openssl/ssl
Richard Levitte 7a04b854d6 [PR3597] Advance to the next state variant when reusing messages.
Previously, state variant was not advanced, which resulted in state
being stuck in the st1 variant (usually "_A").

This broke certificate callback retry logic when accepting connections
that were using SSLv2 ClientHello (hence reusing the message), because
their state never advanced to SSL3_ST_SR_CLNT_HELLO_C variant required
for the retry code path.

Reported by Yichun Zhang (agentzh).

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-11-28 20:47:41 +01:00
..
.cvsignore Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
bio_ssl.c OPENSSL_NO_SOCK fixes. 2012-04-16 17:42:36 +00:00
d1_both.c Fixed memory leak due to incorrect freeing of DTLS reassembly bit mask 2014-11-26 10:10:21 +00:00
d1_clnt.c Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 14:57:15 +01:00
d1_lib.c Fixed memory leak due to incorrect freeing of DTLS reassembly bit mask 2014-11-26 10:10:21 +00:00
d1_meth.c Dual DTLS version methods. 2013-04-09 14:02:48 +01:00
d1_pkt.c Add checks to the return value of EVP_Cipher to prevent silent encryption failure. 2014-11-27 21:39:47 +00:00
d1_srtp.c Fix for SRTP Memory Leak 2014-10-15 08:56:16 -04:00
d1_srvr.c Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 14:57:15 +01:00
dtls1.h Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 14:57:15 +01:00
heartbeat_test.c Add conditional unit testing interface. 2014-07-24 19:41:29 +01:00
install-ssl.com Install srtp.h 2012-07-05 13:20:19 +00:00
kssl.c RT2848: Remove extra NULL check 2014-08-19 12:43:58 -04:00
kssl.h Fix for WIN32 builds with KRB5 2014-02-26 15:33:11 +00:00
kssl_lcl.h Merge from 1.0.0-stable branch. 2009-04-23 16:32:42 +00:00
Makefile Delete unused file 2014-11-27 21:40:16 +00:00
s2_clnt.c RT2842: Remove spurious close-comment marker. 2014-09-08 10:50:08 -04:00
s2_enc.c Fix warning in ssl2_enc 2014-11-27 21:41:17 +00:00
s2_lib.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:03:28 +02:00
s2_meth.c Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
s2_pkt.c Check EVP_Cipher return values for SSL2 2014-11-27 21:40:39 +00:00
s2_srvr.c Security framework. 2014-03-28 14:56:30 +00:00
s3_both.c [PR3597] Advance to the next state variant when reusing messages. 2014-11-28 20:47:41 +01:00
s3_cbc.c RT3066: rewrite RSA padding checks to be slightly more constant time. 2014-09-24 12:45:42 +02:00
s3_clnt.c Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 14:57:15 +01:00
s3_enc.c Add checks to the return value of EVP_Cipher to prevent silent encryption failure. 2014-11-27 21:39:47 +00:00
s3_lib.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:03:28 +02:00
s3_meth.c New option no-ssl3-method which removes SSLv3_*method 2014-11-19 18:11:37 +00:00
s3_pkt.c Add checks to the return value of EVP_Cipher to prevent silent encryption failure. 2014-11-27 21:39:47 +00:00
s3_srvr.c Do not resume a session if the negotiated protocol version does not match 2014-11-20 16:29:04 +01:00
s23_clnt.c Fix no-ssl3 configuration option 2014-10-15 08:56:16 -04:00
s23_lib.c Don't advertise ECC ciphersuits in SSLv2 compatible client hello. 2014-06-27 16:51:26 +01:00
s23_meth.c Initial incomplete TLS v1.2 support. New ciphersuites added, new version 2011-04-29 22:56:51 +00:00
s23_pkt.c Reorder inclusion of header files: 2002-07-10 07:01:54 +00:00
s23_srvr.c Keep old method in case of an unsupported protocol 2014-10-21 20:45:15 +02:00
srtp.h Add include of ssl.h which is required by srtp.h 2014-11-27 13:16:36 +00:00
ssl-lib.com Add d1_srtp and t1_trce. 2012-07-05 13:20:02 +00:00
ssl.h Corrected comments in ssl.h about SSLv23_method and friends 2014-11-25 22:23:24 +00:00
ssl2.h Initial "opaque SSL" framework. If an application defines 2011-04-29 22:37:12 +00:00
ssl3.h Ensure SSL3_FLAGS_CCS_OK (or d1->change_cipher_spec_ok for DTLS) is reset 2014-11-20 14:57:15 +01:00
ssl23.h Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
ssl_algs.c Add AES-SHA256 stitch. 2013-05-13 22:49:58 +02:00
ssl_asn1.c fix coverity issue 966597 - error line is not always initialised 2014-05-07 23:54:25 +01:00
ssl_cert.c Remove redundant checks in ssl_cert_dup. This was causing spurious error messages when using GOST 2014-11-27 20:50:44 +00:00
ssl_ciph.c RT1815: More const'ness improvements 2014-08-18 11:49:16 -04:00
ssl_conf.c Add -no_resumption_on_reneg to SSL_CONF. 2014-03-27 16:12:40 +00:00
ssl_err.c Remove more references to dtls1_enc 2014-11-27 21:40:59 +00:00
ssl_err2.c Use new-style system-id macros everywhere possible. I hope I haven't 2001-02-20 08:13:47 +00:00
ssl_lib.c Copy negotiated parameters in SSL_set_SSL_CTX. 2014-10-24 13:46:37 +01:00
ssl_locl.h Remove more references to dtls1_enc 2014-11-27 21:40:59 +00:00
ssl_rsa.c Rename some callbacks, fix alignment. 2014-08-28 17:06:53 +01:00
ssl_sess.c Tighten session ticket handling 2014-10-28 17:35:59 +01:00
ssl_stat.c Remove all RFC5878 code. 2014-07-04 13:26:35 +01:00
ssl_task.c Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
ssl_txt.c Add an NSS output format to sess_id to export to export the session id and the master key in NSS keylog format. PR#3352 2014-05-24 00:02:24 +01:00
ssl_utst.c Add conditional unit testing interface. 2014-07-24 19:41:29 +01:00
ssltest.c New option no-ssl3-method which removes SSLv3_*method 2014-11-19 18:11:37 +00:00
t1_clnt.c Use appropriate versions of SSL3_ENC_METHOD 2013-03-18 14:53:59 +00:00
t1_enc.c Support TLS_FALLBACK_SCSV. 2014-10-15 04:03:28 +02:00
t1_ext.c Rename some callbacks, fix alignment. 2014-08-28 17:06:53 +01:00
t1_lib.c Fix SuiteB chain checking logic. 2014-11-20 22:13:05 +00:00
t1_meth.c Use appropriate versions of SSL3_ENC_METHOD 2013-03-18 14:53:59 +00:00
t1_reneg.c Update RI to match latest spec. 2009-12-27 22:58:55 +00:00
t1_srvr.c Use appropriate versions of SSL3_ENC_METHOD 2013-03-18 14:53:59 +00:00
t1_trce.c Adding padding extension to trace code. 2014-05-20 11:09:04 +01:00
tls1.h Support TLS_FALLBACK_SCSV. 2014-10-15 04:03:28 +02:00
tls_srp.c Check SRP parameters early. 2014-08-06 20:36:41 +01:00