
NB: current MCSV value is bogus for testing only, will be updated when we
have an official value.
Change mismatch alerts to handshake_failure as required by spec.
Also have some debugging fprintfs so we can clearly see what is going on
if OPENSSL_RI_DEBUG is set.
2009-12-08 13:15:12 +00:00
Dr. Stephen Henson
593222afe1
PR: 2121
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Add extension support to DTLS code mainly using existing implementation for
TLS.
2009-12-08 11:38:18 +00:00
Dr. Stephen Henson
d5b8c46499
PR: 2115
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Add Renegotiation extension to DTLS, fix DTLS ClientHello processing bug.
2009-12-01 17:41:42 +00:00
Dr. Stephen Henson
3e8e12a6b6
Servers can't end up talking SSLv2 with legacy renegotiation disabled
2009-11-18 15:09:35 +00:00
Dr. Stephen Henson
5ddbb8f41a
Don't use SSLv2 compatible client hello if we don't tolerate legacy renegotiation
2009-11-18 14:45:32 +00:00
Dr. Stephen Henson
3c44e92bcb
Include a more meaningful error message when rejecting legacy renegotiation
2009-11-18 14:19:52 +00:00
Dr. Stephen Henson
73582b8117
add missing parts of reneg port, fix apps patch
2009-11-11 14:51:29 +00:00
Dr. Stephen Henson
56327ebe6a
make update
2009-11-10 13:23:04 +00:00
Dr. Stephen Henson
ec4346f6f9
oops, add missing prototypes
2009-11-09 18:58:50 +00:00
Dr. Stephen Henson
bc9058d041
First cut of renegotiation extension. (port to 1.0.0-stable)
2009-11-09 18:45:42 +00:00
Dr. Stephen Henson
e3738c49b8
If it is a new session don't send the old TLS ticket: send a zero length
...
ticket to request a new session.
2009-11-08 14:36:32 +00:00
Dr. Stephen Henson
23b97c6bb5
PR: 2089
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS Fragment size bug fix.
2009-11-02 13:37:17 +00:00
Dr. Stephen Henson
036b3f331b
Generate stateless session ID just after the ticket is received instead
...
of when a session is loaded. This will mean that applications that
just hold onto SSL_SESSION structures and never call d2i_SSL_SESSION()
will still work.
2009-10-30 14:06:18 +00:00
Dr. Stephen Henson
3d0b604c14
Fix statless session resumption so it can coexist with SNI
2009-10-30 13:22:44 +00:00
Dr. Stephen Henson
257b2bfb6c
Don't attempt session resumption if no ticket is present and session
...
ID length is zero.
2009-10-28 19:52:35 +00:00
Dr. Stephen Henson
a9bb9d0eb4
PR: 2072
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org
Avoid potential doublefree and reuse of freed handshake_buffer.
2009-10-16 15:24:19 +00:00
Dr. Stephen Henson
cc6688d796
PR: 2073
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org
Don't access freed SSL_CTX in SSL_free().
2009-10-16 13:41:52 +00:00
Dr. Stephen Henson
ad187f8905
Fix unitialized warnings
2009-10-04 16:52:35 +00:00
Dr. Stephen Henson
3d1dab4404
PR: 2055
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BIO_ctrl error handling in s2_srvr.c
2009-10-01 00:07:10 +00:00
Dr. Stephen Henson
29c2fd46d2
PR: 2054
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BIO_ctrl error handling
2009-10-01 00:03:50 +00:00
Dr. Stephen Henson
af3d4e1b02
PR: 2039
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS listen bug fix,
2009-09-15 22:48:30 +00:00
Dr. Stephen Henson
80afb40ae3
Submitted by: Julia Lawall <julia@diku.dk>
...
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
2009-09-13 11:27:27 +00:00
Dr. Stephen Henson
a131de9bb2
PR: 2025
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org
Constify SSL_CIPHER_description
2009-09-12 23:18:09 +00:00
Dr. Stephen Henson
0ddd002f60
PR: 1411
...
Submitted by: steve@openssl.org
Allow use of trusted certificates in SSL_CTX_use_chain_file()
2009-09-12 23:09:26 +00:00
Dr. Stephen Henson
53f062d050
PR: 2033
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS listen support.
2009-09-09 17:05:42 +00:00
Dr. Stephen Henson
9769137a43
Typo presumably...
2009-09-06 17:55:40 +00:00
Dr. Stephen Henson
c0688f1aef
Make update, deleting bogus DTLS error code
2009-09-06 15:55:54 +00:00
Dr. Stephen Henson
2e9802b7a7
PR: 2028
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Fix DTLS cookie management bugs.
2009-09-04 17:42:06 +00:00
Dr. Stephen Henson
54ed003ace
PR: 2009
...
Submitted by: "Alexei Khlebnikov" <alexei.khlebnikov@opera.com>
Approved by: steve@openssl.org
Avoid memory leak and fix error reporting in d2i_SSL_SESSION(). NB: although
the ticket mentions buffer overruns this isn't a security issue because
the SSL_SESSION structure is generated internally and it should never be
possible to supply its contents from an untrusted application (this would
among other things destroy session cache security).
2009-09-02 13:20:22 +00:00
Dr. Stephen Henson
f18e10253d
PR: 2022
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Fix DTLS record header length bug.
2009-09-02 12:53:32 +00:00
Dr. Stephen Henson
17f8d8db61
PR: 2006
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Do not use multiple DTLS records for a single user message
2009-08-26 11:51:23 +00:00
Richard Levitte
3798c36686
Include proper header files for time functions.
...
Submitted by Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>
2009-08-25 07:10:09 +00:00
Dr. Stephen Henson
5a96822f2c
Update default dependency flags.
...
Make error name discrepancies a fatal error.
Fix error codes.
make update
2009-08-12 17:08:44 +00:00
Dr. Stephen Henson
a4bade7aac
PR: 1997
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS timeout handling fix.
2009-08-12 13:21:26 +00:00
Dr. Stephen Henson
f45e8c7bdd
PR: 2000
...
Submitted by: Vadim Zeitlin <vz-openssl@zeitlins.org>
Approved by: steve@openssl.org
Make no-comp compile without warnings.
2009-08-05 15:29:14 +00:00
Dr. Stephen Henson
d7406b1528
PR: 1993
...
Fix from 0.9.8-stable.
2009-07-24 11:52:32 +00:00
Dr. Stephen Henson
5135d6b985
Fix error codes and indentation.
2009-07-15 11:32:58 +00:00
Dr. Stephen Henson
c8f759ec74
Stop warning of signed/unsigned compare.
2009-07-14 15:28:44 +00:00
Dr. Stephen Henson
cddd00166c
PR: 1984
...
Submitted by: Michael Tüxen <Michael.Tuexen@lurchi.franken.de>
Approved by: steve@openssl.org
Don't concatenate reads in DTLS.
2009-07-13 11:44:04 +00:00
Dr. Stephen Henson
c155d83f5b
Delete MD2 from algorithm tables and default compilation.
2009-07-08 08:50:53 +00:00
Dr. Stephen Henson
5a03e3ac3f
Fix from HEAD.
2009-07-04 12:05:14 +00:00
Dr. Stephen Henson
08b2097967
Update from HEAD.
2009-07-04 11:44:01 +00:00
Dr. Stephen Henson
2b3cd246e5
PR: 1962
...
Submitted by: Daniel Mentz <daniel.m@sent.com>
Reviewed by: steve@openssl.org
Fix "for dtls1_get_record() returns a bad record in one edge case" bug.
2009-07-01 11:29:01 +00:00
Dr. Stephen Henson
76ec9151d1
Update from 0.9.8-stable.
2009-06-30 22:26:28 +00:00
Dr. Stephen Henson
6c24dd9005
Typo.
2009-06-30 20:55:55 +00:00
Dr. Stephen Henson
29b0c4a01c
Add "missing" functions for setting all verify parameters for SSL_CTX and SSL
...
structures.
2009-06-30 11:57:24 +00:00
Dr. Stephen Henson
b824f0f458
Redundant check: s->param is always non-NULL, it is set in SSL_new().
2009-06-30 11:41:35 +00:00
Dr. Stephen Henson
43ea53a04a
Inherit parameters properly in SSL contexts: any parameters set should
...
replace those in the current list.
2009-06-30 11:21:00 +00:00
Dr. Stephen Henson
dbb834ffeb
Update from 0.9.8-stable.
2009-06-28 16:24:11 +00:00
Dr. Stephen Henson
887c250852
Update from 0.9.8-stable.
2009-06-26 15:04:22 +00:00
Dr. Stephen Henson
0cb76e79df
PR: 1748
...
Fix nasty SSL BIO pop bug. Since this changes the behaviour of SSL BIOs and
will break applications that worked around the bug only included in 1.0.0 and
later.
2009-06-25 11:26:45 +00:00
Dr. Stephen Henson
72d668c332
Update from HEAD.
2009-06-24 13:30:07 +00:00
Dr. Stephen Henson
3492c47b18
Update from HEAD.
2009-06-17 11:38:26 +00:00
Dr. Stephen Henson
85d9b02d16
Update from HEAD.
2009-06-16 16:55:01 +00:00
Dr. Stephen Henson
bfd502f027
Updates from HEAD.
2009-06-16 16:39:20 +00:00
Ben Laurie
6cfab29b71
Make depend.
2009-06-14 02:37:22 +00:00
Dr. Stephen Henson
55708796af
Update from HEAD.
2009-06-13 20:47:09 +00:00
Dr. Stephen Henson
7074f1df07
Stop gcc bracket warning.
2009-06-05 14:57:10 +00:00
Dr. Stephen Henson
4e63da0669
PR: 1950
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve@openssl.org
DTLS fragment retransmission bug.
2009-06-05 14:46:49 +00:00
Dr. Stephen Henson
4e66723517
Update from HEAD.
2009-06-02 11:23:30 +00:00
Dr. Stephen Henson
e1f09dfd84
PR: 1921
...
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Reviewed by: steve@openssl.org
Add ECDHE and PSK support to DTLS.
2009-05-31 17:11:24 +00:00
Dr. Stephen Henson
6e87cc8da6
Need definition of struct timeval for dtls1.h which broke WIN32 builds,
...
so include winsock.h. (might be a cleaner way to do this...)
2009-05-28 20:53:16 +00:00
Dr. Stephen Henson
cc1cb996f1
Submitted by: Artem Chuprina <ran@cryptocom.ru>
...
Reviewed by: steve@openssl.org
Fix to match latest GOST in TLS draft.
2009-05-28 18:10:47 +00:00
Dr. Stephen Henson
0454f2c490
PR: 1929
...
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org
Updated DTLS MTU bug fix.
2009-05-17 16:04:21 +00:00
Dr. Stephen Henson
abda7c1147
PR: 1931
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Fix fragment handling memory leak.
2009-05-16 16:22:11 +00:00
Dr. Stephen Henson
88b48dc680
PR: 1930
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Limit size of DTLS record buffer queue.
2009-05-16 16:17:46 +00:00
Dr. Stephen Henson
661d35dfb2
Disable ECDHE in DTLS in a cleaner way.
2009-05-16 11:16:15 +00:00
Dr. Stephen Henson
f99c9daa39
Make the stuff compile again, fix missing prototype warnings.
2009-05-16 11:14:55 +00:00
Dr. Stephen Henson
d6584eba8c
PR: 1922
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS Timer bug fix.
2009-05-15 22:58:13 +00:00
Richard Levitte
006c7c6bb1
Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
...
Thank you\!
(note: not tested for now, a few nightly builds should give indications though)
2009-05-15 16:37:08 +00:00
Dr. Stephen Henson
b3620451b2
PR: 1921
...
Submitted by: steve@openssl.org
Our DTLS implementation doesn't currently handle ECDHE so don't include
unsupported ciphers in client hello.
2009-05-13 16:25:35 +00:00
Dr. Stephen Henson
d2f17d9615
Print out DTLS versions too.
2009-05-13 16:24:12 +00:00
Dr. Stephen Henson
561cbe5678
PR: 1923
...
Submitted by: Daniel Mentz <daniel.m@sent.com>, Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Don't access freed data structure.
2009-05-13 11:51:30 +00:00
Dr. Stephen Henson
4e50f02638
If an SSLv2 method is explicitly asked for use the SSLv2 cipher string:
...
assume an application *really* wants SSLv2 if they do that.
Otherwise stick with the default which excludes all SSLv2 cipher suites.
2009-04-29 14:12:54 +00:00
Dr. Stephen Henson
174ea15647
Typo.
2009-04-28 22:35:42 +00:00
Dr. Stephen Henson
18f8258a87
PR: 1629
...
Submitted by: Kaspar Brand <ossl-rt@velox.ch>
Approved by: steve@openssl.org
Don't use extensions if using SSLv3: this chokes some broken servers.
2009-04-28 22:01:53 +00:00
Dr. Stephen Henson
82ae57136b
Some no-ec fixes (not complete yet).
2009-04-23 15:24:27 +00:00
Dr. Stephen Henson
b61a84c8e6
Fix WIN32 warnings.
2009-04-22 15:40:54 +00:00
Dr. Stephen Henson
a543ea44bc
Fix WIN32 warning.
2009-04-22 12:17:02 +00:00
Dr. Stephen Henson
b0dd3d1b94
Another kerberos fix.
2009-04-21 22:30:54 +00:00
Dr. Stephen Henson
21fb688d26
Some fixes for kerberos builds.
2009-04-21 22:20:12 +00:00
Dr. Stephen Henson
dfc8e96daa
Fix warning.
2009-04-21 15:11:59 +00:00
Dr. Stephen Henson
b452f43322
PR: 1751
...
Submitted by: David Woodhouse <dwmw2@infradead.org>
Approved by: steve@openssl.org
Compatibility patches for Cisco VPN client DTLS.
2009-04-19 18:03:13 +00:00
Dr. Stephen Henson
9990cb75c1
PR: 1894
...
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org
Fix various typos and stuff.
2009-04-16 17:22:51 +00:00
Dr. Stephen Henson
a5cc69c7ae
PR: 1900
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Remove unnecessary included header file.
2009-04-16 16:42:02 +00:00
Dr. Stephen Henson
c900a78c99
PR: 1828
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Updated DTLS Rentransmission bug patch.
2009-04-15 14:49:36 +00:00
Dr. Stephen Henson
46ffb2dc97
PR #1828 reverted: state save/restore incompatible with 1.0.0-stable.
2009-04-14 15:29:34 +00:00
Dr. Stephen Henson
aab790a656
PR: 1829
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS Timer Bug fix.
2009-04-14 14:33:12 +00:00
Dr. Stephen Henson
1319aad994
PR: 1647
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Update patch for PR#1647.
2009-04-14 14:22:26 +00:00
Dr. Stephen Henson
3c0ce01cea
PR: 1827
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Updated patch for PR #1827
2009-04-14 14:20:57 +00:00
Dr. Stephen Henson
9fcbefebdb
PR: 1828
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Update from 0.9.8-stable.
2009-04-14 14:19:46 +00:00
Dr. Stephen Henson
017d2a887f
PR: 1838
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Updated patch from 0.9.8-stable.
2009-04-14 14:18:16 +00:00
Dr. Stephen Henson
9ae5743515
Disable SSLv2 cipher suites by default and avoid SSLv2 compatible client
...
hello if no SSLv2 cipher suites are included. This effectively disables
the broken SSLv2 use by default.
2009-04-07 17:01:07 +00:00
Dr. Stephen Henson
c184b140df
Update from 0.9.8-stable.
2009-04-07 16:30:32 +00:00
Dr. Stephen Henson
9d80aa7e3f
Update from 0.9.8-stable
2009-04-07 12:10:59 +00:00
Dr. Stephen Henson
c9a1778134
Fix error codes.
2009-04-05 11:54:34 +00:00
Dr. Stephen Henson
2dd5ca1fbc
Make no-ssl2 work including on Win32 builds.
2009-04-04 17:57:34 +00:00
Dr. Stephen Henson
c6196da587
Update from 0.9.8-stable.
2009-04-02 22:28:52 +00:00
Dr. Stephen Henson
78625cac82
Submitted by: Victor Duchovni <Victor.Duchovni@morganstanley.com>
...
Reviewed by: steve@openssl.org
Check return value of sk_SSL_COMP_find() properly.
2009-03-12 17:30:29 +00:00
Ben Laurie
7587347bc4
Fix memory leak.
2009-02-23 16:40:59 +00:00
Ben Laurie
b3f3407850
Use new common flags and fix resulting warnings.
2009-02-15 14:08:51 +00:00
Dr. Stephen Henson
477fd4596f
PR: 1835
...
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org
Fix various typos.
2009-02-14 21:49:38 +00:00
Bodo Möller
d8e8fc4803
Put back a variable deleted by the previous revision,
...
but used in the code.
2009-02-01 01:08:13 +00:00
Richard Levitte
c7ba21493a
Hopefully resolve signed vs unsigned issue.
2009-01-28 07:09:23 +00:00
Dr. Stephen Henson
d7ecd42255
Fix warnings properly this time ;-)
2009-01-11 20:34:23 +00:00
Dr. Stephen Henson
211655fcdd
Fix sign-compare warnings.
2009-01-11 15:58:51 +00:00
Dr. Stephen Henson
bab534057b
Updatde from stable branch.
2009-01-07 23:44:27 +00:00
Lutz Jänicke
fceac0bc74
Fix compilation with -no-comp by adding some more #ifndef OPENSSL_NO_COMP
...
Some #include statements were not properly protected. This will go unnoted
on most systems as openssl/comp.h tends to be installed as a system header
file by default but may become visible when cross compiling.
2009-01-05 14:43:05 +00:00
Ben Laurie
4a94003a51
srvr_ecdh cannot be NULL at this point (Coverity ID 232).
2009-01-02 12:49:07 +00:00
Ben Laurie
d41c785d69
Document dead code.
2008-12-30 13:02:02 +00:00
Ben Laurie
2bd45dc94c
Apparently s->ctx could be NULL. (Coverity ID 147).
2008-12-29 16:15:27 +00:00
Ben Laurie
121f9e743c
Apparently s->ctx could be NULL at this point (see earlier
...
test). (Coverity ID 148).
2008-12-29 16:13:49 +00:00
Ben Laurie
0eab41fb78
If we're going to return errors (no matter how stupid), then we should
...
test for them!
2008-12-29 16:11:58 +00:00
Ben Laurie
8aa02e97a7
Make sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash.
...
(Coverity ID 135).
2008-12-29 13:35:08 +00:00
Ben Laurie
85e878f224
Die earlier if hash is NULL. (Coverity IDs 137 & 138).
2008-12-29 11:54:56 +00:00
Ben Laurie
fe1c7fecf1
Reverse incorrect earlier fix.
2008-12-29 11:47:08 +00:00
Ben Laurie
0e941da6fa
Die earlier if we have no hash function.
2008-12-29 11:46:44 +00:00
Ben Laurie
9b9cb004f7
Deal with the unlikely event that EVP_MD_CTX_size() returns an error.
...
(Coverity ID 140).
2008-12-27 02:09:24 +00:00
Ben Laurie
6ba71a7173
Handle the unlikely event that BIO_get_mem_data() returns -ve.
2008-12-27 02:00:38 +00:00
Dr. Stephen Henson
70531c147c
Make no-engine work again.
2008-12-20 17:04:40 +00:00
Ben Laurie
a9dbe71ee0
Back out pointless change.
2008-12-13 17:45:49 +00:00
Ben Laurie
ecd3370ba0
*** empty log message ***
2008-12-13 17:45:27 +00:00
Dr. Stephen Henson
349e78e2e8
Stop warning about different const qualifiers.
2008-11-24 17:39:42 +00:00
Ben Laurie
f3b7bdadbc
Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks.
2008-11-16 12:47:12 +00:00
Dr. Stephen Henson
12bf56c017
PR: 1574
...
Submitted by: Jouni Malinen <j@w1.fi>
Approved by: steve@openssl.org
Ticket override support for EAP-FAST.
2008-11-15 17:18:12 +00:00
Ben Laurie
774b2fe700
Aftermath of a clashing size_t fix (now only format changes).
2008-11-13 09:48:47 +00:00
Geoff Thorpe
6343829a39
Revert the size_t modifications from HEAD that had led to more
...
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
7b808412c9
Make -DKSSL_DEBUG work again.
2008-11-10 19:08:37 +00:00
Dr. Stephen Henson
c76fd290be
Fix warnings about mismatched prototypes, undefined size_t and value computed
...
not used.
2008-11-02 12:50:48 +00:00
Ben Laurie
5e4430e70d
More size_tification.
2008-11-01 16:40:37 +00:00
Ben Laurie
bfaead2b12
Fix warning.
2008-10-29 05:10:09 +00:00
Dr. Stephen Henson
ab7e09f59b
Win32 fixes... add new directory to build system. Fix warnings.
2008-10-27 12:31:13 +00:00
Dr. Stephen Henson
e19106f5fb
Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros
...
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.
This avoids the need for cmp_xxx variables and fixes unchecked const issues
with CHECKED_PTR_OF()
2008-10-22 15:43:01 +00:00
Dr. Stephen Henson
606f6c477a
Fix a shed load or warnings:
...
Duplicate const.
Use of ; outside function.
2008-10-20 15:12:00 +00:00
Lutz Jänicke
b8dfde2a36
Remove the DTLS1_BAD_VER thing from 0.9.9-dev. It is present in 0.9.8
...
but has been omitted from HEAD (0.9.9), see commit
http://cvs.openssl.org/chngview?cn=16627
by appro.
2008-10-13 06:45:59 +00:00
Lutz Jänicke
570006f3a2
Half of the commit for 0.9.8 as the bitmap handling has changed.
...
(Firstly... ommitted)
Secondly, it wasn't even _dropping_ the offending packets, in the
non-blocking case. It was just returning garbage instead.
PR: #1752
Submitted by: David Woodhouse <dwmw2@infradead.org>
2008-10-13 06:43:03 +00:00
Ben Laurie
babb379849
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
Ben Laurie
6665ef303e
Add missing DTLS1_BAD_VER (hope I got the value right).
2008-10-12 14:04:34 +00:00
Lutz Jänicke
7e7af0bc51
When the underlying BIO_write() fails to send a datagram, we leave the
...
offending record queued as 'pending'. The DTLS code doesn't expect this,
and we end up hitting an OPENSSL_assert() in do_dtls1_write().
The simple fix is just _not_ to leave it queued. In DTLS, dropping
packets is perfectly acceptable -- and even preferable. If we wanted a
service with retries and guaranteed delivery, we'd be using TCP.
PR: #1703
Submitted by: David Woodhouse <dwmw2@infradead.org>
2008-10-10 10:41:35 +00:00
Bodo Möller
837f2fc7a4
Make sure that SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG can't
...
enable disabled ciphersuites.
2008-09-22 21:22:47 +00:00
Bodo Möller
96562f2fb3
update comment
2008-09-14 19:50:55 +00:00
Bodo Möller
fcbdde0dfe
oops
2008-09-14 18:16:07 +00:00
Andy Polyakov
51ec776b7d
dtls1_write_bytes consumers expect amount of bytes written per call, not
...
overall.
PR: 1604
2008-09-14 17:56:15 +00:00
Bodo Möller
e65bcbcef0
Fix SSL state transitions.
...
Submitted by: Nagendra Modadugu
2008-09-14 14:02:07 +00:00
Bodo Möller
f8d6be3f81
Some precautions to avoid potential security-relevant problems.
2008-09-14 13:42:34 +00:00
Andy Polyakov
d493899579
DTLS didn't handle alerts correctly.
...
PR: 1632
2008-09-13 18:24:38 +00:00
Dr. Stephen Henson
3ad74edce8
Add SSL_FIPS flag for FIPS 140-2 approved ciphersuites and add a new
...
strength "FIPS" to represent all FIPS approved ciphersuites without NULL
encryption.
2008-09-10 16:02:09 +00:00
Dr. Stephen Henson
e8da6a1d0f
Fix from stable branch.
2008-09-03 22:17:11 +00:00
Dr. Stephen Henson
305514000c
Do not discard cached handshake records during resumed sessions:
...
they are used for mac computation.
2008-09-03 12:36:16 +00:00
Dr. Stephen Henson
0702150f53
Make no-tlsext compile.
2008-09-03 12:29:57 +00:00
Bodo Möller
1cbf663a6c
sanity check
...
PR: 1679
2008-08-13 19:45:06 +00:00
Geoff Thorpe
4c3296960d
Remove the dual-callback scheme for numeric and pointer thread IDs,
...
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).
Thanks to Bodo, for invaluable review and feedback.
2008-08-06 15:54:15 +00:00
Geoff Thorpe
99649b5990
Fix signed/unsigned warning.
2008-08-05 17:48:02 +00:00
Bodo Möller
474b3b1cc8
Fix error codes for memory-saving patch.
...
Also, get rid of compile-time switch OPENSSL_NO_RELEASE_BUFFERS
because it was rather pointless (the new behavior has to be explicitly
requested by setting SSL_MODE_RELEASE_BUFFERS anyway).
2008-08-04 22:10:38 +00:00
Dr. Stephen Henson
d4cdbab99b
Avoid warnings with -pedantic, specifically:
...
Conversion between void * and function pointer.
Value computed not used.
Signed/unsigned argument.
2008-07-04 23:12:52 +00:00
Geoff Thorpe
5f834ab123
Revert my earlier CRYPTO_THREADID commit, I will commit a reworked
...
version some time soon.
2008-07-03 19:59:25 +00:00
Dr. Stephen Henson
7555c9337f
Update from stable branch.
2008-06-05 15:13:45 +00:00
Dr. Stephen Henson
0b44c26d78
Remove test fprintf.
2008-06-04 22:39:05 +00:00
Dr. Stephen Henson
4db9677bac
Compilation option to use a specific ssl client auth engine automatically.
2008-06-04 22:34:38 +00:00
Ben Laurie
5ce278a77b
More type-checking.
2008-06-04 11:01:43 +00:00
Dr. Stephen Henson
59d2d48f64
Add support for client cert engine setting in s_client app.
...
Add appropriate #ifdefs round client cert functions in headers.
2008-06-03 11:26:27 +00:00
Dr. Stephen Henson
45d3767d28
Prevent signed/unsigned warning on VC++
2008-06-03 10:17:45 +00:00
Ben Laurie
8671b89860
Memory saving patch.
2008-06-03 02:48:34 +00:00
Dr. Stephen Henson
bdfe932dca
Release engine reference when calling SSL_CTX_free().
2008-06-01 23:06:48 +00:00
Dr. Stephen Henson
3fc59c8406
Allow ENGINE client cert callback to specify a set of other certs, for
...
the rest of the certificate chain. Currently unused.
2008-06-01 22:45:08 +00:00
Dr. Stephen Henson
c61915c659
Update error codes.
2008-06-01 22:34:40 +00:00
Dr. Stephen Henson
368888bcb6
Add client cert engine to SSL routines.
2008-06-01 22:33:24 +00:00
Dr. Stephen Henson
eafd6e5110
Update error codes, move typedef of SSL, SSL_CTX to ossl_typ.h
2008-06-01 21:18:47 +00:00
Bodo Möller
e194fe8f47
From HEAD:
...
Fix flaw if 'Server Key exchange message' is omitted from a TLS
handshake which could lead to a cilent crash as found using the
Codenomicon TLS test suite (CVE-2008-1672)
Reviewed by: openssl-security@openssl.org
Obtained from: mark@awe.com
2008-05-28 22:17:34 +00:00
Bodo Möller
40a706286f
From HEAD:
...
Fix double-free in TLS server name extensions which could lead to a remote
crash found by Codenomicon TLS test suite (CVE-2008-0891)
Reviewed by: openssl-security@openssl.org
Obtained from: jorton@redhat.com
2008-05-28 22:15:48 +00:00
Ben Laurie
3c1d6bbc92
LHASH revamp. make depend.
2008-05-26 11:24:29 +00:00
Lutz Jänicke
17a4a4dff8
Reword comment to be much shorter to stop other people from complaining
...
about "overcommenting".
2008-05-26 06:21:13 +00:00