wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/ssl
History
Matt Caswell d272599277 Tighten extension handling 
This adds additional checks to the processing of extensions in a ClientHello
to ensure that either no extensions are present, or if they are then they
take up the exact amount of space expected.

With thanks to the Open Crypto Audit Project for reporting this issue.

Reviewed-by: Stephen Henson <steve@openssl.org>

Conflicts:
	ssl/t1_lib.c
2015-06-10 10:24:49 +01:00
..
.cvsignore
bio_ssl.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_both.c Check the message type requested is the type received in DTLS 2015-06-01 00:30:56 +01:00
d1_clnt.c Add more error state transitions (DTLS) 2015-05-05 20:05:21 +01:00
d1_lib.c Fix Seg fault in DTLSv1_listen 2015-03-19 11:11:22 +00:00
d1_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_pkt.c Lost alert in DTLS 2015-05-22 09:44:44 +01:00
d1_srtp.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
d1_srvr.c Don't allow a CCS when expecting a CertificateVerify 2015-05-13 11:21:01 +01:00
dtls1.h Fix d2i_SSL_SESSION for DTLS1_BAD_VER 2015-02-27 20:31:28 +00:00
heartbeat_test.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
install-ssl.com Don't forget to install srtp.h as well 2012-05-10 15:01:26 +00:00
kssl.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
kssl.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
kssl_lcl.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
Makefile Fix the update target and remove duplicate file updates 2015-05-23 06:25:12 +02:00
s2_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s2_enc.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s2_lib.c Fix reachable assert in SSLv2 servers. 2015-03-19 12:58:35 +00:00
s2_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s2_pkt.c Add length sanity check in SSLv2 n_do_ssl_write() 2015-04-29 17:23:45 +01:00
s2_srvr.c Harden SSLv2-supporting servers against Bleichenbacher's attack. 2015-04-08 16:28:42 +02:00
s3_both.c Sanity check the return from final_finish_mac 2015-04-30 23:21:53 +01:00
s3_cbc.c Use CRYPTO_memcmp in s3_cbc.c 2015-06-08 15:04:28 +02:00
s3_clnt.c Remove misleading comment 2015-06-04 12:53:45 +01:00
s3_enc.c Cleanse buffers 2015-03-11 10:45:23 +00:00
s3_lib.c Remove export static DH ciphersuites 2015-05-23 00:01:45 +01:00
s3_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s3_pkt.c Don't send an alert if we've just received one 2015-05-25 17:52:27 +01:00
s3_srvr.c Clean premaster_secret for GOST 2015-06-04 12:53:43 +01:00
s23_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_lib.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_pkt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
s23_srvr.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
srtp.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl-lib.com VMS fixups for 1.0.2 2015-01-07 02:15:35 +01:00
ssl.h Fix race condition in NewSessionTicket 2015-06-02 09:30:31 +01:00
ssl2.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl3.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl23.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_algs.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_asn1.c Fix d2i_SSL_SESSION for DTLS1_BAD_VER 2015-02-27 20:31:28 +00:00
ssl_cert.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_ciph.c Remove export ciphers from the DEFAULT cipher list 2015-03-07 23:02:19 +01:00
ssl_conf.c Add support for ServerInfo SSL_CONF option. 2015-03-18 12:31:06 +00:00
ssl_err.c Fix race condition in NewSessionTicket 2015-06-02 09:30:31 +01:00
ssl_err2.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_lib.c Fix typo setting up certificate masks 2015-05-23 00:01:48 +01:00
ssl_locl.h Fix race condition in NewSessionTicket 2015-06-02 09:30:31 +01:00
ssl_rsa.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_sess.c Fix Kerberos issue in ssl_session_dup 2015-06-10 09:37:01 +01:00
ssl_stat.c Add Error state 2015-05-05 19:50:12 +01:00
ssl_task.c Re-align some comments after running the reformat script. 2015-01-22 09:31:48 +00:00
ssl_txt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssl_utst.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
ssltest.c Fix ssltest to use 1024-bit DHE parameters 2015-05-26 12:42:40 +02:00
t1_clnt.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_enc.c Sanity check EVP_CTRL_AEAD_TLS_AAD 2015-04-30 23:21:50 +01:00
t1_ext.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_lib.c Tighten extension handling 2015-06-10 10:24:49 +01:00
t1_meth.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_reneg.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_srvr.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
t1_trce.c Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
tls1.h Run util/openssl-format-source -v -c . 2015-01-22 09:31:38 +00:00
tls_srp.c Code style: space after 'if' 2015-04-16 13:50:01 -04:00