wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/ssl
History
Matt Caswell b8d2439562 Fix a hang with SSL_peek() 
If while calling SSL_peek() we read an empty record then we go into an
infinite loop, continually trying to read data from the empty record and
never making any progress. This could be exploited by a malicious peer in
a Denial Of Service attack.

CVE-2016-6305

GitHub Issue #1563

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-22 09:27:45 +01:00
..
record Fix a hang with SSL_peek() 2016-09-22 09:27:45 +01:00
statem Fix error message typo, wrong function code 2016-09-22 09:24:49 +01:00
bio_ssl.c Fix BIO_pop for SSL BIOs 2016-07-29 14:09:57 +01:00
build.info First pass at writing a writeable packets API 2016-09-13 09:41:21 +01:00
d1_lib.c Convert tls_construct_client_hello() to use PACKETW 2016-09-13 09:41:21 +01:00
d1_msg.c Whitespace cleanup in ssl folder 2016-06-29 09:56:39 -04:00
d1_srtp.c Convert tls_construct_client_hello() to use PACKETW 2016-09-13 09:41:21 +01:00
methods.c Indent ssl/ 2016-08-18 14:02:29 +02:00
packet.c Convert WPACKET_put_bytes to use convenience macros 2016-09-20 14:47:44 +01:00
packet_locl.h Convert WPACKET_put_bytes to use convenience macros 2016-09-20 14:47:44 +01:00
pqueue.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
s3_cbc.c Indent ssl/ 2016-08-18 14:02:29 +02:00
s3_enc.c Indent ssl/ 2016-08-18 14:02:29 +02:00
s3_lib.c Convert WPACKET_put_bytes to use convenience macros 2016-09-20 14:47:44 +01:00
s3_msg.c Indent ssl/ 2016-08-18 14:02:29 +02:00
ssl_asn1.c Indent ssl/ 2016-08-18 14:02:29 +02:00
ssl_cert.c Style tweaks following review feedback 2016-09-20 10:16:56 +01:00
ssl_ciph.c Remove trailing zeros 2016-08-26 15:18:07 -04:00
ssl_conf.c Indent ssl/ 2016-08-18 14:02:29 +02:00
ssl_err.c Don't allow too many consecutive warning alerts 2016-09-21 20:17:04 +01:00
ssl_init.c Indent ssl/ 2016-08-18 14:02:29 +02:00
ssl_lib.c Revert "Constify code about X509_VERIFY_PARAM" 2016-09-21 10:37:03 -04:00
ssl_locl.h Convert Certificate message construction to WPACKET 2016-09-20 10:16:56 +01:00
ssl_mcnf.c Indent ssl/ 2016-08-18 14:02:29 +02:00
ssl_rsa.c Indent ssl/ 2016-08-18 14:02:29 +02:00
ssl_sess.c Indent ssl/ 2016-08-18 14:02:29 +02:00
ssl_stat.c Add missing debug strings. 2016-09-07 16:08:38 -04:00
ssl_txt.c Indent ssl/ 2016-08-18 14:02:29 +02:00
ssl_utst.c Copyright consolidation 01/10 2016-05-17 14:19:19 -04:00
t1_enc.c Indent ssl/ 2016-08-18 14:02:29 +02:00
t1_ext.c Convert WPACKET_put_bytes to use convenience macros 2016-09-20 14:47:44 +01:00
t1_lib.c Fix a mem leak in NPN handling 2016-09-22 09:27:45 +01:00
t1_reneg.c Convert tls_construct_client_hello() to use PACKETW 2016-09-13 09:41:21 +01:00
t1_trce.c Ensure trace recognises X25519 2016-09-08 12:34:02 +01:00
tls_srp.c Indent ssl/ 2016-08-18 14:02:29 +02:00