wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/ssl
History
Matt Caswell 72df35acf2 Tighten extension handling 
This adds additional checks to the processing of extensions in a ClientHello
to ensure that either no extensions are present, or if they are then they
take up the exact amount of space expected.

With thanks to the Open Crypto Audit Project for reporting this issue.

Reviewed-by: Stephen Henson <steve@openssl.org>

Conflicts:
	ssl/t1_lib.c
2015-06-10 10:32:05 +01:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
d1_both.c Check the message type requested is the type received in DTLS 2015-06-01 00:33:22 +01:00
d1_clnt.c Add more error state transitions (DTLS) 2015-05-05 20:09:14 +01:00
d1_enc.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
d1_lib.c Clear state in DTLSv1_listen 2015-06-02 09:12:39 +01:00
d1_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
d1_pkt.c Lost alert in DTLS 2015-05-22 10:24:49 +01:00
d1_srtp.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
d1_srvr.c Don't allow a CCS when expecting a CertificateVerify 2015-05-13 11:25:10 +01:00
dtls1.h Fix d2i_SSL_SESSION for DTLS1_BAD_VER 2015-02-27 20:32:49 +00:00
heartbeat_test.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
install-ssl.com Don't forget to install srtp.h as well 2012-05-10 15:01:22 +00:00
kssl.c Re-align some comments after running the reformat script. 2015-01-22 09:39:01 +00:00
kssl.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
kssl_lcl.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
Makefile Fix the update target and remove duplicate file updates 2015-05-23 11:22:10 +02:00
s2_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
s2_enc.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
s2_lib.c Fix reachable assert in SSLv2 servers. 2015-03-19 12:59:31 +00:00
s2_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
s2_pkt.c Add length sanity check in SSLv2 n_do_ssl_write() 2015-04-29 17:44:02 +01:00
s2_srvr.c Harden SSLv2-supporting servers against Bleichenbacher's attack. 2015-04-08 16:42:28 +02:00
s3_both.c Sanity check the return from final_finish_mac 2015-04-30 23:27:05 +01:00
s3_cbc.c Use CRYPTO_memcmp in s3_cbc.c 2015-06-08 15:05:08 +02:00
s3_clnt.c Remove misleading comment 2015-06-04 12:56:13 +01:00
s3_enc.c Cleanse buffers 2015-03-11 10:49:22 +00:00
s3_lib.c Rerun util/openssl-format-source -v -c . 2015-01-22 09:38:49 +00:00
s3_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
s3_pkt.c Don't send an alert if we've just received one 2015-05-25 23:11:02 +01:00
s3_srvr.c Clean premaster_secret for GOST 2015-06-04 12:56:13 +01:00
s23_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
s23_lib.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
s23_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
s23_pkt.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
s23_srvr.c Re-align some comments after running the reformat script. 2015-01-22 09:39:01 +00:00
srtp.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ssl-lib.com Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces 2014-10-15 10:49:24 +02:00
ssl.h Fix race condition in NewSessionTicket 2015-06-02 12:44:40 +01:00
ssl2.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ssl3.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ssl23.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ssl_algs.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ssl_asn1.c Fix d2i_SSL_SESSION for DTLS1_BAD_VER 2015-02-27 20:32:49 +00:00
ssl_cert.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ssl_ciph.c Remove export ciphers from the DEFAULT cipher list 2015-03-07 23:08:12 +01:00
ssl_err.c Fix race condition in NewSessionTicket 2015-06-02 12:44:40 +01:00
ssl_err2.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ssl_lib.c Check sk_SSL_CIPHER_new_null return value 2015-05-11 11:54:10 +01:00
ssl_locl.h Fix race condition in NewSessionTicket 2015-06-02 12:44:40 +01:00
ssl_rsa.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ssl_sess.c Fix Kerberos issue in ssl_session_dup 2015-06-10 10:02:16 +01:00
ssl_stat.c Add Error state 2015-05-05 20:07:48 +01:00
ssl_task.c Re-align some comments after running the reformat script. 2015-01-22 09:39:01 +00:00
ssl_txt.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ssl_utst.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
ssltest.c Fix ssltest to use 1024-bit DHE parameters 2015-05-26 12:41:51 +02:00
t1_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
t1_enc.c Sanity check EVP_CTRL_AEAD_TLS_AAD 2015-04-30 23:26:06 +01:00
t1_lib.c Tighten extension handling 2015-06-10 10:32:05 +01:00
t1_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
t1_reneg.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
t1_srvr.c Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
tls1.h Run util/openssl-format-source -v -c . 2015-01-22 09:38:39 +00:00
tls_srp.c Code style: space after 'if' 2015-04-16 13:51:51 -04:00