wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/ssl
History
Emilia Kasper 8f0f9ffda3 Repair EAP-FAST session resumption 
EAP-FAST session resumption relies on handshake message lookahead
to determine server intentions. Commits
980bc1ec61
and
7b3ba508af
removed the lookahead so broke session resumption.

This change partially reverts the commits and brings the lookahead back
in reduced capacity for TLS + EAP-FAST only. Since EAP-FAST does not
support regular session tickets, the lookahead now only checks for a
Finished message.

Regular handshakes are unaffected by this change.

Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 6e3d015363)
2015-04-21 19:31:09 +02:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_both.c Code style: space after 'if' 2015-04-16 13:50:01 -04:00
d1_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_lib.c Fix Seg fault in DTLSv1_listen 2015-03-19 11:11:22 +00:00
d1_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_pkt.c Harmonize return values in dtls1_buffer_record 2015-03-10 13:52:32 -07:00
d1_srtp.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_srvr.c Don't send a for ServerKeyExchange for kDHr and kDHd 2015-03-24 22:42:30 +01:00
dtls1.h Fix d2i_SSL_SESSION for DTLS1_BAD_VER 2015-02-27 20:31:28 +00:00
heartbeat_test.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
install-ssl.com Don't forget to install srtp.h as well 2012-05-10 15:01:26 +00:00
kssl.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
kssl.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
kssl_lcl.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
Makefile make update 2015-04-21 17:50:36 +02:00
s2_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s2_enc.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s2_lib.c Fix reachable assert in SSLv2 servers. 2015-03-19 12:58:35 +00:00
s2_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s2_pkt.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
s2_srvr.c Harden SSLv2-supporting servers against Bleichenbacher's attack. 2015-04-08 16:28:42 +02:00
s3_both.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s3_cbc.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
s3_clnt.c Repair EAP-FAST session resumption 2015-04-21 19:31:09 +02:00
s3_enc.c Cleanse buffers 2015-03-11 10:45:23 +00:00
s3_lib.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s3_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s3_pkt.c Code style: space after 'if' 2015-04-16 13:50:01 -04:00
s3_srvr.c Error out immediately on empty ciphers list. 2015-04-17 18:44:35 +02:00
s23_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_lib.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_pkt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_srvr.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
srtp.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl-lib.com VMS fixups for 1.0.2 2015-01-07 02:15:35 +01:00
ssl.h Repair EAP-FAST session resumption 2015-04-21 19:31:09 +02:00
ssl2.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl3.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl23.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_algs.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_asn1.c Fix d2i_SSL_SESSION for DTLS1_BAD_VER 2015-02-27 20:31:28 +00:00
ssl_cert.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_ciph.c Remove export ciphers from the DEFAULT cipher list 2015-03-07 23:02:19 +01:00
ssl_conf.c Add support for ServerInfo SSL_CONF option. 2015-03-18 12:31:06 +00:00
ssl_err.c Repair EAP-FAST session resumption 2015-04-21 19:31:09 +02:00
ssl_err2.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_lib.c Add DTLS to SSL_get_version 2015-03-20 12:06:12 +00:00
ssl_locl.h fix warning 2015-03-08 17:31:48 +00:00
ssl_rsa.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_sess.c Fix ssl_get_prev_session overrun 2015-04-14 14:59:40 +01:00
ssl_stat.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_task.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
ssl_txt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_utst.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssltest.c Add DTLS support to ssltest 2015-03-20 12:09:22 +00:00
t1_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_enc.c Code style: space after 'if' 2015-04-16 13:50:01 -04:00
t1_ext.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_lib.c Code style: space after 'if' 2015-04-16 13:50:01 -04:00
t1_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_reneg.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_srvr.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_trce.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
tls1.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
tls_srp.c Code style: space after 'if' 2015-04-16 13:50:01 -04:00