wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/ssl
History
Matt Caswell 5e47008b61 Verify that we have a sensible message len and fail if not 
RT#3592 provides an instance where the OPENSSL_assert that this commit
replaces can be hit. I was able to recreate this issue by forcing the
underlying BIO to misbehave and come back with very small mtu values. This
happens the second time around the while loop after we have detected that the
MTU has been exceeded following the call to dtls1_write_bytes.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit cf75017bfd)
2014-12-03 09:30:21 +00:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c OPENSSL_NO_SOCK fixes [from HEAD]. 2012-04-16 17:43:02 +00:00
d1_both.c Verify that we have a sensible message len and fail if not 2014-12-03 09:30:21 +00:00
d1_clnt.c Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 15:17:36 +01:00
d1_lib.c Fixed memory leak due to incorrect freeing of DTLS reassembly bit mask 2014-11-26 10:11:25 +00:00
d1_meth.c Dual DTLS version methods. 2013-09-18 13:46:02 +01:00
d1_pkt.c Add checks to the return value of EVP_Cipher to prevent silent encryption failure. 2014-11-27 21:44:03 +00:00
d1_srtp.c Fix for SRTP Memory Leak 2014-10-15 08:54:26 -04:00
d1_srvr.c Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 15:17:36 +01:00
dtls1.h Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 15:17:36 +01:00
heartbeat_test.c Add conditional unit testing interface. 2014-07-24 19:42:26 +01:00
install-ssl.com Don't forget to install srtp.h as well 2012-05-10 15:01:26 +00:00
kssl.c make kerberos work with OPENSSL_NO_SSL_INTERN 2011-05-11 22:52:34 +00:00
kssl.h Fix for WIN32 builds with KRB5 2014-02-26 15:33:10 +00:00
kssl_lcl.h Some fixes for kerberos builds. 2009-04-21 22:20:12 +00:00
Makefile Delete unused file 2014-11-27 21:46:00 +00:00
s2_clnt.c RT2842: Remove spurious close-comment marker. 2014-09-08 10:50:33 -04:00
s2_enc.c Fix warning in ssl2_enc 2014-11-27 21:46:04 +00:00
s2_lib.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:04:55 +02:00
s2_meth.c Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
s2_pkt.c Check EVP_Cipher return values for SSL2 2014-11-27 21:46:04 +00:00
s2_srvr.c Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
s3_both.c [PR3597] Advance to the next state variant when reusing messages. 2014-11-28 23:31:28 +01:00
s3_cbc.c RT3066: rewrite RSA padding checks to be slightly more constant time. 2014-09-24 12:47:19 +02:00
s3_clnt.c Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 15:17:36 +01:00
s3_enc.c Add checks to the return value of EVP_Cipher to prevent silent encryption failure. 2014-11-27 21:44:03 +00:00
s3_lib.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:04:55 +02:00
s3_meth.c New option no-ssl3-method which removes SSLv3_*method 2014-11-19 22:54:30 +00:00
s3_pkt.c Add checks to the return value of EVP_Cipher to prevent silent encryption failure. 2014-11-27 21:44:03 +00:00
s3_srvr.c Do not resume a session if the negotiated protocol version does not match 2014-11-20 16:31:35 +01:00
s23_clnt.c Fix no-ssl3 configuration option 2014-10-15 08:54:26 -04:00
s23_lib.c Don't advertise ECC ciphersuits in SSLv2 compatible client hello. 2014-06-27 16:52:00 +01:00
s23_meth.c Backport TLS v1.2 support from HEAD. 2011-05-11 13:37:52 +00:00
s23_pkt.c Reorder inclusion of header files: 2002-07-10 07:01:54 +00:00
s23_srvr.c Keep old method in case of an unsupported protocol 2014-10-21 21:04:09 +02:00
srtp.h Add include of ssl.h which is required by srtp.h 2014-11-27 13:17:56 +00:00
ssl-lib.com Add t1_ext and ssl_utst to the VMS build as well. 2014-08-31 18:22:02 +02:00
ssl.h Corrected comments in ssl.h about SSLv23_method and friends 2014-11-25 22:24:34 +00:00
ssl2.h Initial "opaque SSL" framework. If an application defines OPENSSL_NO_SSL_INTERN 2011-05-11 12:56:38 +00:00
ssl3.h Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 15:17:36 +01:00
ssl23.h Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ssl_algs.c Add AES-NI+SHA256 stitch registrations (from master). 2014-02-02 00:05:02 +01:00
ssl_asn1.c fix coverity issue 966597 - error line is not always initialised 2014-05-07 23:57:00 +01:00
ssl_cert.c Remove redundant checks in ssl_cert_dup. This was causing spurious error messages when using GOST 2014-11-27 20:51:59 +00:00
ssl_ciph.c Allow ECDHE and DHE as forward-compatible aliases for EECDH and EDH 2014-11-10 10:58:49 +01:00
ssl_conf.c Add -no_resumption_on_reneg to SSL_CONF. 2014-03-27 15:51:25 +00:00
ssl_err.c Remove more references to dtls1_enc 2014-11-27 21:46:04 +00:00
ssl_err2.c Use new-style system-id macros everywhere possible. I hope I haven't 2001-02-20 08:13:47 +00:00
ssl_lib.c Copy negotiated parameters in SSL_set_SSL_CTX. 2014-10-24 14:01:01 +01:00
ssl_locl.h Remove more references to dtls1_enc 2014-11-27 21:46:04 +00:00
ssl_rsa.c Rename some callbacks, fix alignment. 2014-08-28 18:10:21 +01:00
ssl_sess.c Tighten session ticket handling 2014-10-28 17:38:23 +01:00
ssl_stat.c Remove all RFC5878 code. 2014-07-04 13:42:05 +01:00
ssl_task.c Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
ssl_txt.c Provisional DTLS 1.2 support. 2013-09-18 13:46:02 +01:00
ssl_utst.c Add conditional unit testing interface. 2014-07-24 19:42:26 +01:00
ssltest.c New option no-ssl3-method which removes SSLv3_*method 2014-11-19 22:54:30 +00:00
t1_clnt.c Use appropriate versions of SSL3_ENC_METHOD 2013-09-18 13:46:02 +01:00
t1_enc.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:04:55 +02:00
t1_ext.c Rename some callbacks, fix alignment. 2014-08-28 18:10:21 +01:00
t1_lib.c Fix SuiteB chain checking logic. 2014-11-20 22:14:29 +00:00
t1_meth.c Use appropriate versions of SSL3_ENC_METHOD 2013-09-18 13:46:02 +01:00
t1_reneg.c Update RI to match latest spec. 2009-12-27 22:59:09 +00:00
t1_srvr.c Use appropriate versions of SSL3_ENC_METHOD 2013-09-18 13:46:02 +01:00
t1_trce.c Adding padding extension to trace code. 2014-05-20 11:22:15 +01:00
tls1.h Allow ECDHE and DHE as forward-compatible aliases for EECDH and EDH 2014-11-10 10:58:49 +01:00
tls_srp.c Check SRP parameters early. 2014-08-06 20:41:53 +01:00