openssl

History

Nick Mathewson 2016265dfb Do not include a timestamp in the Client/ServerHello Random field. Instead, send random bytes, unless SSL_SEND_{CLIENT,SERVER}RANDOM_MODE is set. This is a forward-port of commits: `4af793036f` `f4c93b46ed` `3da721dac9` `2583270191` While the gmt_unix_time record was added in an ostensible attempt to mitigate the dangers of a bad RNG, its presence leaks the host's view of the current time in the clear. This minor leak can help fingerprint TLS instances across networks and protocols... and what's worse, it's doubtful thet the gmt_unix_time record does any good at all for its intended purpose, since: * It's quite possible to open two TLS connections in one second. * If the PRNG output is prone to repeat itself, ephemeral handshakes (and who knows what else besides) are broken.		2013-10-21 03:37:20 +01:00
..
.cvsignore	Add emacs cache files to .cvsignore.	2005-04-11 14:17:07 +00:00
bio_ssl.c	OPENSSL_NO_SOCK fixes.	2012-04-16 17:42:36 +00:00
d1_both.c	Enable TLS 1.2 ciphers in DTLS 1.2.	2013-03-28 14:14:27 +00:00
d1_clnt.c	Dual DTLS version methods.	2013-04-09 14:02:48 +01:00
d1_enc.c	misspellings fixes by https://github.com/vlajos/misspell_fixer	2013-09-05 21:39:42 +01:00
d1_lib.c	Dual DTLS version methods.	2013-04-09 14:02:48 +01:00
d1_meth.c	Dual DTLS version methods.	2013-04-09 14:02:48 +01:00
d1_pkt.c	DTLS version usage fixes.	2013-09-17 18:55:41 +01:00
d1_srtp.c	Submitted by: Eric Rescorla <ekr@rtfm.com>	2012-02-11 22:53:31 +00:00
d1_srvr.c	DTLS message_sequence number wrong in rehandshake ServerHello	2013-08-13 18:53:19 +01:00
dtls1.h	Dual DTLS version methods.	2013-04-09 14:02:48 +01:00
install-ssl.com	Install srtp.h	2012-07-05 13:20:19 +00:00
kssl.c	Version skew reduction: trivia (I hope).	2012-06-03 22:00:21 +00:00
kssl.h	make kerberos work with OPENSSL_NO_SSL_INTERN	2011-05-11 22:50:18 +00:00
kssl_lcl.h	Merge from 1.0.0-stable branch.	2009-04-23 16:32:42 +00:00
Makefile	make depend.	2013-02-21 18:17:38 +00:00
s2_clnt.c	Experimental encrypt-then-mac support.	2013-09-08 13:14:03 +01:00
s2_enc.c	Experimental encrypt-then-mac support.	2013-09-08 13:14:03 +01:00
s2_lib.c	Add ctrl and utility functions to retrieve raw cipher list sent by client in	2012-09-12 13:57:48 +00:00
s2_meth.c	Type-checked (and modern C compliant) OBJ_bsearch.	2008-10-12 14:32:47 +00:00
s2_pkt.c	Add and use a constant-time memcmp.	2013-02-06 14:16:55 +00:00
s2_srvr.c	Experimental encrypt-then-mac support.	2013-09-08 13:14:03 +01:00
s3_both.c	DTLS revision.	2013-03-18 14:36:43 +00:00
s3_cbc.c	misspellings fixes by https://github.com/vlajos/misspell_fixer	2013-09-05 21:39:42 +01:00
s3_clnt.c	Do not include a timestamp in the Client/ServerHello Random field.	2013-10-21 03:37:20 +01:00
s3_enc.c	Experimental encrypt-then-mac support.	2013-09-08 13:14:03 +01:00
s3_lib.c	Tidy up comments.	2013-09-13 16:24:22 +01:00
s3_meth.c	Type-checked (and modern C compliant) OBJ_bsearch.	2008-10-12 14:32:47 +00:00
s3_pkt.c	ssl/s3_pkt.c: add initial multi-block encrypt.	2013-10-08 23:40:09 +02:00
s3_srvr.c	Do not include a timestamp in the Client/ServerHello Random field.	2013-10-21 03:37:20 +01:00
s23_clnt.c	Do not include a timestamp in the Client/ServerHello Random field.	2013-10-21 03:37:20 +01:00
s23_lib.c	Fix warnings.	2010-06-12 14:13:23 +00:00
s23_meth.c	Initial incomplete TLS v1.2 support. New ciphersuites added, new version	2011-04-29 22:56:51 +00:00
s23_pkt.c	Reorder inclusion of header files:	2002-07-10 07:01:54 +00:00
s23_srvr.c	Add three Suite B modes to TLS code, supporting RFC6460.	2012-08-15 15:15:05 +00:00
srtp.h	move internal functions to ssl_locl.h	2011-11-21 22:52:13 +00:00
ssl-lib.com	Add d1_srtp and t1_trce.	2012-07-05 13:20:02 +00:00
ssl.h	Do not include a timestamp in the Client/ServerHello Random field.	2013-10-21 03:37:20 +01:00
ssl2.h	Initial "opaque SSL" framework. If an application defines	2011-04-29 22:37:12 +00:00
ssl3.h	Tidy up comments.	2013-09-13 16:24:22 +01:00
ssl23.h	Import of old SSLeay release: SSLeay 0.9.0b	1998-12-21 10:56:39 +00:00
ssl_algs.c	Add AES-SHA256 stitch.	2013-05-13 22:49:58 +02:00
ssl_asn1.c	Version skew reduction: trivia (I hope).	2012-06-03 22:00:21 +00:00
ssl_cert.c	Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)	2013-09-06 13:59:13 +01:00
ssl_ciph.c	Experimental encrypt-then-mac support.	2013-09-08 13:14:03 +01:00
ssl_conf.c	Extend SSL_CONF	2013-10-20 22:07:36 +01:00
ssl_err.c	Show useful errors.	2013-09-25 12:45:48 +01:00
ssl_err2.c	Use new-style system-id macros everywhere possible. I hope I haven't	2001-02-20 08:13:47 +00:00
ssl_lib.c	More cleanup.	2013-09-06 13:59:14 +01:00
ssl_locl.h	Do not include a timestamp in the Client/ServerHello Random field.	2013-10-21 03:37:20 +01:00
ssl_rsa.c	Show useful errors.	2013-09-25 12:45:48 +01:00
ssl_sess.c	Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)	2013-09-06 13:59:13 +01:00
ssl_stat.c	Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)	2013-09-06 13:59:13 +01:00
ssl_task.c	Security fixes brought forward from 0.9.7.	2002-11-13 15:43:43 +00:00
ssl_txt.c	Experimental encrypt-then-mac support.	2013-09-08 13:14:03 +01:00
ssltest.c	More cleanup.	2013-09-06 13:59:14 +01:00
t1_clnt.c	Use appropriate versions of SSL3_ENC_METHOD	2013-03-18 14:53:59 +00:00
t1_enc.c	Experimental encrypt-then-mac support.	2013-09-08 13:14:03 +01:00
t1_lib.c	Prevent use of RSA+MD5 in TLS 1.2 by default.	2013-10-20 22:07:35 +01:00
t1_meth.c	Use appropriate versions of SSL3_ENC_METHOD	2013-03-18 14:53:59 +00:00
t1_reneg.c	Update RI to match latest spec.	2009-12-27 22:58:55 +00:00
t1_srvr.c	Use appropriate versions of SSL3_ENC_METHOD	2013-03-18 14:53:59 +00:00
t1_trce.c	Provisional DTLS 1.2 support.	2013-03-26 15:16:41 +00:00
tls1.h	Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)	2013-09-06 13:59:13 +01:00
tls_srp.c	PR: 1794	2011-12-14 22:17:06 +00:00